Compatibility

Social WiFi has been tested and is proven to work on the following configurations:

UniFi Network Controller

  • versions between 5.6.22 and 5.12.72.0

Access point firmware

  • version 4.0.21 or lower
  • versions between 4.0.48 and 4.3.13.11253

An example working setup consists of a UAP AC Lite device running firmware version 4.0.54 and UniFi Network Controller version 5.11.39.

Known issues – firmware 4.0.42

Access point firmware version 4.0.42 is known to NOT work with captive portal solutions, Social WiFi included. If you have upgraded the firmware, please downgrade it to version 4.0.21 to continue using Social WiFi. Unfortunately, there’s nothing we can do on our side to fix the problem, but we’re working closely with Ubiquiti to try resolve the problem.

Update (24.07.2019): The problems with broken guest portal in firmware version 4.0.42 are reported in forums in multiple threads: thread 1thread 2.
Ubiquiti has confirmed that they are aware of the issue and are working on a fix in a thread available to Early Access members here.

We have tested the newest Release Candidate firmwares and they fix the problem. You can get version 4.0.48 here or version 4.0.49 here.

If you are on firmware 4.0.42 we recommend to update to version 4.0.49 found here. It’s a Release Candidate version, not yet available when upgrading through controller UI. Alternatively, if you insist on staying on version 4.0.42, you can try using an ebtables workaround described here.

Update (23.08.2019): Firmware 4.0.54 has been officially released as stable. It was tested by us and proven to work correctly. You can upgrade your APs using the Controller.
If you are on firmware 4.0.42 we recommend upgrading to 4.0.54 as soon as possible to avoid service interruption.

Known issues – firmware 4.0.21+

Access point firmware version 4.0.21 requires an additional file to be installed on the controller (config.properties). If you have previously installed Social WiFi on an older firmware (e.g. 4.0.15) and want to upgrade it to 4.0.21, make sure to install the additional file as mentioned in the “Uploading the files” section.

Best practices

Following the rules below will guarantee that your guest WiFi service is working reliably:

  • We’ve observed that new stable releases of controller software and access point firmware tend to break existing captive portal installations, Social WiFi included. We recommend to postpone doing the update until a version is listed as ‘confirmed to work’ on this page.
  • When doing firmware upgrades, always start with one device, apply the update, check if Social WiFi works and only then proceed with upgrading the rest of the devices.
  • The controller should be installed according to the producer’s instructions. In order to ensure proper functioning of our service, it is necessary to open appropriate ports on the server on which the UniFi Controller is running according to these instructions.

Configuring Wireless Network

Log in to your UniFi controller and click the Settings icon (gear icon on the bottom left side).
On the menu on the left, under Wireless Networks, click Create New Wireless Network and configure as such:

  • Name/SSID: Guest WiFi (or any name of your choice)
  • Enabled: Enabled
  • Security: Open
  • Guest Policy: Enabled

Click Save to apply.

Wireless Networks

Wireless Networks settings

Configuring Guest Control

Next, click on Guest Control and configure it as such:

Under the Guest Policies header:

  • Enable Guest Portal: Enabled
  • Authentication: Hotspot
  • Landing Page: Redirect to the original URL
  • Use Secure Portal: Disabled
  • Redirect using hostname: Disabled
  • Enable HTTPS Redirection: Disabled
  • Enable encrypted redirect URL: Disabled (option available since Controller version 5.10.12)

Under the Portal Customization header:

  • Template Engine: AngularJS
  • Override Default Templates: Enabled

Guest Control settings

Under the Hotspot header:

  • RADIUS: Enabled – Enable RADIUS-based authorization

Under the RADIUS header:

  • Profile: click Create New RADIUS Profile and configure as such:
  • Profile Name: socialwifi
  • RADIUS Auth Server: 35.205.62.147
  • Port: 31812
  • Password/Shared Secret: Radius Secret available in Access Points tab of the Social WiFi Panel
  • Accounting: Disabled

Click Save to continue.

  • Authentication type: CHAP

Radius settings

Radius profile

Radius Profile settings

Under the Access Control → Pre-Authorization header enter the following IP addresses:

Mandatory:

35.198.68.173/32
35.190.70.141/32
35.205.62.147/32

If you wish to support social network logins, you also need to add further IP’s as per below for each network you plan to support.

For the time being, adding Google addresses will result in our popup window not being displayed. In order to properly display the window, we are not providing the list of Google addresses. Please check this article for a more detailed explanation behind this.

Facebook

31.13.24.0/21
31.13.64.0/18
31.13.96.0/19
45.64.40.0/22
66.220.144.0/20
69.63.176.0/20
69.171.224.0/19
74.119.76.0/22
102.132.96.0/20
103.4.96.0/22
129.134.0.0/16
130.211.0.0/22
157.240.0.0/16
173.252.64.0/18
179.60.192.0/22
185.60.216.0/22
204.15.20.0/22

Twitter

72.21.80.0/20
104.244.42.0/23
104.244.46.0/24
192.133.76.0/22
199.16.156.0/22
199.59.148.0/22
199.96.56.0/21

LinkedIn

8.22.161.0/24
8.39.53.0/24
64.152.25.0/24
65.156.227.0/24
91.225.248.0/23
103.20.94.0/23
108.174.0.0/22
108.174.4.0/24
108.174.8.0/22
108.174.12.0/23
108.177.96.0/19
144.2.0.0/22
144.2.192.0/24
185.63.144.0/23
185.63.147.0/24
192.229.233.0/24
199.101.161.0/24
216.52.16.0/23
216.52.18.0/24
216.52.20.0/23
216.52.22.0/24
www.linkedin.com
static-exp1.licdn.com
media-exp1.licdn.com
static.licdn.com

These IP ranges are subject to change depending on the social network setup.

Click Apply Changes to save.

Access Control settings

Access Control settings

Uploading the files

Now, you will need to copy three files on to the controller so that it correctly redirects and authenticates:

  • index.html
  • auth.html
  • config.properties

Download them by clicking here and extract the archive.

If you are not sure how to copy the files on to the controller, please refer to another article – Adding files into CloudKey Controller.

Uploading index.html and auth.html

In the extracted archive, you will find two files (index.html and auth.html) in the ubiquity_unifi/app-unifi-hotspot-portal sub-directory. Copy them to your UniFi controller hotspot directory.

Make sure the files have the correct permissions after copying them to the directory. The permissions should be the same as those for the existing files.

The directory is typically located at the below location:

  • Windows: C:\Users\<username>\Ubiquiti UniFi\data\sites\default\app-unifi-hotspot-portal
  • MAC: ~/Library/Application Support/UniFi/data/sites/default/app-unifi-hotspot-portal

If the files are not found in the above directory, they can be found in Applications → Right Click on UniFi app → Show Package Contents, then navigate to /Contents/Resources/data/sites/default/app-unifi-hotspot-portal

  • Linux: /usr/lib/unifi/data/sites/default/app-unifi-hotspot-portal
  • CloudKey: /srv/unifi/data/sites/default/app-unifi-hotspot-portal

If you have created another Site in the controller or removed the Default Site, replace name default in the folder structure with the string of characters displayed in your URL after accessing the proper Site – the corresponding folder is the right one.

Uploading config.properties

In the extracted archive, you will find one additional file (config.properties) in the ubiquity_unifi subdirectory. Copy it to your UniFi controller site directory.
This is not the same directory as the one used for the index.html and auth.html files.

The directory is typically located at the below location:

  • Windows: C:\Users\<username>\Ubiquiti UniFi\data\sites\default
  • MAC: ~/Library/Application Support/UniFi/data/sites/default

If the files are not found in the above directory, they can be found in Applications → Right Click on UniFi app → Show Package Contents, then navigate to /Contents/Resources/data/sites/default

  • Linux: /usr/lib/unifi/data/sites/default
  • CloudKey: /srv/unifi/data/sites/default

If you have created another Site in the controller or removed the Default Site, replace name default in the folder structure with the string of characters displayed in your URL after accessing the proper Site – the corresponding folder is the right one.

After uploading the files

Please double-check if all three files are in the correct directories.

Here’s an example directory structure on Linux before Social WiFi installation:

UniFi Controller on Linux before Social WiFi installation

Here’s an example directory structure for Linux after Social WiFi installation:

UniFi Controller on Linux after Social Wifi installation

UniFi Controller on Windows after SocialWifi installation

UniFi Controller on Windows after SocialWifi installation

Force Provision

After adding files into your controller every Access Point needs to be Forced Provisioned
That method allows files to be loaded into device.

    • Click on your Access Point

    • After that you will see menu of your device. Click on Config (gearwheel). On the bottom there is Manage Device.

    • After that there will be plenty of options. Find Force Provision section and click Provision

    • Click Confirm and after that your device will be provisioned. If you have more than one Unifi AP, process needs to be repeated for each device.

Adding the device to Social WiFi Panel

In order to add a device to Social WiFi platform:

  • Access your account in the Social WiFi Panel.
  • Choose the correct venue to which you would like to add the device.
  • In the “Access Points” tab, press “Add” (upper right corner), paste the MAC address you copied into the form (adding a name is optional) and click “Create”.

Test the solution

Tags

Comments are closed