Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Cisco 5500 Series

Tested versions:

ModelTypeFirmware versionDescription
5508
2504
controllerAirOS version 7.6.120.0
5520controllerAirOS version 8.2.100.0(bandwidth per client)

This solution for 5500 Series is similar to 2500 Series. Therefore, this manual does not contain a detailed step-by-step guide for a complete setup. Only the settings needed for SOCIFI are described below.

Include Page
Cisco Systems controllers ACL configuration
Cisco Systems controllers ACL configuration

 

Code Block
Webpage authentication


To redirect to external web portal uses the following commands:

Code Block
config custom-web ext-webauth-url http://connect-ip.socifi.com 
config custom-web webauth-type external 

Note: The ext-webauth-url has been changed from http://connect.socifi.com to http://connect-ip.socifi.com 

Image Modified

 ... and switch of PopUp logout window (this cannot be done via web interface)

Code Block
config custom-web logout-popup disable 


Code Block
RADIUS


You must set Auth and Acc part in the basic settings of authentication thru radius server. For European radius servers use following IP addresses:

PriorityIPDNS name
primary52.209.184.212rad-1-euw-1.socifi.com
secondary52.50.155.202rad-2-euw-1.socifi.com


Include Page
RADIUS / AAA Settings
RADIUS / AAA Settings


Auth settings provide:

Code Block
config radius auth add 1 52.209.184.212 1812 ascii socifi
config radius auth retransmit-timeout 1 2 
config radius auth network 1 enable 
config radius auth management 1 enable 
config radius auth mac-delimiter colon 
config radius auth enable 1 

config radius auth add 2 52.50.155.202 1812 ascii socifi
config radius auth retransmit-timeout 2 2 
config radius auth network 2 enable 
config radius auth management 2 enable 
config radius auth mac-delimiter colon 
config radius auth enable 2 


... and Acc settings provide:

Code Block
config radius acct add 1 52.209.184.212 1813 ascii socifi
config radius acct retransmit-timeout 1 2 
config radius acct network 1 enable 
config radius acct mac-delimiter colon 
config radius acct enable 1 

config radius acct add 2 52.50.155.202 1813 ascii socifi
config radius acct retransmit-timeout 2 2 
config radius acct network 2 enable 
config radius acct mac-delimiter colon 
config radius acct enable 2 

...

Wi-Fi settings is regular, the only exception is to turn off all WEP and WAP authentication. Wi-Fi is set as "Open" without any key and any authentication. 

Authentication is added via external WEP portal, RADIUS and preACL as follows (example for WLANID=1):


Code Block
config wlan security web-passthrough acl 1 preACL_permit 

config wlan security web-auth acl 1 preACL_permit

config wlan security web-auth server-precedence 1 local radius ldap
config wlan security web-auth enable 1 

config wlan radius_server auth add 1 1 
config wlan radius_server overwrite-interface enable 1 
config wlan radius_server acct add 1 1 
config wlan radius_server acct interim-update enable 1 
config wlan radius_server acct interim-update 600 1  

...

Code Block
Network management - web-auth secure


In the end, you need to forbid SSL version 
virtual web login page

Code Block
config network web-auth secureweb disable 

...

Note

You need to reboot the device to make sure all changes take effect. Without the reboot, the WLC will not work properly.

Image Modified

 

Add a new hotspot to SOCIFI Dashboard

You will need to add MAC addresses of  the controller and all AP's.

Info

To add this equipment, please select Cisco Wireless Control System under as the settings hardware type when adding a new hotspot.

For devices with AirOS version 8.5. and higher, please select Cisco Wireless Control System 8.5


Include Page
How to add your hotspot
How to add your hotspot

Related pages

...