Ubiquiti UniFi

NOTE: You will require UniFi controller v5.7 or above in order to continue.


Log in to your UniFi controller and click the Setting icon (bottom left). 


On the left menu, under Wireless Networks click Create New Wireless Network and configure with:

  • Name/SSID: Guest WiFi (or whatever you wish)
  • Enabled: Enabled
  • Security: Open
  • Guest Policy: Enabled

Click Save to apply. Next, click on Guest Control configure with:

Under the Guest Policies header:

  • Enable Guest Portal: Enabled
  • Authentication: Hotspot
  • Default Expiration: 8 hours
  • Landing Page: Promotion URL - *insert redirect_url here*
  • Use Secure Portal: Disabled
  • Redirect using hostname: Disabled
  • Enable HTTPS Redirection: Disabled


Under the Portal Customization header:

  • Template Engine: AngularJS
  • Override Default Templates: Enabled


Under the Hotspot header:

  • RADIUS: Enabled


Under the RADIUS header:

Profile: click Create New RADIUS Profile and configure with:

   - Profile Name: guestwifi

   - RADIUS Auth Server: *insert radius_server_ip here*  Port: 1812  Password: *insert radius_secret here*
   click Add Auth Server and configure with:
   - RADIUS Auth Server: *insert radius_server2_ip here*  Port: 1812  Password: *insert radius_secret here*
   - Accounting: Disabled (this is not supported yet)


   Click Save to continue.


  • Authentication type: CHAP


Under the Access Control > Pre-Authorization header enter the following IP's:

  • *insert walled_garden_ip here*
  • *insert walled_garden2_ip here*


If you wish to support social network logins, you also need to add further IP's as per below for each network you plan to support

Facebook
31.13.24.0/21
31.13.64.0/18
45.64.40.0/22
66.220.144.0/20
69.63.176.0/20
69.171.224.0/19
74.119.76.0/22
103.4.96.0/22
129.134.0.0/16
157.240.0.0/16
173.252.64.0/18
179.60.192.0/22
185.60.216.0/22
204.15.20.0/22

Twitter
199.16.156.0/22
199.59.148.0/22
199.96.56.0/21
192.133.76.0/22

LinkedIn
91.225.248.0/23
103.20.94.0/23
108.174.0.0/22
108.174.4.0/24
108.174.8.0/22
108.174.12.0/23
144.2.0.0/22
144.2.192.0/24
216.52.16.0/23
216.52.18.0/24
216.52.20.0/23
216.52.22.0/24
65.156.227.0/24
8.39.53.0/24
185.63.144.0/24
185.63.147.0/24
199.101.161.0/24
64.152.25.0/24
8.22.161.0/24

 

NOTE: These IP ranges are subject to change depending on the social network setup.


Click Apply Changes to save.


Finally, you will need to modify two html on the controller so that it correctly redirects and authenticates. First of all, download the below two files:


Open the index.html file and at the top of this document you will see an item named "splashurl": Edit this so that it shows:


var splashurl = "*insert access_url here*";


Now, you need to copy these two html files to your UnifFi controller hotspot directory. This is typically located at the below location:

  • Windows: C:\Users\<username>\Ubiquiti UniFi\data\sites\default\app-unifi-hotspot-portal
  • MAC: ~/Library/Application Support/UniFi/data/sites/default/app-unifi-hotspot-portal
  • Linux: /usr/lib/unifi/sites/default/app-unifi-hotspot-portal
  • CloudKey: /srv/unifi/data/sites/default/app-unifi-hotspot-portal

(replace default in the folder structure with your site name if different)



Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.