Kiwire 2.0 Documentation

  1. Home
  2. Docs
  3. Kiwire 2.0 Documentation
  4. Device & Controller Setup Guide
  5. Cisco WLC Configuration for Kiwire

Cisco WLC Configuration for Kiwire

A. Cisco WLC with Flex Connect AP Configuration
Step 1 – Change RADIUS authentication settings.

  • Go to SECURITY > RADIUS > Authentication
  • Set Auth Called Station ID Type to AP MAC Address:SSID
  • Set MAC Delimiter to Hyphen
  • Take note that the Server Address (Ipv4/Ipv6) column is displaying the current Kiwire IP address which will be needed later


Step 2 – Edit the server with the following settings:

  • Set Shared Secret Format to ASCII
  • Set Shared Secret code to be the same key with Kiwire NAS
  • Confirm Shared Secret code in the next input box and proceed
  • Set Server Status to Enabled
  • Set Support for CoA to Enabled


Step 3 – Configure RADIUS accounting server.

  • Go to SECURITY > RADIUS > Accounting
  • Set Acct Called Station ID Type to System MAC Address
  • Set MAC Delimiter to Hyphen


Step 4 – Edit the RADIUS accounting server with the following settings:

  • The Server Address (Ipv4/Ipv6) column is displaying the current Kiwire IP address
  • Set Shared Secret Format to ASCII
  • Set Shared Secret code to be the same key with Kiwire NAS
  • Confirm Shared Secret code in the next input box and proceed
  • Set Server Status to Enabled


Step 6 – Add access control rules for inbound server.

  • Locate Source input row select IP Address
  • Fill in the input field with the Kiwire IP Address and Netmask
  • Set Destination to Any
  • Set Protocol to Any
  • Set DSCP to Any
  • Set Direction to Inbound
  • Set Action to Permit


Step 7 – Add access control rules for outbound server.

  • Locate Source input row select Any from the dropdown option
  • Fill in the input field with the Kiwire IP Address and Netmask
  • Set Destination to IP Address from the dropdown option
  • Set Protocol to Any from the dropdown option
  • Set DSCP to Any from the dropdown option
  • Set Direction to Outbound from the dropdown option
  • Set Action to Permit from the dropdown option


Step 8 – Configure the web login page.

  • Go to SECURITY > Web Auth > Web Login Page
  • Set Web Authentication Type to External (Redirect to external server)
  • Set External Webauth URL to http://kiwire-ip/user/cisco_login.php in the input box


Step 9 – Go to WLANs > WLANs

Step 10 – Edit the CISCO_Kiwire WLAN with the following settings:

  • Select General category tab on the right menu
  • Set Profile Name to your desired profile name in the input box
  • Set SSID to a SSID name you had created
  • Set Status to Enabled
  • Set Interface/Interface Group(G) to either option based on your captive portal interface
  • Set NAS-ID to your Cisco WLC MAC address


Step 11 – Go to WLANs > Security > Layer 3

  • Set Layer 3 Security to Web Policy
  • Select Authentication from the list of radio buttons below
  • Set Preauthentication ACL to choose ACL for IPv4 and WebAuth FlexACL


Step 12 – Go to WLANs > Security > AAA Servers

  • At the Authentication Servers column select Kiwire server and place a checkmark on enabled
  • At the Accounting Servers column select Kiwire server and place a checkmark on enabled
  • Place a checkmark on Interim Update to enable and set desired time
  • Locate Authentication priority order for web-auth user section and set to user: RADIUS


B. Kiwire ConfigurationStep 1 – Add a new NAS.

  • Go to Devices > NAS
  • Set Device Type to Cisco WLC
  • Set NAS Identifier to the Cisco WLC MAC address
  • Set IP Address to the Cisco WLC MAC address
  • Set the Shared Secret Key to the same Cisco WLC shared key configured earlier
  • Set COA Port to 1700


Step 2 – Configuration is now complete.

Was this article helpful to you? Yes No

How can we help?