Tested versions:
Model | Type | Firmware version | Description |
---|---|---|---|
UAG4100 | AP + controller | V4.10(AAIZ.0) beta | any UAGx100* |
*ZyXEL confirms that all UAGx100 should be fully compatible. Tested on UAG2100 already.
*The release supporting SOCIFI platform is due in 2016. Should you need the fw before the oficial release, please contact ZyXEL support and ask for SOCIFI compliant release. The last known suitable is: UAG ZLD4.11
Default configuration:
- DHCP enabled
- internet on WAN port (P1)
- LAN1 is on ports P2 and P3, used for private network and management
- LAN2 is on ports P4 and P5, used for SOCIFI configuration. Both the external AP's and the internal WiFi can use the LAN2
...
General Settings | |
---|---|
Name | radius |
Description | SOCIFI radius servers |
Authentication Server Settings | |
Server Address | <your-primary-radius-by-location> |
Authentication Port | 1812 |
Backup Server Address | <your-secondary-radius-by-location> |
Backup Authentication Port | 1812 |
Key | socifi |
Accounting Server settings | |
Server Address | <your-primary-radius-by-location> |
Accounting Port | 1813 |
Backup Server Address | <your-secondary-radius-by-location> |
Backup Accounting Port | 1813 |
Key | socifi |
Maximum retry count | 3 |
Enable Accounting Interim update | enabled |
Interim Interval | 10 |
General Server Settings | |
Timeout | 5 |
NAS IP Address | 127.0.0.1 |
NAS Identifer | Zyxel_<mac_address_of_WAN_interface> (see Add a new hotspot bellow) |
Case-sensitive User Names | enabled |
User Login settings | |
Group Membership Attribute | Vendor-Specific (26) |
Include Page | ||||
---|---|---|---|---|
|
Go to Configuration > Object > Auth.Method create the new item and name it "ExternalRadiusMethod". Then under MethodList select "group radius".
...
At first we need to enable Walled Garden list. Go to Configuration > Web Authentication > Walled Garden and tick Enable Walled Garden.
then continue to Domain/IP Base tab and add the DNS names as shown. Please note the Name field can't use the dot symbol (.) thus we'll use "_".
Include Page Cisco Meraki, Ruckus, Xirrus, Huawei Cisco Meraki, Ruckus, Xirrus, Huawei
Cisco Meraki, Ruckus, Xirrus, Huawei | |
Cisco Meraki, Ruckus, Xirrus, Huawei |
Web Authentication (Captive portal)
...
Web Authentication Type | ||
---|---|---|
Type | Web Portal | |
General Settings | ||
Profile Name | SOCFI_external_web_auth_portal | |
Internal Web Portal (User Upload Page) | not checked | |
External Web Portal | checked | |
Login URL | http://connect.socifi.com | |
Logout URL | ||
Welcome URL | http://connect.socifi.com/api/v1/out/session | |
Session URL | ||
Error URL | http://connect.socifi.com/fail |
...
Go to Configuration > Network > Interface > Ethernet and note down the MAC address for interface WAN1.
Include Page | ||||
---|---|---|---|---|
|
...