Cisco WLC Wireless Controller Setup

  1. Overview
  2. WiFi Hardware
  3. Cisco WLC Wireless Controller Setup
Access Point Instructions for Cisco WLC

This page explains the configuration of the Cisco Wireless LAN Controller to work with Captve WiFi.

Access Point Configuration

  1. Log in to the Cisco WLC Web-Browser interface and go to Advanced Settings.

  2. Go to Security -> Access Control Lists and add two new ACL rules permitting connections to the Captive Portal. Get the Captive Portal IP address from your Captive Portal settings -> Walled Garden -> Captive WiFi

  3. Hover the coursor over the blue icon on the right side of sw_walledgarden text and press “Add/Remove URL”.
  4. Add these entries

    1. getonline.captivewifi.io

    2.  

      captivewifi.fra1.digitaloceanspaces.com

And Rule n. 1

  • Source - Any
  • Destination - 138.68.152.191 
  • Netmask - 255.255.255.255
  • Protocol - TCP
  • Source port - Any
  • Dest port - 443
  • Action - Permit
  1. Go to Security -> Web Auth -> Web Login Page and configure with:
  • Web Authentication Type - External (redirect to external server)
  • Redirect URL after login - Get this from the Captive WiFi dashboard 
  • External Webauth URL -https://getonline.captivewifi.io/<site id>  get the site ID from WiFi Integrations 
  1. Go to Security -> RADIUS -> Authentication, add new RADIUS Authentication Servers and use the following values:
  • Server Address - radius.captivewifi.io
  • Shared Secret Format - ASCII
  • Shared Secret -get this value from the  captive wifi support 
  • Confirm Shared Secret -get this value from the captive wifi support 
  • Key wrap - Disabled
  • Port Number- get this value from captive wifi support 
  • Server Status - Enabled
  • Support for RFC 3576 - Disabled
  • Server Timeout - 5 seconds
  • Network User - Enabled
  • Management - Enabled
  • Management Retransmit Timeout - 2 seconds
  • IPSec - Disabled
  1. Go to WLANs, select existing or create new WLAN and open the WLAN settings page. Click on the Security tab, Layer 2 and set:
  • Layer 2 Security - None
  1. Click on the Layer 3 tab and configure with:
  • Layer 3 Security - Web Policy (Authentication)
  • Pre-authentication ACL - IPv4 - Captive-Auth
  1. Click on the AAA Servers tab and select Captive WiFi RADIUS authentication and accounting servers. You can also set an Interim Interval to 180 seconds or higher.

Radius Servers

  • Authentication Servers - Enabled
  • Server 1 - IP:  Port:  1812

Radius Server Accounting

  • Interim Update - Enabled
  • Interim Interval - 180

Click on the Save Configuration link to save and apply new settings.

! You must also install a valid SSL certificate on your controller/AP, in order to avoid authentication issues!

Was this article helpful?