Purpose
This article guides you through the creation and configuration of an Aruba Central network based on AOS-8 or AOS-10 to support the Cloud4Wi Guest WiFi services.
Please note that the images contained in this article may contain outdated configuration data and visuals. Therefore, please make sure to use the value specified in the text description rather than those captured in the screenshots.
To avoid security and authentication issues, it is necessary to upload a trusted certificate into the controller, once done please share with Support Team your custom FQDN. (With Aruba Central the intermediate and root cert must be combined together into the same file so that the trust chain is complete)
Setup the SSID
- Navigate to Devices under the Manage section of your group.
- Click Config on the top right (
)
- Go to the WLANs tab and click + Add SSID.
- On step 1 General, provide a name for the ESSID and click Next
- On step 2 VLANs, configure according to your network requirements and click Next
- On step 3 Security
- Security Level : Visitors
- Type: External Captive Portal
-
Captive Portal Profile: to add a new Captive Portal Profile, click the icon + next to the Captive Portal Profile dropdown. Fill the form in the dialog with the following values:
Parameter Value Notes IP for Hostname splashportal.cloud4wi.com URL / Port 443 Redirect URL https://splashportal.cloud4wi.com Use HTTPS True Captive Portal Failure Deny internet can be changed depending on your specific needs -
Primary/Secondary Server: to set the RADIUS configuration you must click on the + next to the Primary/Secondary Server dropdown. The Create Server dialog appears.
Create a Primary and Secondary Server, filling the Create Server dialog with the values indicated in the following table
Primary Server
Parameter Value IP Address/FQDN 54.247.117.188 Auth Port 1812 Acct Port 1813 Secret <it will be communicated by Cloud4Wi> Accounting Enabled Radsec Disabled Secondary Server
Parameter Value IP for Hostname 79.125.111.180 Auth Port 1812 Acct Port 1813 Secret <it will be communicated by Cloud4Wi> Accounting Enabled Radsec Disabled
- Expand the Advances settings area and scroll until you find the Accounting section.
- Select Use authentication servers on the Accounting dropdown
- Enter 5 minutes on the Accounting Interval input
Walled garden
The last step of the configuration consist in configuring the list of walled gardens, which consist of resources that need to be reached in pre-authentication status.
Please note that it is mandatory to set the following entries:
- cloud4wi.com
- c4wstatic.cloud4wi.com
- c4wstaticjs.cloud4wi.com
You can learn more about that by reading the following articles:
- Walled garden for the Social Login (websites/domains to open)
- Walled garden for PayPal feature (websites/domains to open)
On Aruba AOS 8+, you can find a Walled Garden section in the same tab.
On Aruba AOS 10+, you can configure the Walled Garden using Access Rules, by opening the tab Access of the SSID setup wizard.
Select the "Role Based" and add the rules by clicking the icon +.
Assign the created role to the Pre Auth role.