CONFIGURATION GUIDE
The purpose of the following manual is to describe the necessary configuration of Nuclias Cloud equipment for integration with Octopus Platform.
Panel | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||
|
1- Pre-requisites
Before starting the configuration, you have to log in at Nuclias Cloud
If there is a firewall in the network that might block the traffic, you will need to allow access to some domains to enable user's authentication:
Radius Servers:
Primary: <IP_Radius_1> 1812 and 1813 UDP ports
Secondary: <IP_Radius_2> 1812 and 1813 UDP ports
Splash Portal server:
Domain <captive_portal_domain> 80 and 443 TCP ports
For the operation of the Guest and Enterprise modules configuration, it will be necessary to previously contract the Octopus platform licenses with the respective modules.
2- Guest module configuration
2.1 Create or edit WLAN WiFi Guest
Inside Configure> Access point > Select Profile
When accessing this section we must select the Profile in which we have an AP installed and then click on SSID, select the ssid that we are going to edit:
SSID name : SSID of the network, e.g. Wifi Guest
Security: Open
Broadcast SSID: Enable
Band selection: select 2.4 Ghz and 5Ghz
2.2 Captive Portal
Select the Captive Portal:
Captive portal: Sign-on with External Captive Portal
Splash page URL: http://<captive_portal_domain>/login/hotspot/nuclias
2.3 Radius Server
Click on Add a RADIUS server:
Server name: Name of radius 1
IP Adress: <IP_Radius_1>
Port: 1812
Secret: <Secret>
RADIUS accounting: Enable
IP Adress: <IP_Radius_1>
Port: 1813
Secret: <Secret>
Accounting interim interval: 300
Click again on Add RADIUS server:
Server name: Name of radius 2
IP Adress: <IP_Radius_2>
Port: 1812
Secret: <Secret>
RADIUS accounting: Enable
IP Adress: <IP_Radius_2>
Port: 1813
Secret: <Secret>
Accounting interim interval: 300
Primay RADIUS server: Select the Radius 1 created earlier
Secondary RADIUS server: Select Radius 2 created earlier
Session timeout: 5 minutes (or as long as needed)
Idle timeout: 3 minutes (or as long as needed)
Click on Add walled garden
Walled garden name: Name of the walled garden
Range #1: Enter the IP of the domain you want to open.
Info |
---|
To consult the IP addresses to be included go to the following link. |
Once the necessary walled gardens have been added, click on the arrow and select all those added.
Once all the configuration is done, click on Save and then click on PUSH CONFIGURATION to finish the configuration correctly.
2.4 List of Authorized MACs
For the user validation to work correctly in the WiFi platform it is necessary to identify the NAS that will be able to make authentication requests to the Radius Server. In this case, all the MAC addresses of the Access Points that will radiate the configured SSID must be added.
These MAC addresses are easily accessible under the Monitor > Access Point > Devices tab, where all connected devices are displayed in more detail.