Describes how to configure your Extreme Networks Cloud IQ to enable Cloudi-Fi's captive portal
Summary :
-
Retrieve needed information from Cloudi-Fi admin UI
-
Create Radius Server in Extreme CloudIQ
-
Enable Supplemental CLI and configure Custom NAS-ID
-
Create Guest SSID and CWP profile
-
Deploy your policy
1) Retrieve Cloud-fi required information to deploy the captive portal on Extreme Network CloudIQ
Go to the Cloudi-Fi administration interface and note the following information in a notepad.
You will need them for the following steps:
Location URL:
This URL will be used in CloudIQ in the CWP profile (Captive Web portal). You will need to create a dedicated CWP profile.
-
Cloudi-Fi administration Locations Click on the menu button of the location and select "Copy Splash page URI"
-
Copy this URI in the notepad
-
Change the URI just like this :
Company Key :
-
This value will be used as Custom NAS-ID in the Radius request.
-
Go to Settings and copy the Company Key in your notepad:
Now we can start the configuration in your Extreme CloudIQ account.
2) Create the Radius Server in Extreme CloudIQ
In Extreme CloudIQ, go to Configure Common Objects External Radius Server.
Click on + to add a new server.
-
Name: Cloudi-Fi Radius Server
-
IP/Hostname: radius.cloudi-fi.net
-
Authentication: Checked port 1812
-
Accounting: Checked port 1813
-
Secret: Will be provided by the Cloudi-Fi Support team
-
Click on Save External Radius
3) Supplemental CLI
In this section, we must configure a supplemental CLI to send the Cloudi-Fi Company Key as NAS-ID in the Radius request sent by the Access Point.
First, we need to enable Supplemental CLI in your account.
Go to your CloudIQ profile in the top-right corner, then:
Global Settings VIQ Management Supplemental CLI: ON
Once done, you can go to Configure Common Objects Supplemental CLI Objects:
Click + to add a new Supplemental CLI, then:
-
Name: Cloudi-Fi Custom NAS-ID
-
CLI Command: aaa attribute NAS-Identifier
-
Click Save
4) Create the Guest SSID on Extreme CloudIQ admin interface
Connect to your Extreme Cloud IQ administration interface.
Go to Configure Network Policies Create or edit an existing one
-
In the Extreme CloudIQ Policy Details tab:
- Select Wireless
-
In the Wireless Networks tab:
- Click on "+" and select "All other network (standard)"
- Name (SSID): Provide a name
- Broadcast Name: WLAN name visible by clients
- SSID Authentication: Open
- Enable Captive Web Portal: On and select User Auth on Captive Web Portal
- Authentication type: Redirect to External URL
- Send Client's requested URL in clear text: Checked
- Default Web Portal: Add.
New Captive Web Portal window
-
Captive Web Portal Settings
- Name: Cloudi-Fi location name
- Login URL : Copy the
- Password encryption: Plaintext
- Authentication method: PAP
- Success page: Off
- Redirect client after a successful login: Checked
- To a specific URL: https://login.cloudi-fi.net/success.php -
Advanced settings
- Web Servers registration period: This timer must be equal to Cloudi-Fi session lifetime (Cloudi-Fi UI Portals Session lifetime)
- Use HTTP 302: Checked -
WalledGarden
- Click + and select the Service Type: Web
- Add this URL:
*.cloudi-fi.net
If you use social media connector on your captive portal, the Cloudi-Fi support team will provide you with an additional URL to add to the walledgarden.
-
Click Save CWP
In the Wireless settings tab, you will now configure the
Authentication settings section:
-
Click + and add the Cloudi-Fi Radius Server created at step 2
-
Save
Click Save
Go to the Additional Settings tab on Extreme CloudIQ admin:
In the additional settings, we will activate the Custom NAS-ID configured by applying the Complemental CLI created previously.
Click Save
Go to the Deploy Policy tab.
Select the devices where you want to deploy this policy.
Click "Deploy" and select "Complete Configuration Update."
Comments
0 comments