This page explains different configuration scenarios for Ubiquiti UniFi Controller with IronWifi - Captive Portal and WPA-Enterprise with external RADIUS authentication and accounting.
Configuring UniFi Controller for external Captive Portal authentication
- Sign in to the IronWifi Console
- Click on Networks and add a Network
- Click on Captive Portals and add a Captive Portal
- In the Captive Portal settings, add Authentication Provider - can be Anonymous for testing purpose
- IronWifi servers need to directly connect to your Controller (SW, Cloud Key) to authorize connecting devices. Enter the Controller URL or leave blank if the Controller public address is the same as connecting devices IP address (router public IP address). Controller URL should be in this format: - https://your_public_static_ip:8443. Make sure it is the PUBLIC IP address and it's reachable through the Internet (not internal address like 192.168.*.*, 172.16.*.*, or 10.*.*.*). You might need to configure port forwarding on your Internet router and firewall. If you are not sure, please consult with your ISP provider. The source IP connecting to your controller will be 126.96.36.199, or 188.8.131.52, or 184.108.40.206.
- Enter Controller username (administrator privileges, you can create a new user in your controller) and password.
- Sign-in to your UniFi Controller
- In Wireless network settings change the Security to Open and enable Guest Services
- Navigate to Guest services settings
- Select External Captive Portal
- Enter 220.127.116.11 in the IP address input field
- Check the redirect using hostname checkbox and enter the Splash page URL from Captive Portal page in IronWifi Console
- Add 18.104.22.168/32 to the Pre-Authorization Access list
- Apply settings and try with your phone or computer
Configuring UniFi Controller for WPA-Enterprise
If you wish to have a WPA-Enterprise protected network without Captive Portal, navigate to Wireless Networks and change Security to WPA-Enterprise. Enter information about the RADIUS servers, IP addresses, ports and shared secrets are available in IronWifi Console -> Networks.
Captive Portal can return different error codes in the error_message parameter.
- unifi_authentication_failed - credentials configured in the Captive Portal settings are probably not valid. Sign in to the Ubiquiti Controller and create new admin user and password. Configure this username and password in the Captive Portal configuration page in our Console.
- unifi_gw_connection_failed - our servers could not connect to your Controller. Make sure the Controller is reachable over the internet, check your firewall settings and port forwarding rules if necessary. The controller should listen on port 8443/TCP.