πŸ‡¬πŸ‡§ English

Huawei AC

Prerequisites

This guide assumes that you are using an external DHCP server for your access points as well as Access Controller and that your access point is already managed by the Access controller.

Compatibility

Social WiFi has been tested and proven to work for this setup, but should work with any other combination that supports the firmware listed below. Access Point used for this guide: Huawei AirEngine5761-11

Access Point version number: V200R020C10SPC100 Controller used for this guide: Huawei AC 6005-8-PWR

Controller version number: V200R019C00SPC500

Walled garden

Go to Configuration -> Security -> ACL.

Now, from the tabs at the top select Domain Name Configuration and press Create.

Add all of the domains below one at the time and set the Domain name ID respectively starting from 1.

Mandatory

sw-login.com
login.socialwifi.com

Facebook remarketing pixel

connect.facebook.net
*.facebook.com

Google remarketing tag

www.googletagmanager.com
www.googleadservices.com
googleads.g.doubleclick.net

YouTube widget on login pages

*.youtube.com
*.ytimg.com
*.googlevideo.com
yt3.ggpht.com

Google login

accounts.google.com
accounts.google.co.uk - example regional domain
  You must also add your regional domain for "accounts.google.com", for example "accounts.google.co.uk" if you are in the UK
ssl.gstatic.com
fonts.gstatic.com
fonts.google.com
accounts.youtube.com
*.googleapis.com
apis.google.com

Facebook login

facebook.com
*.fbcdn.net

Twitter login

api.twitter.com
twitter.com
*.twimg.com

LinkedIn login

*.licdn.com
linkedin.com
*.linkedin.com

Next you need to switch to the User ACL Settings tab and click Create.

Configure as follows:

Now, proceed with adding all the rules added before in the "Domain Name Configuration" by clicking on Add Rule and adding one at the time and set the "Rule ID" respectively starting from 1.

Add each rule as follows:

Add all the domains needed for your Social WiFi login page.

You also must add two additional rules in this step to make captive portal login possible, configure as follows:

In the "Dest port number" , the "8000" must be the same as "Port number for listening to HTTP packets" in previous External Portal -> HTTP Protocol.

"Dest IP" value (8.8.8.8 in this example) must be set as the DNS IP address for guest network.

Captive Portal configuration

Now, switch tabs to Configuration -> Security -> AAA. From the menu at the top, select External Portal and configure as follows:

If the controller has SSL certificate added correctly, you also can set the protocol as HTTPS-based.

Next, under the Portal "Authentication Server" list, click Create. Configure as follows:

Scroll down to the "URL Option Settings" and configure as follows:

In the "Login URL keyword/Login URL" , the "8000" must be the same as "Port number for listening to HTTP packets" in previous External Portal -> HTTP Protocol.

Leave the "Parameter Parsing Configuration" config as default.

Now, go to the "RADIUS" tab and click on Create to add a new RADIUS server.

Configure like this:

Then, click on Create Server.

Click OK to confirm. Make sure that the server you've created appears on the list:

SSID configuration

Go to Configuration -> Config Wizard -> Wireless Service.

Click Create and go through the wizard, set the SSID name in the first step and click Next to access the second panel "2. Security Authentication".

For "Security Settings" select Portal (applicable to enterprise networks). In the "External Portal Server Configuration" and "External RADIUS Server Configuration" under "Server template name" select the previously created templates from the dropdown menu "..." (refer to the images below).

Click Next at the bottom of the screen.

Now, under the Binding the AP group, from the dropdown menu "..." select your AP group (this example uses "default" group.

Click Finish to save the configuration. Next, go to Configuration -> AP Config -> Profile.

From the menu on the left, go to Wireless Service -> VAP Profile -> *your SSID name* -> Authentication Profile -> Authentication-free Rule Profile.

From "Authentication-free Rule Profile" dropdown menu, select the "default_free_rule" profile.

Configure as follows:

Click Apply.

Please make sure to click Save after the configuration in order to save all the changes made.

Add the access points to Social WiFi panel

The setup of the controller is now finished. The last step is to add all access points to the Social WiFi platform.

Go to Ap Config -> AP Config -> AP Info -> AP List in the menu on the left.

Now, switch to Social WiFi Panel, go to Access Points tab, click the Add button and paste the MAC addresses of all of your Access Points controller by the Huawei AC. Click Create.

Test the solution

Connect with the WiFi network. You should see a login page. Go through the login process and, once finished, you should have internet access. You should see first connections and authorizations in the Social WiFi Panel’s statistics section.

PreviousHuaweiNextExtreme Networks

Last updated