Configuring HP MSM / Colubris Controllers

Purpose of this document

  • This document should be used in conjunction with Colubris/HP user guide for configuring your Colubris/HP gateways in WiFiLAN. Please refer to WiFiLAN administrator guide, and Colubris/HP user guide for detail information.
  • It is assumed that the user has basic knowledge of networking including configuring subnet mask, RADIUS setting, default gateway and DNS configuration.
  • In order to configure Colubris/HP you will need a static IP address, Subnet mask, default gateway and DNS information given to you by your Internet Service Provider. Please keep this information handy while setting up your gateway.
  • Configuring WiFiLan you will need the WAN public IP address, AP MAC address, RADIUS secret, serial number and public IP address of your Colubris/HP gateway.
  • You need an active WiFiLan account. Please contact Wifi-soft sales to create your WiFiLan account.

 

WiFiLan Setup

Add Hotspot:

  1. Open a web browser and type http://w1.wifi-soft.net/wifilan/ and press Enter. Welcome screen of WiFiLan appears.
  2. Click the Hotspot link under Authentication section.
  3. Click the Add New Hotspot tab. The New Hotspot page appears.

Fields and Buttons

Description

Hotspot Plan

Select the plan for the hotspot based on number of concurrent users.

Hotspot Name

Enter the name of the hotspot in the Hotspot Name field.

Address

Enter the address of the location in the Address field.

City

Enter the name of the city of the location in the City field.

State

Select the name of the state from the State drop down list.

Zip Code

Enter the zip code of the location in the Zip Code field.

Latitude

Enter the Latitude of the location in the Latitude field.

Longitude

Enter the Longitude of the location in the Longitude field.

Type

Select the type of location from the Type drop down menu.

Is Paid

Click Is Paid check box if the location is charged.

Auto MAC Register

Select Auto MAC Register check box to enable the auto login feature in WiFiLan.

Submit

Click Submit button to save the changes.


Then, enter the details of the gateway

Fields & Buttons

Description

Device Type

Select HP/Colubris from the Device Type drop down menu.

Public IP Address

Enter Public IP Address of the gateway in the IP Address field. If your broadband connection is having a dynamic IP, please enter the current IP address. WiFiLAN will work even when the IP address changes. In this case, WiFiLAN uses the MAC address or NAS ID of the router to validate the packet.

If you don't know the public IP, connect to your modem and type http://www.whatismyip.org. It will display your current public IP address.

Secret

Enter the RADIUS secret configured in the gateway in the Secret field.

NAS ID

Enter an Unique NAS Identifier for the device in the NAS ID field.

MAC Address

Enter the MAC address of the WAN port in the MAC Address field.

Description

Enter a short description for the device

Once the hotspot is added, WiFiLAN will be ready to start accepting AAA requests from the gateway/controller. When the hotspot is added, WiFiLAN will automatically add a user group for that hotspot. The space in the hotspot name is replaced with underscore for the user group name.

Now you will need to design a captive portal for your hotspot and generate a URL that can be configured in the gateway/controller's settings.

Please refer to the captive portal design guide for steps to design your custom captive portal.

 

Colubris/HP Setup

It is assumed that that you have properly connected your Colubris/HP gateway with a broadband connection, which has a static or dynamic public IP address. Your Colubris/HP gateway admin interface is accessible either via LAN interface or via the public WAN interface.

Open web browser, and enter the Colubris/HP web address. And press Enter. Colubris/HP Welcome screen appears.

 

Setup RADIUS Server

  1. Click RADIUS Profiles tab under Security tab. RADIUS Profiles page appears.

  2. Click Add New Profile button. Add/Edit RADIUS profile page appears.

 

Fields & Buttons

Description

Profile Name

Profile Name

Enter a unique name in the Profile Name field.

Settings

Authentication Port

Enter authentication port 1812 in Authentication Port field.

Accounting Port

Enter accounting port 1813 in Accounting Port field.

Retry Interval

Enter Retry Interval to 15 seconds in Retry Interval field.

Retry Timeout

Select Retry Timeout check box, and enter retry timeout seconds in the Retry Timeout field.

Authentication Method

Select CHAP authentication method from the Authentication Method drop down menu.

NAS ID

Select the NAS ID check box and enter NAS ID number in NAS ID field.

Change the NAS ID to the one created in WiFiLAN under hotspot section.

Primary RADIUS Server

Server Address

Enter the primary RADIUS server IP address in Server Address field. Please enter 166.78.136.12 unless different one is specified by Wifisoft

Secret

Enter the RADIUS server secret in the RADIUS Server Secret field. The secret should match the secret of WiFiLan.

Confirm Secret

Re-enter the secret in Confirm Secret field.

Secondary RADIUS Server (Optional)

Server Address

Enter the secondary RADIUS server IP address in the Server Address field if given by Wifisoft

Secret

Enter the RADIUS server secret in the RADIUS Server Secret field. The secret should match the secret of WiFiLan.

Confirm Secret

Re-enter the secret in Confirm Secret field.

RADIUS Attributes in Colubris

Click Attributes tab under Public Access tab. RADIUS Attributes page will appear.

Dont enter any parameters for the top-level options

 

You need to configure attributes under the "Configured Attributes" section as shown below

You need to add the following attributes to the Colubris/HP Attribute tab.

Attribute Name

Value

Session-Url

http://www.wifi-soft.com/pin/ses.htm

Transport-Url

http://www.wifi-soft.com/pin/tran.htm

Fail-Url

http://www.wifi-soft.com/pin/fail.htm

Logo-Url

http://www.wifi-soft.com/pin/logo.gif

Login-URL

This should be URL for your captive portal.

Please check captive portal design for details

use-access-list

ws

access-list

ws,accept,all,w1.wifi-soft.com,all

access-list

ws,accept,all,wp1.wifi-soft.com,all

access-list

ws,accept,all,www.wifi-soft.com,all

welcome-url

http://wp1.wifi-soft.com/portal/default/loginIframeSuccess.php

login-err-url

Enter your login URL and append the following string to the login URL

&msg=%r

goodbye-url

http//wp1.wifi-soft.com/portal/default/logoutIframeSuccess.php

Secure or Non Secure Authentication mode

To setup a secure login process, you need to purchase an SSL certificate from well-known certificate vendor like GeoTrust, Verisign or Equifax.

To set up secure or non-secure login authentication

  1. Click Access Control tab under Public Access tab. Access Control page appears.

  2. Select Secure Authentication HTTPS port radio button for secure login authentication. And Enter HTTPS port number in the field.

  3. Select Unsecure Authentication HTTP port radio button for unsecure login authentication. And Enter HTTP port number in the field.

 

VSC Settings

To set up VSC settings

  1. Click VSC tab (left top corner). Virtual Services Communities page appears.

  2. Click Add New VSC Profile button. Add/Edit Virtual Service Community page appears.

Under General table:

  3. Enter profile name in Name

  4. Select Provide Access Control check box.

Under HTML based user logins table:

  1. Select HTML-based user logins check box.
  2. Select Local Authentication check box.
  3. Select RADIUS Authentication check box.
  4. Select the RADIUS profile you created from the RADIUS Profile drop down menu.
  5. Enter authentication timeout in Authentication Timeout
  6. Select RADIUS Accounting check box.
  7. Select the RADIUS profile you created from the RADIUS Profile drop down menu.

  8. Click Save to save the changes.

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.