cancel
Showing results for 
Search instead for 
Did you mean: 

Cloudpath Enrollment System integration with Cisco Wireless LAN Controller-Redirect (9800 IOS-XE)

vijaykuniyal
RUCKUS Team Member

This article explains setting up a Cisco Wireless Controller (9800 IOS-XE) with Cloudpath Enrollment System for redirection of on-boarding SSID.

NOTE: This document does not include Cloudpath workflow setup, it is assumed that workflow is configured on Cloudpath.

Contents

  • Prerequisites
  • Configure ACL
  • Configure Webauth Profile
  • Configure AAA Server
  • Configure AAA Method List
  • Configure WLAN


 Prerequisites
Before you can configure Cloudpath and Cisco WLAN Controller for webauth, you must have the following set up in your network.

  • Cisco Wireless LAN Controller configured in your network.
  • IP address of Cloudpath system.
  • A Cloudpath enrollment workflow configured for your network.


Configure ACL(Configuration>>>>Security>>>ACL)

  1. Click on Add option to configure a pre-authentication ACL to allow access from the controller to and from Cloudpath.
  • 1.a   Click on the Add button to add acl, from seq number 10  to 40, IP shown in source and destination is Cloudpath IP, rest of the acl same as below.

vijaykuniyal_8-1656435207685.jpegConfigure Web-auth profile(Configuration>>>>Security>>>Web Auth)

  1. Click on Add option to configure a webauth profile
  • 1.a            Name the profile.
  • 1.b            Set Type as webauth.
  • 1.c             Set Redirect for Log-in as Cloudpath Workflow URL.
  • 1.d            Portal IPv4 address as Cloudpath IP address

vijaykuniyal_9-1656435263928.jpeg

vijaykuniyal_10-1656435284677.jpegConfigure AAA Server(Configuration>>>>Security>>>AAA)

  1. Click on Add option to add radius server details
  • 1.a          Name the profile.
  • 1.b          Set Server Address as Cloudpath IP/hostname.
  • 1.c/1.d    Set Key/Confirm Key same as configured under radius in Cloudpath.
  • 1.e/1.f     Set Auth/Acct port as defined under radius in Cloudpath.

vijaykuniyal_16-1656438252926.jpeg

 

Configure AAA Method List(Configuration>>>>Security>>>AAA>>>AAA Method List)
Authentication

  1. Click on Add option to add radius server details
  • 1.a            Name the Method List name
  • 1.b            Assigned Server Groups as created in the previous step.

vijaykuniyal_12-1656435382173.jpegAuthorization

  1. Click on Add option to add radius server details
  • 1.a            Name the Method List name
  • 1.b            Assigned Server Groups as created in the previous step.
 

vijaykuniyal_13-1656435390636.jpegConfigure WLAN(Configuration>>>>Tags and Profiles>>>WLANs)
Security Layer 2 >>>None

  • Add Authorization List created in previous step

vijaykuniyal_14-1656435435145.jpegSecurity Layer 3>>>WebPolicy

  • Add webauth profile created in AAA Method List above.
  • Add Authentication List created AAA Method List above.

vijaykuniyal_15-1656435451104.jpeg


 

Vijay Kuniyal

Staff Technical Support Engineer

CCNA RnS | CCNA Wireless | CWNA | RASZA | Meraki CMNO | RACPA
0 REPLIES 0