🇬🇧 English

Cisco Catalyst

Compatibility

The below instruction pertains to Cisco Catalyst 9800-CL Wireless Controller

Social WiFi has been tested and is proven to work on the following configurations:

Cisco Catalyst 9800-CL set up on KVM

  • versions up to 17.3.4c

Cisco AIR-CAP3702I-E-K9

  • versions compatibile with the Controller (installs as the AP provisions)

Accessing the device’s administration panel

  • Log in to the administration panel with root permissions and go to Network.

Configure the controller

Go to Configuration -> Security -> Web Auth.

Click in to the global profile and make sure that the "Virtual IPv4 Address" is set as 192.0.2.1.

Press Apply.

Now, Add a new profile by clicking the Add button.

Press Apply to Device.

After you've created the profile, click on it and configure as follows:

On the General tab:

On the Advanced tab:

Click Update & Apply.

Go to Configuration -> Security -> AAA.

In the Servers / Groups and next Servers tab click +Add.

Press Apply to Device.

Go the Server Groups tab and press +Add.

Press Apply to Device.

Next, go to the AAA Method List tab. Make sure that1 Authentication is selected and press +Add. On the General tab:

Press Apply to Device.

Switch to the Accounting tab on the left and click +Add.

Press Apply to Device.

Now, go to the AAA Advanced tab. Make sure you're in "Global Config" and press Show Advanced Settings >>>. You should see "Radius Attributes" drop down. Configure as follows:

Accounting

Authentication

Press Apply to Device.

Now, go to the Configuration -> Security -> URL Filters. Click +Add.

URLs

*.fbcdn.net
*.licdn.com
*.twimg.com
*.ytimg.com
twitter.com
facebook.com
linkedin.com
sw-login.com
*.youtube.com
yt3.ggpht.com
*.facebook.com
*.linkedin.com
api.twitter.com
apis.google.com
ssl.gstatic.com
*.googleapis.com
fonts.google.com
*.googlevideo.com
accounts.google.*
fonts.gstatic.com
accounts.youtube.com
connect.facebook.net
login.socialwifi.com
www.googleadservices.com
www.googletagmanager.com
googleads.g.doubleclick.net

Press Apply to Device.

Go to the Configuration -> Tags & Policies -> WLANs. Click +Add or edit an existing WLAN.

On the General tab:

Go to the Security - Layer2 tab and set the Layer 2 Security Mode as "None" and MAC Filtering as Disabled. Leave rest as default.

In the Security - Layer 3 tab, click Show Advanced Settings >>> and configure as follows:

Press Apply to Device or Update & Apply to Device.

Now, go to Configuration -> Tags & Profiles -> Policy and press +Add. Leave all settings at default apart from the following:

On the General tab:

On the Access Policies tab:

URL Filters - "guest_url_filter"

On the Advanced tab:

Click Apply to Device to save.

Next, go to Configuration > Tags & Profiles > Tags. Click +Add.

Click Apply to Device to save.

Go to Administration > Management > HTTP/HTTPS/Netconf and make sure that HTTP and HTTPS Access are Enabled.

Now you need to disable secure webauth. You can do it from the controllers CLI. Please run these commands:

enable
configure terminal
parameter-map type webauth global
webauth-http-enable
secure-webauth-disable

Adding the device to Social WiFi platform

  • Go to Configuration -> Wireless → Access Points.

  • Copy the MAC addresses of the Access Points you would like to add to Social WiFi platform. You will have to change the format (from "xxxx.xxxx.xxxx" to "xx:xx:xx:xx:xx:xx")

  • Go to the Social WiFi Panel.

  • Choose the place to which you would like to add the device.

  • In the “Access Points” tab, press “Add” (upper right corner), paste the MAC address you copied into the form (adding a name is optional) and click “Create”.

PreviousCiscoNextCisco Meraki

Last updated