Cradlepoint

Owned by David López Frutos (Unlicensed)
Last updated: Oct 18, 2021 by Pedro Doroshenko
3 min read

CONFIGURATION GUIDE

The purpose of the following manual is to describe the necessary configuration of Cradlepoint equipment for integration with Octopus Platform.

1- Pre-requisites

  • If there is a firewall in the network that might block the traffic, you will need to allow access to some domains to enable user's authentication:

    • Radius Servers:

      • Primary: <IP_Radius_1> 1812 and 1813 UDP ports

      • Secondary: <IP_Radius_2> 1812 and 1813 UDP ports

    • Splash Portal server: 

      • Domain <captive_portal_domain> 80 and 443 TCP ports

  • For the operation of the Guest and Enterprise modules configuration, it will be necessary to previously contract the Octopus platform licenses with the respective modules.

2- Guest module configuration

2.1 Radius Servers

The first step is to configure the Hotspot associated with the guest WLAN, access to Networking > Local Networks > Hotspot Services and perform the following configuration inside the Hotspot Settings section.

  • Hotspot Mode: RADIUS/UAM

  • Local IP Network: select the corresponding network.

  • Allow Service on 3G/4G modems: check this box.

  • Hotspot/UAM Authentication Port: 8000

 

Then, it is required to configure the Radius Server which the user's authentication requests will be sent to. In the same section access to RADIUS Settings and perform the following configuration:

  • Server Address 1: <IP_Radius_1>

  • Server Address 2: <IP_Radius_2>

  • Authentication Port: 1812

  • Accounting Port: 1813

  • Shared Scret: <Secret>

  • Redirection On Successful Authentication: To an administrator-defined URL

    • Enter the redirection URL found in Octopus Platform, in the WLAN section of the Location: https://<captive_portal_domain>/login/hotspot/landing/wifiarea/WIFIAREA_ID/WLAN_ID

  • Idle Timeout: 15 Mins

 

To obtain the WIFIAREA_ID and the WLAN_ID parameters to complete the URL above, please access to the WIFI platform and access to the Locations configuration menu. In the WLAN configuration tab, you will be able to check the URL that must be configured to redirect the users after their successful authentication.

2.2 Captive portal

Once all the Radius Server configuration is done, it is necessary to configure the external captive portal parameters. Access to UAM Settings inside the same section and perform the following configuration:

  • Login URL: https://<captive_portal_domain>/login/hotspot/cradlepoint

  • NAS/Gateway ID: CRADLEPOINT

 

After having performed all the configuration, please click on Save to save all the changes.

IMPORTANT: Leave the Splash Page URL and Shared Secret parameters blank.

2.3 Walled Garden

Finally, within the Hotspot Services configuration it is necessary to include the domains to which free access must be allowed within the walled garden. To do so, click on Add and add all the necessary domains one by one.

 

If you wish to add extra domains (Social Networks, Paypal, etc...) they can be consulted from the following link.

2.4 Authorized MAC Addresses

In order to allow the users to authenticate in the captive portal correctly, it is necessary to identify the NAS that will send the authentication requests to the Radius Server. In Cradlepoint, it is required to add the MAC address of every device in the WIFI platform.

These MAC addresses can be obtained from the Dashboard window.