The below instruction pertains to Cisco WLCs of 2504 and 5520 series with IOS 8.2.166.0

1. Accessing the device’s administrative panel

Log in to the administrative panel with root permissions and press Advanced.

2. Device configuration

2.1 RADIUS configuration

Security → AAA → Radius → Authentication

  • Auth Called Station ID Type: AP MAC Address
  • MAC Delimiter: Hyphen

Security → AAA → Radius → Authentication → New

  • Server IP Address: 35.205.62.147
  • Shared Secret Format: ASCII
  • Shared Secret: Radius Secret available in Access Points tab of the Social WiFi Panel
  • Confirm Shared Secret: Radius Secret available in Access Points tab of the Social WiFi Panel
  • Server Status: Enabled
  • Server Timeout: 3 seconds
  • Network User: Enable – on
  • Apply

Security → AAA → Radius → Accounting → New

  • Server IP Address: 35.205.62.147
  • Shared Secret Format: ASCII
  • Shared Secret: Radius Secret available in Access Points tab of the Social WiFi Panel
  • Confirm Shared Secret: Radius Secret available in Access Points tab of the Social WiFi Panel
  • Port Number: 31813
  • Server Status: Enabled
  • Server Timeout: 3 seconds
  • Network User: Enable – on
  • Apply

2.2 DNS Walled Garden Configuration

Security → Access Control Lists → Access Control Lists → New

  • Access Control List Name: sw_walledgarden
  • ACL Type: IPv4
  • Apply

Hover the coursor over the blue icon on the right side of sw_walledgarden text and press “Add/Remove URL”.

Add these entries one by one:

sw-login.com
*.socialwifi.com
socialwifi.com
*.facebook.com
facebook.com
*.fbcdn.net
fbcdn.net
accounts.google.com
ssl.gstatic.com
fonts.google.com
linkedin.com
*.linkedin.com
*.licdn.net
*.licdn.com
twitter.com
*.twitter.com
*.twimg.com
storage.googleapis.com

2.3 Captive Portal/Hotspot configuration

Security → Web Auth → Web Login Page

Web Authentication Type: External (Redirect to external server)
Redirect URL after login : [leave empty]
External Webauth URL: https://login.socialwifi.com/

2.4 Network settings configuration

WLANs → WLAN ID / Create New → Security

Layer 2

  • Layer 2 Security: None

Layer 3

  • Layer 3 Security: Web Policy

Authentication

  • Preauthentication ACL: IPv4 sw_walledgarden
  • IPv6: None
  • WebAuth FlexAcl: None

AAA Servers

  • Authentication Servers Enabled: Yes
  • Server 1: IP:35.205.62.147, Port:31812
  • Accounting Servers Enabled: Yes
  • Server 1 : IP:35.205.62.147, Port:31813
  • Radius Server Accounting Interim Update: Yes
  • Radius Server Accounting Interim Interval: 600
  • Apply

3. Adding the device to Social WiFi platform

Monitor → Access Points → Radios → 802.11a/n/ac or 802.11b/g/n

  • Copy the MAC addresses of the Access Points you would like to add to Social WiFi platform.
  • Go to the Social WiFi Panel.
  • Choose the place to which you would like to add the device.
  • In the “Access Points” tab, press “Add” (upper right corner), paste the MAC address you copied into the form (adding a name is optional) and click “Create”.

4. Testing the platform!

Tags

Comments are closed