Purpose
This guide shows how to configure a Ruckus Wireless device in the "Controller - AP" architecture for Cloud4Wi.
Please note that the images contained in this page may contain outdated configuration data. Therefore, please check the data in the article "Parameters for the Solution" at the bottom of the page, as they are certainly up to date.
Prerequisites
This guide applies to the Solution for the version 4.2.1.3 or later.
The following device models are supported:
- ZD1000
- ZD3000
- ZD5000
To use a Ruckus Wireless device as an access point, you must connect the controller and the access points to the Internet. The access points must be configured to point to the controller correctly.
Accessing the controller
You can access the controller through the web UI.
The controller must be configured to communicate with the RADIUS Server and the Splash Page correctly. The configuration of the access points is the final step of this process.
The first step is to configure access to the RADIUS server. After that, it is necessary to configure the hotspot service and, finally, the WLAN and the WLAN group for the hotspot service. Once done, this WLAN group must be assigned to those access points which will act as access points. This procedure will be discussed step by step.
RADIUS server configuration
Through AAA Servers section in the Configure tab, it is possible to view all RADIUS servers that have been entered, and eventually to create a new one for the authorization or accounting phase. In this case, a new one will be created, by clicking Create New.
The first step is to enter the RADIUS server for the authorization phase (Type = "RADIUS"). It's also possible to set a secondary RADIUS server.
Then it is required to create the RADIUS server for the accounting phase (Type = "RADIUS Accounting"). It's also possible to set a secondary RADIUS server.
The two entries will be displayed.
Hotspot Service configuration
Through the Hotspot Service section in the Configure tab, it is possible to view all Hotspot Services entries. It is possible to add a new one by clicking the Create New link.
Here you must set the Splash Page URL and the RADIUS server previously configured. The correct value for the Splash Page URL is indicated on this page in the paragraph called Parameters for the Solution.
Whether no valid SSL certificates have been uploaded to the controller (via the web interface), it is possible to encounter some issues during authentications of end-users and logout requests for some devices.
For firmware version 9.3 or higher, it is possible to fix this by appending the query parameter ?protocol=http& to Login Page URL. In this way, authentication and logout requests are handled by using HTTP protocol, and not HTTPS. This is not mandatory and, it is up to the administrator to decide how to manage this configuration.
If the Splash Page URL is:
https://splashportal.cloud4wi.com/
it is possible to handle authentication and logout requests by using HTTP protocol by setting as Login Page the following URL:
https://splashportal.cloud4wi.com/?protocol=http
&
In addition, it is also possible to set a list of websites that can be visited even by end-users who have not performed any authentication against the Splash Page. To configure this, it is necessary to add a list of IP addresses or hostnames into the Walled Garden section.
- Walled garden for the Social Login (websites/domains to open)
- Walled garden for PayPal feature (websites/domains to open)
Please note that, with the version 9.8 or later of the firmware, it is possible to enter wildcard domains in the walled garden, making configuration easier.
If you need to configure the walled garden, we strongly recommend you to update to the version 9.8 or later.
WLAN configuration
The Hotspot service previously created uses the Splash Page and RADIUS server configurations previously set. Now you must assign these configurations to a WLAN.Through the WLANs section in the Configure tab, it is possible to view all the WLANs entered. By clicking Create New link in the WLANs sub-section, it is possible to create a new WLAN.
It is necessary to specify the name and the ESSID for the WLAN. No encryption should be set to access the WLAN since the authentication for the end-user is managed from the RADIUS server. As Hotspot Services, it is necessary to specify the Hotspot service previously created ("Hotspot" in our case).
As the last step for this section, it is required to create a new WLAN Group. To do this, click the Create New link in the WLAN Groups sub-section.
A WLAN Group can include one or more WLANs. In this case, it is just necessary to include the WLAN just created (that we called "WLAN1").
The configuration of the controller is now complete. The next step is applying this configuration to one or more access points managed by the controller. Through the Access Points section in the Monitor tab, you can view all the devices connected to the controller. Between the Actions, by clicking the Configure button, we can apply any configuration to a connected device.
In the page opened it is necessary to apply the WLAN Group previously created.
The configuration is now complete.
Entering the device details into the Admin Panel
In order to integrate the device with the Solution, it is necessary to enter its details into the Admin Panel.
In this case you need only the MAC address, and you can find it in the bottom part of the device, as shown in the next picture. You can enter this string uppercase or lowercase, it does not make any difference.
It's possible to retrieve the MAC address through the web interface by accessing the Access Points section in the Monitor tab. You can see the MAC address in the picture below. Please note that this string may be entered indifferently uppercase or lowercase and with no separators.
If the MAC address is C4:10:8A:1B:59:20 (see picture above), the Identifier will be: C4108A1B5920 .
If the MAC address is 58:93:96:00:00:00 (see picture below), the Identifier will be: 589396000000 .
Allowing free access to the CDN
As explained in the article Enabling the CDN, it is necessary to add some IP addresses to the walled garden to support the access to the CDN.
The IP addresses to add for this purpose are:
- 50.18.178.180
- 54.248.102.194
- 54.246.86.254
- 46.137.206.166
- 54.232.119.5
- 54.253.118.101
Parameters for the Solution
The parameters to integrate the device with the Solution are the following:Login Page:
https://splashportal.cloud4wi.com/
Start Page:
https://splashportal.cloud4wi.com/
Primary RADIUS Server: 54.247.117.188
Authentication port: 1812
Accounting port: 1813
Shared Secret: (Cloud4Wi will communicate it)
If you enter the Splash Page URL in different formats (e.g., https://splashportal.cloud4wi.com/c4wportal/mysplashportal), then the redirection will fail, and the end-user will not be able to see the Splash Page.