This page explains different configuration scenarios for Ubiquiti UniFi Controller with IronWifi - Captive Portal and WPA-Enterprise with external RADIUS authentication and accounting.
Configuring UniFi Controller for external Captive Portal authentication
- Sign in to the IronWifi Console
- Click on Networks and add a Network
- Click on Captive Portals and add a Captive Portal
- In the Captive Portal settings, add Authentication Provider - can be Anonymous for testing purpose
- Enter Controller URL, username (administrator privileges) and password. IronWifi servers need to be able to directly connect to your Controller (SW, Cloud Key) to authorize connecting devices. Controller URL is usually in format like this - https://your_public_static_ip:8443. Make sure it is the PUBLIC IP address and it's reachable through the Internet (not internal address like 192.168.*.*, 172.16.*.*, or 10.*.*.*). You might need to configure port forwarding on your Internet router and firewall. If you are not sure, please consult with your ISP provider.
- Sign in to your UniFi Controller
- In Wireless network settings change the Security to Open and enable Guest Services
- Navigate to Guest services settings
- Select External Captive Portal
- Enter 220.127.116.11 in the IP address input field
- Check the redirect using hostname checkbox and enter the Splash page URL from Captive Portal page in IronWifi Console
- Add 18.104.22.168/32 to the Pre-Authorization Access list
- Apply settings and try with your phone or computer
Configuring UniFi Controller for WPA-Enterprise
If you wish to have a WPA-Enterprise protected network without Captive Portal, navigate to Wireless Networks and change Security to WPA-Enterprise. Enter information about the RADIUS servers, IP addresses, ports and shared secrets are available in IronWifi Console -> Networks.