Huawei iMaster NCE (CloudCampus)

  • Updated

Logging in & ACL Template Configuration

Log in to your Huawei iMaster NCE (CloudCampus) web interface. At the top, click on Design > Template Management.

On the left layout column, click ACL and then click Create. Configure with the following settings:

Name guestwifi
ACL Type User
ACL Number 6000

Under the Rule List section, click Add and specify the required domains one by one. Please refer to this list.

Rule Type domain
IP/Domain *insert domain here*

Click OK to save.

URL Template Configuration

Next, on the left menu, click URL Template and then click Create. Configure with:

Name guestwifi
Template type Cloud platform-based relay authentication

Under the Parameters in template box section, click Create and configure the following mapping keys sequentially (clicking the checkmark/tick icon to commit each item row):

Parameter Key Value Assignment Mode Parameter Name / Value
loginurl Replace the existing value loginUrl
redirect-url Replace the existing value originalUrl
ssid Replace the existing value ssid
user-mac Replace the existing value umac
user-ip Replace the existing value uaddress
device-mac Replace the existing value ap-mac

Click OK to save.

RADIUS Relay Server Profile

Next, on the left menu, click RADIUS Relay Server and then select Create. Configure the base profile:

Name guestwifi
Authentication service Portal authentication
Authentication protocol PAP

Under Authentication server address, click Add to supply the primary and secondary elements:

Priority Host Address Port Secret Key
1 *insert radius_server_ip here* 1812 *insert radius_secret here*
2 *insert radius_server2_ip here* 1812 *insert radius_secret here*

Under Accounting server address, click Add to supply the session logging pairs:

Priority Host Address Port Secret Key
1 *insert radius_server_ip here* 1813 *insert radius_secret here*
2 *insert radius_server2_ip here* 1813 *insert radius_secret here*

Click Submit to save the group layout, then apply these operational settings variables:

Timeout period 5
Load balancing mode Strict accordance with priority

Click OK to save.

Provisioning the SSID

At the top main navigation banner, click Provision > Site Configuration. On the left selection layout, click AP > SSID. Click Create and step through the wizard pages:

Page 1: Basic Wireless Properties

SSID Name Guest WiFi (or whatever SSID name you wish)
Working status On
Effective radio 2.4 and 5G
Network connection mode Layer 2 or NAT

Click Next to progress to the access controls parameters profile page:

Page 2: Security & Portal Policy Options

WLAN security policy Open network
Push pages On
Portal pushing mode Relay authentication by cloud platform
Interconnection mode RADIUS relay
Page push protocol HTTPS
Username / Password strings Username: username | Password parameter name: password
Redirect URL matching rule Redirect URL parameter
Authentication success redirect parameter redirect_URL
RADIUS relay server binding Select guestwifi
Portal authentication free Disabled
Real-time accounting / Reporting cycle Accounting: Enabled | Billing Reporting Cycle: 5
Default permit rule (Walled Garden) Select guestwifi
Bypass policy User access is allowed without authentication.

Click Next and then click OK to save the wireless interface properties.

Portal Page Push Policy

Next, at the top menu layout row, click on Admission > Page Management. Select the Portal Page Push Policy heading option at the top. Click Create and map out the matching rule conditions below:

Name guestwifi
Access Mode Wireless
Match SSIDs Yes, click Add and select the specific SSID profile created earlier
Page Push authentication mode Cloud platform-based relay authentication
Interconnection mode Relay
URL template Select guestwifi
Third-party authentication URL *insert access_url here*

Click OK to Save.

Configuration Complete

The cloud campus management framework initialization configuration is now complete.

Share online:
Was this article helpful?
0 out of 0 found this helpful