This guide shows how to configure a “LigoWave VAC/LAC – AP architecture” for Volare.
Please note that the images contained in this article may contain outdated configuration data. Therefore, please check the data contained in the article "Parameters for the Solution" at the bottom of the page, as they are certainly up to date.
The configuration procedure has been performed and tested with controller version 6.2.6 (r12086). Before integrating LigoWave controller with Cloud4Wi Solution, it is necessary that:
- Controller and access point are connected to Internet and reachable on the network
- the IP address is assigned to the access point through DHCP or static and the access point is reachable on network
RADIUS server for the authentication phase
In order to configure External RADIUS server for authentication phase, click Policy > Virtualization > Authentication > Authentication Services menu and click Add.
The following parameters must be configured:
Authentication Type: Radius
Server IP address: 220.127.116.11
Secret: (it will be communicated by Cloud4Wi)
If accounting is required, choose “Enable RADIUS Accounting (RFC-2866) on port”.
Click “Save” to finish creating external RADIUS server and return to the previous menu.
Assigning External RADIUS server to an existing or new Authentication policy profile.
Creating WLAN and Security Profile for hotspots
Click Policy > Virtualization > WLAN/LAN > Security, create new security profile and set encryption scheme to “OPEN” which will be assigned to WLAN profile. Click “Save” to finish setup and return to the previous menu.
Click Policy > Virtualization > WLAN/LAN to define new WLAN policy. Complete name, ESSID and security policy and click “Save” to finish setup and return to the previous menu (assign Security policy created in the previous step to this WLAN profile).
Creating Portal Profile for hotspots
Click Policy > Virtualization > Portal and set Portal name and input PORTAL URL. Click “Save” to finish Portal policy setup.
Creating VSLAN Policy for hotspots
Click Policy > Virtualization > VSLAN, set VSLAN name, network ID (same as VSLAN ID – refer to LigoWave configuration guide) and assign the WLAN/Authentication/Portal policy which has been previously created.
Walled garden and Access Policy configuration
In order to configure the walled garden, create access-rule for application in the access policies. For this example, create access-rule with criteria to match domain-name of the corresponding social website. Depending on customer location different domain and sub-domain need to be added under access rule.
For particular purposes, please check the following articles:
- Walled garden for the Social Login (websites/domains to open)
- Walled garden for PayPal feature (websites/domains to open)
As explained in the article Enabling the CDN, it is necessary to add some IP addresses to the walled garden in order to support the access to the CDN.
The domains to add for this purpose are:
Click Rights > Rights > Access Rules and add new rule. See screenshot below showing procedure to add facebook domain for social login.
Below you can find a picture with some common domain names defined under Access Rules.
Click Rights > Rights > Access Policy to add a new Access Policy and select the corresponding Access rule that allows the user to visit the website prior pre-authentication.
Click Rights > Rights > Rights Policy to assign newly created Access policy to your Splash Page. See below screenshot for reference.
Parameters for the Solution
The parameters to integrate the device with the Solution are the following:
Splash Page URL: https://splashportal.cloud4wi.com/?vendor=deliberant
RADIUS Server Address (primary): 18.104.22.168
RADIUS Server Address (secondary): 22.214.171.124
Authentication port: 1812
Accounting port: 1813
Shared Secret: (it will be communicated by Cloud4Wi)
Please note that it is necessary to enter the Splash Page URL exactly as it is written above.
If you enter the Splash Page URL in different formats (e.g. https://splashportal.cloud4wi.com/c4wportal/mysplashportal), then the redirection will fail and the end-user will not be able to see the Splash Page.
If these parameters change in the future, we will promptly inform you about new values.