Extreme Cloud IQ (Hive)

  • Actualización

Log in to your ExtremeCloud IQ web interface.

Click on Configuration at the top and then on Guided Configuration on the left.

Under Choose Network Policy click New and configure with:

Name: GuestWiFi
Wireless Access: Enabled
Switching: Disabled
Branch Routing: Disabled
Bonjour Gateway: Disabled

Click on Create to continue

Next to SSIDs click Choose. Click on New and configure with:

Profile Name: guestwifi
SSID: Guest WiFi (or whatever you wish)
Enabled Captive Web Portal: Enabled

All other settings can be left at their defaults.

Click Save and then OK

Next, click on Captive Web Portal and choose New. Configure with:

Name: guestwifi
Registration Type: External Authentication

Under Captive Web Portal Login Page Settings:

Login URL: *insert access_url here*
Password Encryption: No Encryption
Authentication Method: PAP

Under Captive Web Portal Success Page Settings:

Show the success page... Disabled
After a successful login: Redirect to an external page
Use simple URL address: *insert redirect_url here*

Under Optional Advanced Configuration:

Use network default settings: Enabled
Use HTTP 302 as the redirection method: Enabled
Enable HTTPS: No

Under Walled Garden:

You will need to add the required domains one by one. Click on New, enter the domain, and then click Apply. Please refer to this list.

Click Save

Next, click on RADIUS Settings and choose New. Configure with:

RADIUS Name: guest

Under Add a New RADIUS Server configure with:

IP Address/Domain Name: *insert radius_server here*
Server Type: Auth/Acct
Shared Secret: *insert radius_secret here*
Confirm Secret: as above
Server Role: Primary

Click Apply to add, and then click on New to add another:

IP Address/Domain Name: *insert radius_server2 here*
Server Type: Auth/Acct
Shared Secret: *insert radius_secret here*
Confirm Secret: as above
Server Role: Backup1

Click Apply again, and then click on Save

Under User Profile click on Add/Remove

Select default-profile and click Save

Further down the page, beside Advanced Settings click Edit

Click on Service Settings and beside ALG Services click the Plus (+) icon Configure with:

Name: guestwifi
DNS: Enabled
HTTP: Enabled

Click on Save and then Save again at the top right.

Finally, click on Continue at the top right.

You are now asked which of your access points you wish to push the new settings to (typically all your access points). Select all that apply, and click Update > Update Devices

Click Update.

 

To enable our SecurePass WiFi solution please complete the steps below. This enables a secure, seamless WiFi connection for repeat users.

Secure WiFi - PurpleConnex

Click Configure > Network Policies on the left menu, then click Add Network Policy and configure with:

What type of policy are you creating: Wireless
Policy Name: PurpleConnex

Click Next and the Wireless Networks screen will appear. Click + and choose All other Networks (standard), then configure with:

Name (SSID): PurpleConnex (or whatever you wish)
Broadcast Name: PurpleConnex (or whatever you wish)
SSID Authentication Enterprise (WPA/WPA2/WPA3)
Key Management: WPA2-8021X

Under Authentication SettingsAuthenticate via RADIUS Server, click + and configure with:

RADIUS Server Group Name: PurpleConnex_RADIUS

Click + to add a RADIUS server to the server group. Configure with:

Name: PurpleConnex_Rad1
IP/Host Name: rad1-secure.purple.ai
Server Type: Authentication: 1812
Accounting: 1813
Shared Secret: *insert_radius_secret_here*

Click Save External Radius and then + to add another RADIUS server to the server group. Configure with:

Name: PurpleConnex_Rad2
IP/Host Name: rad2-secure.purple.ai
Server Type: Authentication: 1812
Accounting: 1813
Shared Secret: *insert_radius_secret_here*

Click Save at the bottom right. Still on the Wireless Networks page, select the SSID you just created and click Next at the bottom right to assign the SSID to the Network Policy.

Hotspot 2.0

At present, the required Hotspot 2.0 settings can only be configured via CLI. We can use the supplemental CLI option to configure Hotspot 2.0. To use the supplemental CLI tool, click the User icon (top right) and then Global Settings VIQ Management. Enable the Supplemental CLI if not enabled.

Next, go back to ConfigureNetwork Policies at the top left, and click into the new SSID. Click the Additional Settings tab. Under Policy Settings on the left menu, click Supplemental CLI. The Supplemental CLI page appears. Verify that Supplemental CLI is ON. If not, enable it. Configure with:

Name: Hotspot
CLI Commands: 

hotspot profile PurpleConnex
hotspot profile PurpleConnex anqp-domain-id 0
hotspot profile PurpleConnex network-type 1 access-internet
hotspot profile PurpleConnex operator-name Purple language-code eng
hotspot profile PurpleConnex ip-type ipv4 3 ipv6 0
hotspot profile PurpleConnex domain-name securewifi.purple.ai
hotspot profile PurpleConnex nai-realm securewifi.purple.ai encoding-type 0
hotspot profile PurpleConnex nai-realm securewifi.purple.ai eap-method 21
security-object Cloud4Wi security protocol-suite wpa2-aes-8021x
ssid PurpleConnex hotspot-profile PurpleConnex
save configuration

Click Save at the bottom right. Click Next and select your APs to apply the policy. Click Upload at the bottom right and under Update Network Policy and Configuration, select Complete Configuration Update. (Delta Configuration Update is the default; you want a complete update). Click Perform Update.

Configuration Complete

The configuration is now complete.

Compartir en línea
¿Fue útil este artículo?
Usuarios a los que les pareció útil: 0 de 0