Cisco WLC


The below instruction pertains to Cisco WLCs of 2504 and 5520 series with IOS

Social WiFi has been tested and is proven to work on the following configurations:

Cisco 2500 Series Wireless Controller

  • versions up to

Cisco AIR-CAP3702I-E-K9

  • versions compatibile with the Controller

Accessing the device’s administrative panel

Log in to the administrative panel with root permissions and press Advanced.

Device configuration

RADIUS configuration

Security → AAA → Radius → Authentication

Security → AAA → Radius → Authentication → New

Press Apply.

Now, configure as follows:

Press Apply.

Now, in the menu on the left go to the AAA → Radius → Accounting tab and add new accounting server.

Press Apply.

DNS Walled Garden Configuration

Now, go to the Access Control Lists → Access Control Lists in the same tab and press New... to add a new list.

Press Apply.

Hover the coursor over the blue icon on the right side of sw_walledgarden text and press “Add/Remove URL”.

Add these entries one by one:

Cisco WLC has a limit of 20 entries for URL ACL and the above list doesn’t include rules for a YouTube widget on the login splash page. If you want to use this widget, please contact us.

Captive Portal/Hotspot configuration

Now, go to the Security -> Web Auth → Web Login Page and configure as follows:

Press Apply.

Go to Management → HTTP-HTTPS and disable WebAuth SecureWeb and HTTPS Redirection:

From now on you'll probably be prompted that you must reboot the device in order for the changes to take place. You can proceed with the guide and reboot the device after everything is configured.

Press Apply.

In the Controller → Interfaces section, make sure that the “virtual” interface’s address is not set to (it used to be the default value). If it is, change it to

Network settings configuration

Now, go to the WLANs → WLANs and create the WLAN network or edit if you already have one.

On the upper right press the Go button next to "Create New".

Press Apply.

Edit your WLAN and go to security Layer 2 tab. Set "Layer 2 Security" as None.

Next, go to the Layer 3 tab and configure as follows:

Go to AAA Servers tab and configure as follows:

Press Apply.

After completing the authorization process you will see a "logout" tab open. It can be disabled using an CLI command:

"config custom-web logout-popup disable"

Adding the device to Social WiFi platform

Monitor → Access Points → Radios → 802.11a/n/ac or 802.11b/g/n

  • Copy the MAC addresses of the Access Points you would like to add to Social WiFi platform.

  • Choose the place to which you would like to add the device.

  • In the “Access Points” tab, press “Add” (upper right corner), paste the MAC address you copied into the form (adding a name is optional) and click “Create”.

Thats the end of the configuration and you can test the service by logging in through your Access Point.

Last updated