Go back to the SpotOn homepage
  1. All Collections
  2. Integraties
  3. Cisco (WLC Managed)
Image

Cisco (WLC Managed)

Cisco (WLC Managed) integration

Avatar

By Niek Giavedoni

June 21, 2023


1200px Cisco logo.svg 1200px Cisco logo.svg



Purpose

This guide shows how to setup a Cisco WLC based WiFi network for SpotOn.


Prerequisites

Your Cisco APs should already be integrated with WLC. It is recommended to update your device firmwares to the latest available version. This setup has been tested on Cisco WLC v8.5.140.0.


You will require a RADIUS password and a Custom URL from the SpotOn Support team. Chat with us, send an e-mail ([email protected]) or give us a call (050 211 5201).


Network Setup

The first step in integrating SpotOn is to setup AAA. Under the Security section go to RADIUS and then select Authentication. Click on New to add a new RADIUS Server:

IP Address: 49.13.14.122
Port Number: 1812 
Shared Secret: Ask the SpotOn team for the RADIUS password


1 radius auth 1 radius auth


Click Apply to save settings. Similarly, under RADIUS -> Accounting add a new accounting server with these settings:

IP Address: 94.124.94.160 
Port Number: 1813 
Shared Secret: Ask the SpotOn team for the RADIUS password

Click Apply to save settings. Go to Access Control Lists and add a new IPv4 Access Control List (or a new FlexConnect ACL if you’re using FlexConnect) and name it guest_preauth:


2 acl 2 acl


Hover your mouse’s pointer on the blue arrow and select Add-Remove URL:


4 acl 4 acl


Add all the URLs given here one by one to it.


5 url 5 url


Go to Web Auth and select Web Login Page. Select External as the Web Authentication Type and enter the External Webauth URL:

https://portal.spotonwifi.com/auth/vendor/[YOUR CUSTOM ID]/cisco_wlc

Note: SpotOn support can provide you your CUSTOM ID.


6 web auth 6 web auth


Click Apply to save. Now go to WLANs and open your WLAN profile. Go to Security -> L3 Security and select Web Policy in “Layer 3 Security”. In “Preauthentication ACL” select guest_preauth. Check “Override Global Config”, select External as “Web Auth Type” and enter your Redirect URL:


7 security 7 security


Click Apply to save settings.

Go to AAA Servers tab and enable Authentication and Accounting Servers like this:


aaa123 aaa123


Set the Authentication priority like this:


9 order 1 9 order 1


Go to Advanced tab and check Allow AAA Override option:


10 aaa 10 aaa


Click Apply to save settings.

In the Management tab select HTTP-HTTPS and configure the following settings:


111 http 111 http


Click Apply to save settings. The configuration is now complete.


IMAGE