Ubiquiti UniFi

Configuration instructions for UniFi Network Application (controller) with version 7.4+.

Prerequisites

Before starting the installation, please make sure that you meet the following requirements.

  • Social WiFi needs direct access to the controller so it must be reachable through the internet with a static, public IP address and port. This usually means that you'll need to configure port-forwarding on your router. If you need, you can whitelist our IP address (read further down the page to learn about the "use proxy" flag).

  • If you log in to the controller using unifi.ui.com, make sure that you have a direct access to the controller via public IP as well. Social WiFi will not work with "remote access" via unifi.ui.com.

  • "UniFi Network Application" (the controller) must be always online. A mobile app, which you might have used for initial configuration is not enough. You'll need either a hardware controller (e.g. UniFi Dream Machine) or a software controller running on your server or externally hosted.

If you have no idea about public IP addresses and/or configuring firewalls or simply struggle to do it yourself, please check out this article or reach out to our support team at support@socialwifi.com . We'll guide your through a 5 min. process of establishing a secure tunnel between your UniFi network and our service, which makes our service work in any environment (without port-forwarding and public IP address).

Compatibility

Social WiFi has been tested and is proven to work on the following configurations:

UniFi Network Controller

  • versions 7.4 and above (tested up to 8.2.93)

This guide is created using the newest 8.2.93 version.

Access point firmware

  • versions 4.0.48 or newer (tested up to 6.6.73)

Social WiFi configuration

WiFi and Hotspot settings

Go to the Settings -> WiFi and create a new WiFi network if you haven't yet. If you already have an existing guest WiFi network, you can simply edit it.

Set your SSID name, go to the "Advanced" tab and select Manual. Make sure that Hotspot Portal is checked.

Now, scroll down and set the "Security Protocol" as Open.

Press Add WiFi Network on the left lower corner.

Now, click on the created SSID, and then click on Hotspot Portal:

Now, go to Hotspot(1) -> Landing Page(2).

While in the "Hotspot" section, click on the Authentication settings(1) and select External Portal Server(2) at the bottom. Enter the Server IP in the pop up window and press Save.

One Way MethodsExternal Portal Server

External Portal

35.190.70.141

Now, click Save in the bottom right corner of the window and switch to the "Settings" tab from the menu on the right. Configure as follows:

Default Expiration

*default is 8h - can be changed if needed

Landing Page Settings: Show Landing Page: HTTPS Redirection Support: Encrypted URL: Secure Portal: Domain:

Checked Unchecked Unchecked Unchecked Checked

Domain

login.socialwifi.com

Now, proceed with adding the Allowed Authorization Access entries in the bottom right as described below.

Allowed Authorization Access

Add the following "Allowed Authorization Access" domains:

Mandatory:

socialwifi.com
sw-login.com

Facebook login:

facebook.com
fbcdn.net

Facebook remarketing pixel:

connect.facebook.net
www.facebook.com

Google login:

accounts.google.com
accounts.google.jp - example regional domain
ssl.gstatic.com
fonts.gstatic.com
fonts.google.com
accounts.youtube.com
googleapis.com
apis.google.com

Please remember to add your regional accounts.google domain (for example: Japan - accounts.google.jp) manually.

Google remarketing tag:

www.googletagmanager.com
www.googleadservices.com
googleads.g.doubleclick.net

Youtube widget on login pages:

youtube.com
ytimg.com
yt3.ggpht.com
googlevideo.com

Twitter login:

twitter.com
api.twitter.com
api.x.com
twimg.com

LinkedIn login:

linkedin.com
licdn.com

Click Save.

Add controller to the Social WiFi Panel

Now, in your Social WiFi Panel, go to the Access Points -> UniFi Integrations and press Add in the upper right corner.

Configure your integration as follows:

HostnamePublic IP address or hostname of the controller

Port

Port of the controller *

Username

Your UniFi user login

Password

Your UniFi user password

* Usually 443 (UDM/UDR/CloudKey Gen2) or 8443 (software controller)

If you don't know where to find the IP address(1) and Port(2), please look at the screenshot below. Also, please note that in the search bar the IP address and port are separated by the ":" mark.

Instead of using your personal username and password, we recommend creating a new user, dedicated for Social WiFi access. Read more.

If your controller has strict inbound firewall rules in place, enable the "Use proxy" checkbox. This options will make the login process slightly slower, but will guarantee that the traffic from Social WiFi originates from single IP address: 35.195.85.135 which you can add to your firewall allowlist.

After you press Create, you will see a list of sites inside your controller. Pick the site that you've configured in the previous steps.

As you select the correct site, press Save selected site on the right lower corner.

Now, you will see that the integration has been added. Press Import Access Points in order to import all the MAC addresses that you've provisioned in the previously set UniFi site.

You will be able to select APs that you want Social WiFi to work on. Press Import selected.

After adding the Access Points, you should see The integration and all the Access Points that are attached to it.

Test the solution

Test the solution Connect with the WiFi network. You should see a login page. Go through the login process and, once finished, you should have internet access. You should see first connections and authorizations in the Social WiFi Panel’s statistics section.

Troubleshooting

Symptom: after connecting to the WiFi network, on the last step which is clicking the "Connect to the internet button" you're not getting connected to the internet.

Solution: UniFi Access Points function as a DNS Proxy. Ensure that the domains are resolving correctly and that the Access Points have an active internet connection.

Last updated