Purpose
This guide shows how to configure a Cisco Meraki device (MR series) for Cloud4Wi.
Please note that the images contained in this article may contain outdated configuration data. Therefore, please check the data in the paragraph "Parameters for the Solution" at the bottom of the page, as they are certainly up to date.
Supported devices
This article applies to all devices belonging to the MR series
Prerequisites
Dear Meraki support,
I'd like you to get the access to the features described below:
Splash Page: https://documentation.meraki.com/MX-Z/Access_Control_and_Splash_Page/Splash_Page
Access Control: https://documentation.meraki.com/MX-Z/Access_Control_and_Splash_Page/Access_Control
Walled Garden: https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Walled_Garden
Radius Accounting: https://documentation.meraki.com/MR/Splash_Page/Configuring_RADIUS_Authentication_with_a_Sign-on_Splash_Page
I'm setting up my Meraki Dashboard to be used with Cloud4Wi service (https://marketplace.cisco.com/catalog/solution/154406?pid=157939) and these features are required.
Please update the device's firmware at your earliest convenience.
Thank you in advance.
Please check that the router is connected to the Internet.
You may choose to configure the device to receive and install last firmware updates automatically.
Setting your SSID and access controls
The first step is configuring the SSID of the access point.Please choose your organization and group, then select Wireless in the drop-down menu and then click SSIDs under the Configure subsection.
Then select your SSID. If you want to use an inactive SSID, please click on Show all my SSIDs.
If your network is disabled, please enable it.
Then, by clicking edit settings, you can configure access settings for the network.
You should set no encryption in the Association requirements section since end-users will perform the authentication against a RADIUS server.
In the Splash page section, you must set how the end-user will access the Internet. Since the purpose is to use the device as an access point, you must enable the RADIUS authentication as shown below.
Then you must set the IP address and the port for the RADIUS server, for both authorization and accounting phases. You can configure the device to support a primary and a secondary RADIUS server.
Please ensure that end-user will not be able to access the network in case RADIUS servers are not available.
For better user experience, we recommend disabling data-carrier-detect (this will limit the disconnection of users in case the access point does not detect the device for a while).
You also must set the complete access to the Internet only for authenticated end-users. To do this, you must set Captive portal strength to Block all access until sign-on is complete.
To use this feature most effectively, we recommend making a request to Cisco Meraki asking for the activation of the "walled garden" feature. Doing this, you will be able to enter not only hostnames but even IP address ranges (by using CIDR notation) and subdomains (by using domain wildcards).
To configure the walled garden, please check the following articles:
Please note that it is necessary to add the Splash Page URL into this list to avoid redirection problems when using the Splash Page. You can find this URL in the Parameters for the solution paragraph, as Custom splash URL field.
Configuring the Splash page
Finally, we need to set the Splash Page.
To get the correct Splash Page URL, please check the paragraph "Parameters for the Solution" at the bottom of the page, since it is updated.
You can do this by clicking Splash page.
In the next page, please select your SSID.
Please select the Splash Page URL under Custom splash URL.
And under Splash behavior, in the input field called Where should users go after the splash page?
Allowing free access to the CDN
Explained in the article Enabling the CDN, you must add some IP addresses to the walled garden to take advantage of the benefits of the CDN.
The domains to add for this purpose are:
- c4wstatic.cloud4wi.com
- c4wstaticjs.cloud4wi.com
Entering the device details into the Cloud4Wi Dashboard
For Cisco Meraki devices, the Cloud4Wi Dashboard requires only the MAC address, and the Identifier field is not required.Configuring your Cisco Meraki access point to communicate with Presence Analytics APIs
Find the entire procedure in the article: Enabling Meraki CMX to communicate with Presence APIs.
Parameters for the Solution
The parameters indicated above for the Mode Settings section are mandatory for the proper functioning:RADIUS for splash page (primary)
Host: 54.247.117.188
Port: 1812
Secret: (Cloud4Wi will communicate it)
Host: 79.125.111.180
Port: 1812
Secret: (Cloud4Wi will communicate it)
RADIUS accounting servers (primary)
Host: 54.247.117.188
Port: 1813
Secret: (Cloud4Wi will communicate it)
RADIUS accounting servers (secondary)
Host: 79.125.111.180
Port: 1813
Secret: (Cloud4Wi will communicate it)
Custom splash URL
URL: https://splashportal.cloud4wi.com/
Splash behavior
URL: https://splashportal.cloud4wi.com/
Please copy and paste the Splash Page URL above.
If you enter the Splash Page URL in different formats (e.g., https://splashportal.cloud4wi.com/c4wportal/mysplashportal), then the redirection will fail, and the end-user will not be able to see the Splash Page.
If these parameters change in the future, we will promptly inform you about new values.