TP Link Omada
Compatibility
Social WiFi has been tested and is proven to work on the following configurations:
Omada Cloud-based Controller
Version 5.6.0 and above (tested up to 5.14)
You will need a paid Standard plan on the TP Link Omada Cloud-based controller.
As of September 2024, a new Essentials controller plan is available, but lacks the required functionality to setup a Captive Portal.
Omada Software Controller
Controller V4: unsupported
Controller V5: versions 5.3.1 and newer (tested up to 5.12.7)
Due to upcoming security changes in Google Chrome browser, affecting Windows and Android devices, the minimum supported controller version is 5.3.1. This is the first release that includes a fix that makes captive portals work even when Google Chrome starts enforcing new security rules (currently planned for Q1 2023).
Access the administration panel
This guide assumes using the web based UI of the controller, which you can access by entering the IP address of the device in your browser. E.g. if the controller is installed on a local machine, enter: http://127.0.0.1:8088. The screenshots are based on controller version 4.4.3.
Alternatively, if your device is managed from Omada Cloud, you can access the management UI from there.
Wireless network configuration
If you don’t have a wireless network configured yet, go to Settings → Wireless Networks and click the Create New Wireless Network button.
Use the following settings:
Band
2.4GHz and 5GHz (or only one of them, if you prefer)
Guest Network
Enable
Security
None (preferred for guest WiFi)
Apply
RADIUS configuration
Go to Settings → Authentication → RADIUS Profile and click the Create New RADIUS Profile button.
Use the following settings:
Authentication Server IP
35.205.62.147
Authentication Port
31812
Authentication Password
RADIUS Accounting
Enable
Interim Update
Enable
Accounting Server IP
35.205.62.147
Accounting Port
31813
Accounting Password:
Save
Portal configuration
Go to Settings → Authentication → Portal and click the Create New Portal button.
Use the following settings:
Portal
Enable
SSID & Network
Social WiFi
Authentication Type
RADIUS Server
Authentication Timeout
8 hours (change it, if you want to kick people sooner or later)
RADIUS Profile
socialwifi
NAS ID
Can be anything, you can leave the default value
Portal Logout:
Not Enabled
Authentication Mode
PAP
Portal Customization
External Web Portal: http://login.socialwifi.com
HTTPS Redirection
Not Enabled (recommended)
Landing Page
The Original URL
Apply
Access Control configuration
Go to Settings → Authentication → Portal and click the Access Control tab at the top. Click Enable next to Pre-Authentication Access. Click the (+) Add button.
Now you’ll need to add the following domains. Change IP Range to URL and for each domain add an entry. You can add more entries by clicking the (+) Add New Pre-Authentication Access Entry button.
Mandatory
Facebook remarketing pixel
Google remarketing tag
YouTube widget on login pages
Not supported, because TP-Link Omada controller does not support wildcards in URLs.
Google login
Facebook login
Twitter login
LinkedIn login
When finished, press Save and then Apply.
Add the access points to Social WiFi panel
The setup of the controller is now finished. The last step is to add all access points to the Social WiFi platform.
Go to Devices in the menu on the left. We need to display the MAC address for each device. In order to do that, click on the three dots icon, just next to the Actions column. Click on the checkbox next to MAC Address. The MAC ADDRESS column will be added. You will need those MAC addresses in the next step.
Now, switch to Social WiFi Panel, go to Access Points tab, click the Add button and paste the MAC addresses of all of your access points controlled by the Omada controller. Click Create.
Test the solution
Connect with the WiFi network. You should see a login page. Go through the login process and, once finished, you should have internet access. You should see first connections and authorizations in the Social WiFi Panel’s statistics section.
Firewall troubleshooting
Symptom: after connecting to the WiFi network, on the last step which is clicking the "Connect to the internet button" you're not getting connected to the internet.
Solution: it might be the case that you have a firewall that blocks traffic between the WiFi device and the controller. You might either have explicit blocking rules on the firewall, or simply have separate VLANs for the guests and the controller and the traffic between them might be blocked as well. In this case you have to unlock specific ports. For example:
TCP 8088 (When the clients visit the Portal page via an HTTP connection)
TCP 8843 (When the clients visit the Portal page via an HTTPS connection)
More details on firewall configuration are available under this link:
Last updated