Nomadix Access Gateway

From Social ID Developers
Jump to: navigation, search

This guide describes the configuration steps to enable an external captive portal in the Nomadix Access Gateway.

This guide was created using the following components:

  • Gateway: Nomadix AG 5800
  • Version: v8.7.016

Contents

AAA Settings

Go to Configuration > AAA, enable AAA Services and select the Internal Web Server option.

Internal Web Server

Configure the external captive portal as an internal web server using the following parameters:

  • Portal Page: check Enable
    • Portal Page URL: add the provided captive portal login URL
    • Parameter Passing: check Enable
    • Parameter Signing
      • Method: select None
      • Parameters: check all parameters (UI, MA, RN, PORT, SIP)
  • Usernames: check Enable

01-internal-web-server.png

RADIUS Settings

RADIUS Service Profile

Go to Configuration > Realm-Based Routing and click “Click here to add a new RADIUS service profile”.

Enable RADIUS Authentication and Accounting using the following parameters:

  • Unique Name: fill a name (e.g: CoffeeBean)
  • Authentication
    • Enabled RADIUS Authentication Service: checked
    • Protocol: select PAP
    • Primary
      • IP/DNS: the RADIUS primary server IP according to your environment/region
      • Port: the RADIUS primary server authentication port according to your environment/region
      • Secret Key: the provided RADIUS client secret
    • Secondary
  • Accounting
    • Enabled RADIUS Accounting Service: checked
    • Primary
    • Secondary

02-radius-service-profile.png

RADIUS Client

Go to Configuration > RADIUS Client.

In the Server Selection and Communication, choose the following options:

  • Default RADIUS Mode: select Fixed
  • Default RADIUS Service Profile: select the RADIUS service profile previously configured (e.g. CoffeeBean).

03-radius-client.png

Walled Garden

In the Walled Garden section, you need to configure the IPs and domains with allowed access for unauthenticated users. Get the list of hostnames you want to enable to unauthenticated users at our documentation.

In order to configure the walled garden for Nomadix Access Gateway, go to Configuration > Passthrough Addresses and enter each hostname by filling in the IP/DNS Name input and clicking Add.

04-passthrough-addresses.png

Customer Parameters

The summary of customer specific parameters is:

  • Configuration
    • AAA > Internal Web Server
      • Portal Page URL: add the provided captive portal login URL
    • Realm-Based Routing: the provided IP, port and shared secret for primary and secondary RADIUS servers on both Authentication and Accounting Services.
    • Passthrough Addresses: add the list of hostnames you want to allow for unauthenticated users at our documentation.
Personal tools
Namespaces
Variants
Actions
Navigation
Toolbox