What do I need?
Before you configure this appliance, you will need a RADIUS Server license. You can reach out to firstname.lastname@example.org to obtain one.
- Once you have the license, paste it in Space Settings > Integrations > Radius
- Save the settings and then click on "Manage Radius Servers".
- Click on "Add Radius Server" and give it a meaningful name and a description. Choose the correct appliance vendor
- Once the server is created you can access its details to get the IP addresses, port numbers and secrets to used in the configuration of the appliance below.
|Each license comes with two geographically redundant servers for RADIUS Authentication and RADIUS Accounting. We will create these as close as possible to your physical location based on the data-centers we have available.|
How to configure the appliance?
- Log in the Cisco WLC Web-Browser interface and go to Advanced Settings
- Go to Security -> Access Control Lists and add two new ACL rules permitting connections to the captive portal:
- Go to Security -> Web Auth -> Web Login Page and change Web Authentication Type to External (redirect to external server). Add the External Webauth URL. The URL here should be "http://XYZ.spaces.nexudus.com/en/splash". XYZ is the subdomain of your account as found in System > Spaces > your space name > Web Address.
This page looks by default like this:
- Go to Security -> RADIUS -> Authentication, add new RADIUS Authentication Servers and enter IP Address, Port and Shared Secret from the details of the Radius Server provided when you created the Radius Server above.
- Go to Security -> RADIUS -> Accounting, add new RADIUS Accounting Servers and enter IP Address, Port and Shared Secret from the details of the Radius Server provided when you created the Radius Server above.
- Go to WLANs, select existing or create new WLAN and open WLAN settings page.
- Click on the Security tab, Layer 2 and set Layer 2 Security to None
- Click on the Layer 3 tab and set Layer 3 Security to Web Policy, select the Authentication radio button and select your new ACL for Preauthentication ACL
- Click on the AAA Servers tab and select IronWifi RADIUS authentication and accounting servers. You can also set Interim Interval to 180 seconds or higher.
- Finally, click on the Save Configuration link to save and apply new settings