What do I need?
Before you configure this appliance, you will need a RADIUS Server license. You can reach out to firstname.lastname@example.org to obtain one.
- Once you have the license, paste it in Space Settings > Integrations > Radius
- Save the settings and then click on "Manage Radius Servers".
- Click on "Add Radius Server" and give it a meaningful name and a description. Choose the correct appliance vendor
- Once the server is created you can access its details to get the IP addresses, port numbers and secrets to used in the configuration of the appliance below.
How to configure the appliance?
- Log in the Cisco WLC Web-Browser interface and go to Advanced Settings
- Go to Security -> Access Control Lists and add two new ACL rules permitting connections to the captive portal:
- Source: Any, Destination: 18.104.22.168 netmask 255.255.255.255, protocol TCP, Dest port 443, Action: Permit
- Source 22.214.171.124 netmask 255.255.255.255, Destination: Any, protocol TCP, Source port 443, Action: Permit
You may also want to add the following IPs to your rules:
XYZ.spaces.nexudus.com (XYZ is the subdomain of your account as found in System > Spaces > your space name > Web Address.)
- Go to Security -> Web Auth -> Web Login Page and change Web Authentication Type to External (redirect to external server). Add the External Webauth URL. The URL here should be "
This page looks by default like this:
". XYZ is the subdomain of your account as found in System > Spaces > your space name > Web Address.
- Go to Security -> RADIUS -> Authentication, add new RADIUS Authentication Servers and enter IP Address, Port and Shared Secret from the details of the Radius Server provided when you created the Radius Server above.
- Go to Security -> RADIUS -> Accounting, add new RADIUS Accounting Servers and enter IP Address, Port and Shared Secret from the details of the Radius Server provided when you created the Radius Server above.
- Go to WLANs, select existing or create new WLAN and open WLAN settings page.
- Click on the Security tab, Layer 2 and set Layer 2 Security to None
- Click on the Layer 3 tab and set Layer 3 Security to Web Policy, select the Authentication radio button and select your new ACL for Preauthentication ACL
- Click on the AAA Servers tab and select IronWifi RADIUS authentication and accounting servers. You can also set Interim Interval to 180 seconds or higher.
- Finally, click on the Save Configuration link to save and apply new settings