Cisco WLC with External Captive Portal
This page explains configuration of Cisco Wireless Lan Controller to work with IronWifi Captive Portal.
IronWifi Console configuration
- Log in to the IronWifi Console
- From the menu, go to Network -> Captive Portals -> New Captive Portal
- Fill in Name, select Network, select Cisco WLC as Vendor and add at least one Authentication Provider
Cisco WLC configuration
- Log in the Cisco WLC Web-Browser interface and go to Advanced Settings
2. Go to Security -> Access Control Lists and add two new ACL rules permitting connections to the Captive Portal. Get the Captive Portal IP address from your Captive Portal settings -> Walled Garden -> IronWifi
- Source: Any, Destination: 220.127.116.11 netmask 255.255.255.255, protocol TCP, Dest port 443, Action: Permit
- Source 18.104.22.168 netmask 255.255.255.255, Destination: Any, protocol TCP, Source port 443, Action: Permit
3. Go to Security -> Web Auth -> Web Login Page and change Web Authentication Type to External (redirect to external server). Add the External Webauth URL. This is the Splash page URL from your Captive Portal in IronWifi Console
4. Go to Security -> RADIUS -> Authentication, add new RADIUS Authentication Servers and enter IP Address, Port and Shared Secret from your Captive Portal in IronWifi Console -> Controller Configuration -> RADIUS for splash page
5. Go to Security -> RADIUS -> Accounting, add new RADIUS Accounting Servers and enter IP Address, Port and Shared Secret from your Captive Portal in IronWifi Console -> Controller Configuration -> RADIUS for splash page
6. Go to WLANs, select existing or create new WLAN and open WLAN settings page
7. Click on the Security tab, Layer 2 and set Layer 2 Security to None
8. Click on the Layer 3 tab and set Layer 3 Security to Web Policy, select the Authentication radio button and select your new ACL for Preauthentication ACL.
9. Click on the AAA Servers tab and select IronWifi RADIUS authentication and accounting servers. You can also set Interim Interval to 180 seconds or higher.
10. Finally, click on the Save Configuration link to save and apply new settings.