This guide shows how to configure a “LigoWave VAC/LAC – AP architecture”, in order to use each Access Point as a Hotspot.
Please note that the images contained in this article may contain outdated configuration data. Therefore, please check the data contained in the article "Parameters for the Solution" at the bottom of the page, as they are certainly up to date.
The configuration procedure has been performed and tested with controller version 6.2.6 (r12086). Before integrating LigoWave controller with Cloud4Wi Solution, it is necessary that:
- Controller and Access Point are connected to Internet and reachable on the network
- the IP address is assigned to the Access Point through DHCP or static and the Access Point is reachable on network
RADIUS server for the authentication phase
In order to configure External RADIUS server for authentication phase, click Policy > Virtualization > Authentication > Authentication Services menu and click Add.
The following parameters must be configured:
Authentication Type: Radius
Server IP address: 22.214.171.124
Secret: (it will be communicated by Cloud4Wi)
If accounting is required, choose “Enable RADIUS Accounting (RFC-2866) on port”.
Click “Save” to finish creating external RADIUS server and return to previous menu.
Assigning External RADIUS server to existing or new Authentication policy profile.
Creating WLAN and Security Profile for Hotspot
Click Policy > Virtualization > WLAN/LAN > Security, create new security profile and set encryption scheme to “OPEN” which will be assigned to WLAN profile. Click “Save” to finish setup and return to the previous menu.
Click Policy > Virtualization > WLAN/LAN to define new WLAN policy. Complete name, ESSID and security policy and click “Save” to finish setup and return to the previous menu (assign Security policy created in previous step to this WLAN profile).
Creating Portal Profile for Hotspot
Click Policy > Virtualization > Portal and set Portal name and input PORTAL URL. Click “Save” to finish Portal policy setup.
Creating VSLAN Policy for Hotspot
Click Policy > Virtualization > VSLAN, set VSLAN name, network ID (same as VSLAN ID – refer to LigoWave configuration guide) and assign WLAN/Authentication/Portal policy which were created in earlier process.
Walled Garden and Access Policy configuration
In order to configure “Walled Garden”, create access-rule for application in access policy. For this example, create access-rule with criteria to match domain-name of corresponding social website. Depending on customer location different domain and sub-domain need to be added under access rule.
In order to configure the Walled Garden for particular purposes, please check the following articles:
- Walled Garden for the Social Login (web sites/domains to open)
- Walled Garden for PayPal feature (web sites/domains to open)
As explained in the article Improving the performance of Control Panel and Splash Portal by enabling the CDN, it is necessary to add some IP addresses to the Walled Garden in order to support the access to the CDN.
The domains to add for this purpose are:
Click Rights > Rights > Access Rules and add new rule. See screenshot below showing procedure to add facebook domain for social login.
Below screenshot list some common domain names defined under Access Rules.
Click Rights > Rights > Access Policy to add a new Access Policy and select corresponding Access rule that will allow user to website prior pre-authentication.
Click Rights > Rights > Rights Policy to assign newly created Access policy to your Splash Portal. See below screenshot for reference.
Parameters for the Solution
The parameters to integrate the device with the Solution are the following:
Splash Portal URL: https://splashportal.cloud4wi.com/?vendor=deliberant
RADIUS Server Address (primary): 126.96.36.199
RADIUS Server Address (secondary): 188.8.131.52
Authentication port: 1812
Accounting port: 1813
Shared Secret: (it will be communicated by Cloud4Wi)
Please note that it is necessary to enter the Splash Portal URL exactly as it is written above.
If you enter the Splash Portal URL in different formats (e.g. https://splashportal.cloud4wi.com/c4wportal/mysplashportal), then the redirection to the Splash Portal will fail and the end-user will not be able to see the Splash Portal.
If these parameters change in the future, we will promptly inform you about new values.