Cisco Catalyst

Compatibility

The below instruction pertains to Cisco Catalyst 9800-CL Wireless Controller

Social WiFi has been tested and is proven to work on the following configurations:

Cisco Catalyst 9800-CL set up on KVM

versions up to 17.3.4c

Cisco AIR-CAP3702I-E-K9

versions compatibile with the Controller (installs as the AP provisions)

Accessing the device’s administration panel

Configure the controller

Go to Configuration -> Security -> Web Auth.

Click in to the global profile and make sure that the "Virtual IPv4 Address" is set as 192.0.2.1.

Press Apply.

Now, Add a new profile by clicking the Add button.

Press Apply to Device.

After you've created the profile, click on it and configure as follows:

On the General tab:

On the Advanced tab:

Click Update & Apply.

Go to Configuration -> Security -> AAA.

In the Servers / Groups and next Servers tab click +Add.

Press Apply to Device.

Go the Server Groups tab and press +Add.

Press Apply to Device.

Next, go to the AAA Method List tab. Make sure that1 Authentication is selected and press +Add. On the General tab:

Press Apply to Device.

Switch to the Accounting tab on the left and click +Add.

Press Apply to Device.

Now, go to the AAA Advanced tab. Make sure you're in "Global Config" and press Show Advanced Settings >>>. You should see "Radius Attributes" drop down. Configure as follows:

Accounting

Authentication

Press Apply to Device.

Now, go to the Configuration -> Security -> URL Filters. Click +Add.

URLs

*.fbcdn.net
*.licdn.com
*.twimg.com
*.ytimg.com
twitter.com
facebook.com
linkedin.com
sw-login.com
*.youtube.com
yt3.ggpht.com
*.facebook.com
*.linkedin.com
api.twitter.com
apis.google.com
ssl.gstatic.com
*.googleapis.com
fonts.google.com
*.googlevideo.com
accounts.google.*
fonts.gstatic.com
accounts.youtube.com
connect.facebook.net
login.socialwifi.com
www.googleadservices.com
www.googletagmanager.com
googleads.g.doubleclick.net

Press Apply to Device.

Go to the Configuration -> Tags & Policies -> WLANs. Click +Add or edit an existing WLAN.

On the General tab:

Go to the Security - Layer2 tab and set the Layer 2 Security Mode as "None" and MAC Filtering as Disabled. Leave rest as default.

In the Security - Layer 3 tab, click Show Advanced Settings >>> and configure as follows:

Press Apply to Device or Update & Apply to Device.

Now, go to Configuration -> Tags & Profiles -> Policy and press +Add. Leave all settings at default apart from the following:

On the General tab:

On the Access Policies tab:

URL Filters - "guest_url_filter"

On the Advanced tab:

Click Apply to Device to save.

Next, go to Configuration > Tags & Profiles > Tags. Click +Add.

Click Apply to Device to save.

Go to Administration > Management > HTTP/HTTPS/Netconf and make sure that HTTP and HTTPS Access are Enabled.

Now you need to disable secure webauth. You can do it from the controllers CLI. Please run these commands:

enable
configure terminal
parameter-map type webauth global
webauth-http-enable
secure-webauth-disable

Go to Configuration -> Wireless → Access Points.
Copy the MAC addresses of the Access Points you would like to add to Social WiFi platform. You will have to change the format (from "xxxx.xxxx.xxxx" to "xx:xx:xx:xx:xx:xx")
Go to the Social WiFi Panel.
Choose the place to which you would like to add the device.
In the “Access Points” tab, press “Add” (upper right corner), paste the MAC address you copied into the form (adding a name is optional) and click “Create”.