Skip to main content

Search

How can we help ?

How to Integrate Aruba Airwave with Cloudi-Fi

Alexandre de THOMASSON
  • Updated

Describes how to configure your Aruba Airwave to activate the Cloudi-Fi splash page feature.

                                                            

This setup consists of below main parts:

Use case

Prerequisites

Step 1: Get Cloudi-Fi required information

Step 2: Get Radius Information

Step 3: Enable Instant GUI Config

Step 4: SSID Configuration

Step 5: Import SSL certificate

Step 6: Syslog forwarding

Troubleshooting

What's Next ?

Use case:

The following sections will provide step-by-step instructions to enable Cloudi-Fi cloud-based WiFi Captive portal service with your existing Aruba Airwave architecture.

 

Prerequisites:

Before starting, ensure that you have the following prerequisites:

  • An Aruba access point.
  • Access to the Aruba dashboard.
  • Knowledge of your network’s IP addressing scheme.

Step 1: Get Cloudi-Fi required information

Location URL: this URL will be used to configure an External Captive Portal

  • Access the Cloudi-Fi administration console
  • Select the location
  • Click on the menu button for the location
  • Select "Copy Splash page URL"

Cloudi-Fi Get captive portal url.png

Company Key :

  • Go to Settings Company Account and copy the Cloudi-Fi Public Key

 

Step 2: Get Radius information

You will need the Radius information (Server IPs, Secret, Ports) to proceed with the setup.

  1. IPs address of the Radius servers
  2. Ports: UDP 1812 (Authentication) & 1813 (Accounting)
  3. The Secret (provided by Cloudi-Fi Support)

You can get the Secret by asking in the Chatbot, Cloudi-Fi’s Support team will provide you with the necessary information.

Cloudi-Fi - Get Radius information for Aruba Airwave

  1. What shared secret is used for the Radius server with Aruba? (Please save this confidential information securely, and do not share it publicly.)
     

  • Transform the URI as following

 

Step 3: Enable Instant GUI Config

The Instant GUI config feature allows Instant APs to be configured via AirWave rather than through the embedded controllers in the access points.

Enabling this feature is done in Groups Basic and Enable Instant GUI Config.

Save and Apply. The Instant Config menu should be visible in the Groups List Select the Group name to configure.

Step 4: SSID Configuration

Go to Groups List and select the Group name where you want to define SSIDs

 

Click on the "+" button to add a new network

 

  • Type : Wireless

  • Name : Give it a name

  • Usage : Guest

In the advanced options, make sure that the SSID is broadcasted.

In the VLAN menu, configure the appropriate network parameters.

In the Security menu, choose Splash page type: External

 

Create a captive portal profile

 

  • Type: Radius Authentication

  • IP or hostname: login.cloudi-fi.net

  • URL: paste the rest of the splash page URI

  • Port: 443

  • Use HTTPS: Enabled

  • Captive portal Failure: Deny Internet

  • Automatic Whitelisting: Enabled

  • Redirect URL: your website

Create Radius authentication servers.

  • IP: Provided by Cloudi-Fi

  • Auth Port: 1812

  • Shared secret: Provided by Cloudi-Fi

  • Confirm Shared secret: Provided by Cloudi-Fi.

  • RFC 5997: Authentication

  • Nas-Identifier: Cloudi-Fi Public Key

  • Service type framed user: Captive portal

In the Access menu, choose Role-Based and create a new rule.

 

  • Rule Type: Access Control

  • Service: Network

  • Any

  • Action: Allow

  • Destination: To a Particular server

  • IP: login.cloudi-fi.net, login-cn.cloudi-fi.net

  • Options: Log

Select this new rule as the pre-authentication rule

In Access Rules, edit the rule and check the log option

Step 5: Import SSL certificate

TLS/SSL certificates secure internet connections by encrypting your data. They ensure data is transmitted privately, without modification, loss or theft. Adding a certificate ensures a more secure Internet experience for your users.

In addition, some browsers may block authentication on HTTP pages. Using a certificate will allow access to HTTPS pages, and your users can authenticate themselves.

Go to Device Setup Certificate and add a new item:

  • Name: Name of the certificate

  • Certificate Name: Import the certificate from your computer

  • Passphrase and confirm Passphrase: Provide the secret Key.

  • Format : PKCS#12 or PEM

  • Type: Captive Portal Cert

Go to Groups List, Select Group Basic Aruba Instant, and select the appropriate Certificate for Captive portal Cert

Step 6: Syslog Forwarding

We will now configure the Syslog so that the access logs are sent to Cloudi-Fi.

Go to Instant Config System Monitoring

  • Syslog server: IP provided by Cloudi-Fi

  • Syslog Facility levels: According to your convenience, at least User and User-Debug with the Debug level (or by default all at Debug)

 

Troubleshooting:

If you still encounter any issues during the setup or operation, you can first follow Cloudi-Fi's first-level troubleshooting guide. If you are still facing issues, we invite you to contact the Cloudi-Fi support team.

 

What’s Next?

Congratulations on configuring your Aruba Airwave with Cloudi-Fi!