OBIFI

Navigate to Security &gt; AAA &gt; Radius &gt; Authentication section. 

Click the Add New button to add a new Radius Server.

Enter the following values in their respective fields::

Navigate to the Access Control Lists menu. (If you are using FlexConnect, navigate to the FlexConnect ACLs menu.)

Enter a name in the Access Control List Name.

Click the Add-Remove URL button. Add the domains listed below one by one:

- Enter a name in the Access Control List Name.
- Select Permit in Action.
- Click on the ACL entry you created.
- Click the Add-Remove URL button. Add the domains listed below one by one:
 - obifi.io
 - obifi.com

Create a new WLAN with 'Create New &gt; Go' or select an existing WLAN.

Enter a name in the Profile Name section.

Enter the desired WiFi SSID for your visitors in the SSID section.

Click the Apply button to apply the changes.

- Select Section as WLAN.
- Enter a name in the Profile Name section.
- Enter the desired WiFi SSID for your visitors in the SSID section.
- Click the Apply button to apply the changes.

Make the following changes in the General tab of the added WLAN:

Select Enabled in the Status section.

- Select Enabled in the Status section.

Select the Layer 2 tab by choosing the Security tab.

Set Layer 2 Security to None.

- Set Layer 2 Security to None.

Switch to the Layer 3 tab and make the following changes:

Choose Web Policy for Layer 3 Security.

Select your WLAN Name as the Pre-authentication ACL.

Choose Override Global Config Enable.

Select External as the Web Auth type

Enter <a href="http://portal-app.obifi.com" target="_blank" rel="nofollow noopener noreferrer">http://portal-app.obifi.com</a> as the Redirect URL.

- Check the Authentication option.
- Select your WLAN Name as the Pre-authentication ACL.
- Choose Override Global Config Enable.
- Select External as the Web Auth type
- Enter <a href="http://portal-app.obifi.com" target="_blank" rel="nofollow noopener noreferrer">http://portal-app.obifi.com</a> as the Redirect URL.

Navigate to the AAA Servers tab and make the following changes:

Select Radius Server you created before in Server 1.

Accounting Servers Enabled olarak işaretleyiniz.

Select Interim Update Enabled and set the value to 600

For Authentication priority order for web-auth user (Not Used), choose LOCAL and LDAP.

For Authentication priority order for web-auth user (Order Used For Authentication), choose RADIUS.

- Enable Authentication Servers.
- Select Radius Server you created before in Server 1.
- Accounting Servers Enabled olarak işaretleyiniz.
- Select Interim Update Enabled and set the value to 600
- For Authentication priority order for web-auth user (Not Used), choose LOCAL and LDAP.
- For Authentication priority order for web-auth user (Order Used For Authentication), choose RADIUS.

Go to the Advanced tab and make the following changes:

Enter the session timeout time in seconds (e.g., 50400 for 24 hours).

After completing the steps, click the Apply button to save the changes.

- Enable Session Timeout.
- Enter the session timeout time in seconds (e.g., 50400 for 24 hours).
- After completing the steps, click the Apply button to save the changes.

In the Management section, select the HTTP/HTTPS menu on the left-hand side of the page and make the following changes:

Choose Disabled for WebAuth SecureWeb.

Choose Disabled for HTTPS Redirection.

- Choose Disabled for WebAuth SecureWeb.
- Choose Disabled for HTTPS Redirection.

You have successfully completed the setup and can now test it.

Feel free to contact us for support with the setup.

Follow the steps below to manage visitor authentication on Cisco using Obifi Hotspot.

Server Ip Address :	138.197.180.226
Shared Secret:	YeT2dXVs6D
Confirm Shared Secret:	YeT2dXVs6D

Radius Server Configuration

Creating ACL Groups

WLAN Settings