WiFi-based check-in: Ubiquiti UniFi

Setup

Before you configure the controller make sure you have set up your RADIUS server and have purchased a license.

Configuring UniFi Controller for external Captive Portal authentication

This option will present users with a splash page. It relies on your WiFi network to be open or to use a shared WiFi password. When users connect to it and open their browser, they will be presented with a login screen where to type their email and PIN code to connect to your network. You can also configure this appliance to use Enterprise Authentication using the instructions in the section below.‌

  1. Provide the public IP of your UniFi controller. The RADIUS servers need to be able to directly connect to your Controller (SW, Cloud Key) to authorise connecting devices. Controller URL is usually in format like this https://your_public_static_ip:8443. Make sure it is the PUBLIC IP address and it's reachable through the Internet (not internal address like 192.168.*.*, 172.16.*.*, or 10.*.*.*).

  2. You might need to configure port forwarding on your Internet router and firewall. If you are not sure, please contact your ISP provider. This article may help you doing this. The source IPs connecting to your controllers are 35.184.225.240, or 35.201.240.80, or 35.195.230.167.

  3. Sign in to your UniFi Controller.

  4. In Wireless network settings change the Security to Open and enable Guest services.

  5. Navigate to Guest services settings.

  6. Select External Captive Portal.

  7. Enter 107.178.250.42 in the IP address input field.

  8. Check the redirect using hostname checkbox and enter the Splash pageURL here. You should have been provided the URL by the Nexudus team together with a license. The page looks by default like this:

​‌

  • Add 107.178.250.42/32 to the Pre-Authorization Access list

  • Apply settings and try with your phone or computer

Configuring UniFi Controller for WPA-Enterprise

  1. Navigate to Wireless Networks and change Security to WPA-Enterprise. Add new RADIUS Authentication Servers and enter IP Address, Port and Shared Secret from the details of the Radius Server provided when you created the Radius Server above.

  2. Make sure you use the same IP for both the Auth and Accounting servers. If you add a secondary Auth and Accounting servers then use the secondary IP provided.

  3. Optional: Enable Interim Update.

PreviousWiFi-based check-in: SonicWallNextOther Integrations

Last updated