This document lays out the process for interfacing an Aruba controller, running at least version 8.6 with the SmartWiFiPlatform. This document does not review the process for setting up an Aruba controller out of the box.
- Login to desired Aruba controller network
- Click on Configuration
Click on WLANs in the menu to the left
- Create new WLAN by pressing the blue + button and configure with:
- Name(SSID): Smart WiFi (Or your choice)
- Primary Usage: Guest
- Forwarding Mode: Tunnel
- Click next and configure with:
- VLAN: 1 (or whatever you need)
- Click next and configure with:
- Captive Portal Type: ClearPass or other external Captive Portal
- Host Addressing: IPv4
- Host: You will receive this
- Page: /hotspotlogin.php
- Redirect URL: You will receive this
- Under auth servers click the blue + to create a new auth server and configure with:
- Server Type: RADIUS
- Name: Radius1
- IP Address: You will receive this
- Auth Port: 1812
- Accounting Port: 1813
- Shared Key: You will receive this
- Retype Key: You will receive this
- Timeout: 5
- Click the blue + under auth servers to create another auth server and configure with:
- Server Type: RADIUS
- Name: Radius2
- IP Address: You will receive this
- Auth Port: 1812
- Accounting Port: 1813
- Shared Key: You will receive this
- Retype Key: You will receive this
- Timeout: 5
- Press next and then finish
- Click pending changes and deploy the changes
Click on Roles & Policies in the menu to the left
- Click the Aliases tab
- Edit the alias created from deploying the WLAN(It will use the SSID name)
- Add the default wildcard walled garden entries
Click the Authentication in the menu to the left
- On the Auth Servers tab, click the server group created from deploying the WLAN(It will use the SSID name)
- Edit Radius1
- NASID: You will recieve this from us
- Press submit
- Edit Radius2
- NASID: You will recieve this from us
- Press submit
- Edit Radius1
Click the AAA Profiles tab
- Expand the AAA menu
- Click on the one created from deploying the WLAN
- Click RADIUS Accounting Server Group
- Select the server group created from deploying the WLAN
- Press submit
Click the L3 Authentication tab
- Open the ‘Captive Portal Authentication’ menu
- Click on the one for the WLAN created and configure with:
- Default Role: Guest
- Default Guest Role: Guest
- Redirect Pause: 0
- User Login: Enabled
- Guest Login: Disabled
- Logout popup window: Disabled
- Use HTTP for authentication: Enabled
- Login minimum wait: 1
- Logon maximum wait: 10
- Authentication Protocol: PAP
- Login Page: You will receive this
- Welcome Page: default
- Show Welcome Page: disabled
- Add Switch IP in redirection URL: disabled
- Adding APs MAC address in redirection URL: Enabled
- White List: Select the policy edited in step 5
- Redirect URL: You will receive this
- Submit
- On the Auth Servers tab, click the server group created from deploying the WLAN(It will use the SSID name)
- Click pending changes and deploy the changes