Nuclias Cloud

Owned by Pedro Doroshenko
Last updated: Mar 22, 2022
3 min read

CONFIGURATION GUIDE

The purpose of the following manual is to describe the necessary configuration of Nuclias Cloud equipment for integration with Octopus Platform.

1- Pre-requisites

  • Before starting the configuration, you have to log in at Nuclias Cloud

  • If there is a firewall in the network that might block the traffic, you will need to allow access to some domains to enable user's authentication:

    • Radius Servers:

      • Primary: <IP_Radius_1> 1812 and 1813 UDP ports

      • Secondary: <IP_Radius_2> 1812 and 1813 UDP ports

    • Splash Portal server: 

      • Domain <captive_portal_domain> 80 and 443 TCP ports

  • For the operation of the Guest and Enterprise modules configuration, it will be necessary to previously contract the Octopus platform licenses with the respective modules.

2- Guest module configuration

2.1 Create or edit WLAN WiFi Guest

Inside Configure> Access point > Select Profile

When accessing this section we must select the Profile in which we have an AP installed and then click on SSID, select the ssid that we are going to edit:

  • SSID name : SSID of the network, e.g. Wifi Guest

  • Security: Open

  • Broadcast SSID: Enable

  • Band selection: select 2.4 Ghz and 5Ghz

 

2.2 Captive Portal

Select the Captive Portal:

Captive portal: Sign-on with External Captive Portal

 

 

 

 

 

 

 

 

 

Splash page URL: http://<captive_portal_domain>/login/hotspot/nuclias

 

2.3 Radius Server

Click on Add a RADIUS server:

  • Server name: Name of radius 1

  • IP Adress: <IP_Radius_1>

  • Port: 1812

  • Secret: <Secret>

  • RADIUS accounting: Enable

  • IP Adress: <IP_Radius_1>

  • Port: 1813

  • Secret: <Secret>

  • Accounting interim interval: 300

Click again on Add RADIUS server:

  • Server name: Name of radius 2

  • IP Adress: <IP_Radius_2>

  • Port: 1812

  • Secret: <Secret>

  • RADIUS accounting: Enable

  • IP Adress: <IP_Radius_2>

  • Port: 1813

  • Secret: <Secret>

  • Accounting interim interval: 300

Primay RADIUS server: Select the Radius 1 created earlier

Secondary RADIUS server: Select Radius 2 created earlier

Session timeout: 5 minutes (or as long as needed)

Idle timeout: 3 minutes (or as long as needed)

 

Click on Add walled garden

  • Walled garden name: Name of the walled garden

  • Range #1: Enter the IP of the domain you want to open.

To consult the IP addresses to be included go to the following link.

 

 

 

Once the necessary walled gardens have been added, click on the arrow and select all those added.

 

 

 

 

 

 

 

 

 

Once all the configuration is done, click on Save and then click on PUSH CONFIGURATION to finish the configuration correctly.

2.4 List of Authorized MACs

For the user validation to work correctly in the WiFi platform it is necessary to identify the NAS that will be able to make authentication requests to the Radius Server. In this case, all the MAC addresses of the Access Points that will radiate the configured SSID must be added.

These MAC addresses are easily accessible under the Monitor > Access Point > Devices tab, where all connected devices are displayed in more detail.