Summary :

  1. Retrieve needed information from Cloudi-Fi admin UI

  2. Enable DHCP

  3. Configure SSID

  4. Configure access Rules

1 Retrieve needed information from Cloudi-Fi admin UI

Go to Cloudi-Fi administration interface and note the following information in a notepad.

Location URL : this URL will be used to configure an External Captive Portal

  • Cloudi-Fi administration > Locations > Click on the menu button of the location and select "Copy Splash page URI"

  • Copy this URI in the notepad

Company Key :

  • This value will be used as Custom NAS-ID in the Radius request.

  • Go to Settings > Company Account and copy the Company Key in your notepad

Radius Server Information

  • Use the chatbot interface and ask for your Radius IP and secret

2 Enable DHCP

Devices > Access Points > Show Advanced > System

  • Go to DHCP and expend DHCP for WLANs

    • Set up the DNS server(s) and DHCP range

  • And save settings

3 Configure SSID

Go to Devices > Config & Add a new SSID

  • General

    • Name (SSID): Cloudi-Fi Guest

    • Bandwith Control: define Bandwith limits if needed

    • Miscellaneous:

      Enable Deny Intra VLAN Traffic

      Enable Deny inter user bridging

    • Time Range profiles: define a time range if needed

  • VLANs

    • Client IP Assignment: Instant AP assigned

    • Client VLAN Assignment: Internal VLAN

  • Security

    • Security Level: Captive Portal

    • Captive Portal Type: External

    • Captive Portal Profile: Create a new one

      Name: Cloudi-FI_CP

      Authentication type: Radius Authentication

      IP Or Hostname: Provided by Cloudi-Fi

      URL: Splash page URI

      Redirect URL: https://login.cloudi-fi.net/success.php or Provided your website URL

    • Primary Server

      • Server Type: Radius

      • Shared key: From the Chatbot

      • Retype Key: From the Chatbot

      • Name: Cloudi-FI Radius

      • IP address: From the Chatbot

      • Nas Identifier: Type your Cloudi-Fi Public Key

    • Expend Walled Garden and add Cloudi-FI domains to the Allow-list (*.cloudi-fi.net and *.cloudi-fi.com).

      Note that, if your Captive portal uses social network 

      Authentication, the domains list will be provided by Cloudi-fi

  • Access

    • Access Rules: Network Based

      Best practices: Deny Access to your internal corporate network

      You can specify additional firewall rules to restrict your

      guest access to inappropriate content or unwanted applications.

Did this answer your question?