The following instructions outline how to setup a Cisco Enterprise Level device for the Marketing4WIFi Platform. Please make sure any firewall rules, web content filters, and other security measures have been configured to interface with the Smart WiFi Platform.
Step 1) Radius
Click Security on the top navigation panel, then click the AAA tab on the left.
- Security Tab – AAA – Radius Authentication
Add the following server information for RADIUS Authentication for Splash Page: 52.23.46.139 You can confirm your platform environment under Operator Customizations. 3.132.31.3 You can confirm your platform environment under Operator Customizations. 52.207.192.243 You can confirm your platform environment under Operator Customizations. 3.18.137.68 You can confirm your platform environment under Operator Customizations.
Host 1: Select one
Port: 1812
Secret: Available in the Edit Hotspot page in the Marketing4WiFi dashboard, called RADIUS Secret in the dashboard.
Host 2: Select one
Port: 1812
Secret: Available in the Edit Hotspot page in the Marketing4WiFi dashboard, called RADIUS Secret in the dashboard.
Create the Radius Authentication Server 1
Create the Radius Authentication Server 2
- Security Tab – AAA – Radius Accounting
Add the following server information for RADIUS Accounting for Splash Page: 52.23.46.139 You can confirm your platform environment under Operator Customizations. 3.132.31.3 You can confirm your platform environment under Operator Customizations. 52.207.192.243 You can confirm your platform environment under Operator Customizations. 3.18.137.68 You can confirm your platform environment under Operator Customizations.
Host 1: Select one
Port: 1813
Secret: Available in the Edit Hotspot page in the Marketing4WiFi dashboard, called RADIUS Secret in the dashboard.
Host 2: Select one
Port: 1813
Secret: Available in the Edit Hotspot page in the Marketing4WiFi dashboard, called RADIUS Secret in the dashboard.
Radius Accounting Server 1
Radius Accounting Server 2
- AP Policies
Accept Self Signed Certificate(SSC): Enabled
Accept Manufactured Installed Certificate(MIC): Enabled
Step 2) Web Auth and ACL
Click on the Security tab on the Top navigation Bar.
- Security Tab – Web Auth – Web Login Page
Web authentication type: External (Redirect to external server)
Redirect URL after login: Select one
https://splash.4wifi.net/hotspotlogin.php?res=success
You can confirm your platform environment under Operator Customizations.
https://splash.4wifi-e2.net/hotspotlogin.php?res=success
You can confirm your platform environment under Operator Customizations.
External Webauth URL: Select one
https://splash.4wifi.net/hotspotlogin.php
You can confirm your platform environment under Operator Customizations.
https://splash.4wifi-e2.net/hotspotlogin.php
You can confirm your platform environment under Operator Customizations.
- Access Control Lists
- Create a new IPv4 ACL.
- Click the name of the new ACL. Hover your cursor over the blue drop-down arrow, choose Add-Remove URL from the drop-down list to open the URL List page.
- Please add all the Default walled garden entries.
Step 3) WLAN
Click on WLANs on the top navigation bar then click the WLANs tab to the left. Create a new WLAN. (If you have an existing WLAN intended for use for Guest WiFi you can edit that WLAN)
- WLAN – General Tab
Profile Name: SmartWiFi (Or whatever you would like)
SSID: SmartWiFi (Or whatever you would like)
Status: Enabled
Broadcast SSID: Enabled
NAS-ID: Available in the Edit Hotspot page in the Marketing4WiFi dashboard, called SWS/Hotspot/NAS-ID.
- WLAN – Security – Layer 3 Tab
Make sure to apply the appropriate PreAuthentication ACL list created previously in this document.
Layer 3 Security: Web Policy
Authentication: Enable
Pre-Authentication ACL: Use the ACL created earlier.
Override Global Config: Enable
Web Auth Type: External(Re-direct to an external server)
Redirect URL: Select one
https://splash.4wifi.net/hotspotlogin.php?res=success
You can confirm your platform environment under Operator Customizations.
https://splash.4wifi-e2.net/hotspotlogin.php?res=success
You can confirm your platform environment under Operator Customizations.
- WLAN – Security – AAA Servers Tab
Authentication Servers: Enable 52.23.46.139 You can confirm your platform environment under Operator Customizations. 3.132.31.3 You can confirm your platform environment under Operator Customizations. 52.207.192.243 You can confirm your platform environment under Operator Customizations. 3.18.137.68 You can confirm your platform environment under Operator Customizations. 52.23.46.139 You can confirm your platform environment under Operator Customizations. 3.132.31.3 You can confirm your platform environment under Operator Customizations. 52.207.192.243 You can confirm your platform environment under Operator Customizations. 3.18.137.68 You can confirm your platform environment under Operator Customizations.
Server 1: Select one
Server 2: Select one
Accounting Servers: Enable
Server 1: Select one
Server 2: Select one
Interim Update: Enabled
Interim Interval: 900
Authentication priority order for web-auth user-
Not used: LOCAL, LDAP
Order used for Authentication: RADIUS
- WLAN – Advanced Tab
Allow AAA Override: Enable
Enable Session Timeout: Enabled
Session Timeout: 43200
Step 4) HTTPS and Secure Webauth
- Management Tab – HTTP-HTTPS
- WebAuth SecureWeb: Disabled
- HTTPS Redirection: Disabled