Bienvenido a Soporte Purple

Alcatel-Lucent (Controller-based)

  • Actualización

Important Note

You must add the MAC address of the Controller to your portal under the Hardware tab. Choose "Alcatel-Lucent AP (Controller based)" as the type. The MAC is printed on the sticker on the back of the Controller, or you can retrieve it by going to the "Monitoring > Controller Summary" page on the Controller web interface.

Login and Initial Setup

Login to your Alcatel-Lucent controller web interface and click Configure.

On the left, under Wizards, choose Campus WLAN.

Under the WLANs box, click New. Enter Guest WiFi as the name (or whatever you want the SSID to be).

WLAN Configuration

Click Next and configure with:

Forwarding Mode: Tunnel (unless you have an existing setup)

Click Next and configure with:

Radio Type: All
Broadcast SSID: Yes
VLAN: 1 (unless you have a specific VLAN to use)

Click Next and configure with:

Is this WLAN intended for internal or guest?: Guest

Click Next and configure with:

Captive portal with authentication via credentials: Selected

Click Next and then Next again on the Captive Portal options page.

Authentication Server Configuration

On the Specify Authentication Server page, click Add and configure with:

Server type: RADIUS
Name: guest1
IP Address: *insert radius_server here*
Auth port: 1812
Acct port: 1813
Shared key: *insert radius_secret here*
Retype key: as above

Click OK and then Add again, this time configuring with:

Server type: RADIUS
Name: guest2
IP Address: *insert radius_server2 here*
Auth port: 1812
Acct port: 1813
Shared key: *insert radius_secret here*
Retype key: as above

Click OK and then Next and configure with:

Pre-authentication role: Guest WiFi-guest-logon
Authenticated role: guest

Click Next and then Finish to confirm.

Advanced Services Configuration

Next, under Advanced Services on the left, click on Stateful Firewall. Select the Destination tab and click on Add. Configure with:

IP Version: IPv4
Destination Name: guestwifi

Click the Add button and configure with:

Type: name
Domain Name: *insert access_domain here*

Click Add to save and add all the required domains one by one. Please refer to this list.

Click Apply to save.

Security Configuration

Next, under Security on the left, click Authentication.

Select the L3 Authentication tab and then click on Guest WiFi-cp_prof entry. Configure with the following:

Default Role: guest
Default Guest Role: guest
Redirect Pause: 0
User Login: Enabled
Guest Login: Disabled
Logout popup window: Disabled
Use HTTP for authentication: Enabled
Authentication Protocol: PAP
Login page: *insert access_url here*?acmac=<controller-mac>&
Welcome page: *insert redirect_url here*&acmac=<controller-mac>&
Show Welcome page: Enabled
Add switch IP in redirection URL: Enabled
White List: Add guestwifi from the list
User idle timeout: 3600

Click Apply to save.

AAA Profiles Configuration

Next, select the AAA Profiles tab and click on Guest WiFi-aaa_prof. Configure with:

Initial role: Guest WiFi-guest-logon
RADIUS Interim Accounting: Enabled

Click Apply to save.

RADIUS Accounting Server Group Configuration

Next, click on the RADIUS Accounting Server Group and configure with:

RADIUS Accounting Server Group: Guest WiFi-srvgrp-xxx (where xxx is a random number)

Click Apply to save.

RADIUS Server Configuration

Next, select the Servers tab and click on RADIUS Server then guest1. Leave all settings as they are except:

Mode: Enabled
MAC address delimiter: Dash

Click Apply to save.

Next, click on RADIUS Server then guest2. Leave all settings as they are except:

Mode: Enabled
MAC address delimiter: Dash

Click Apply to save.

Save Configuration

Finally, click Save configuration at the top and reload/reboot the controller to ensure all settings take effect.

Compartir en línea
¿Fue útil este artículo?
Usuarios a los que les pareció útil: 0 de 0