Kiwire 3.0 Administrator - Device & Controller Setup Guide
Kiwire 3.0 Administrator - Device & Controller Setup Guide
Cambium Networks Configuration for Kiwire Hotspot
Cambium Networks Configuration for Kiwire Hotspot
Prerequisites
Before integrating the controller with Kiwire, it is necessary that the controller and access point:
-
are connected to the Internet
-
are reachable on the network
-
have an IP address assigned to the a through DHCP or static
Note:
-
Kiwire-hostname or Kiwire-ip can be obtain by contacting our technical support for our cloud customer. For enterprise client the ip will be on premises Kiwire ip address.
-
Social network hostname list can be obtained from Social network whitelist guide
Part 1: Cambium cnMaestro configuration
-
Login to your Cambium cnMaestro controller
-
Go to WLANs > Configuration > AAA Servers
-
Authentication Server
-
Host: Kiwire-hostname or Kiwire-Ip
-
Secret: create a secret pass phrase
-
Port: 1812
-
Timeout: 3 seconds
-
Attempts: 1
-
-
Accounting Server
-
Host: Kiwire-hostname or Kiwire-ip
-
Secret: secret same as authentication server
-
Port: 1813
-
Timeout: 3 seconds
-
Attempts: 1
-
Accounting Mode: Start-Interim-Stop
-
Accounting Packet: ticked
-
Interim Update Interval: 1800 seconds
-
-
Advanced Settings
-
NAS-Identifier: AP MAC address with capital letters and colon
-
Dynamic Authorization: ticked
-
Dynamic VLAN: ticked
-
Called Station ID: AP-MAC:SSID
-
-
Omaya 3.0 Administrator > Quick Setup > Dashboard
Documentation
Generic Guide to Cloud Filter Activation
Manual configuration with dynamic IP
Configure in your Router the following filtered DNSs:
– 185.236.104.104
– 185.236.105.105
Setup the dynamic DNS service to synchronize your router as follow:
» Service Provider: “https://cloud.flashstart.com/” (click here if you cannot type a custom service)
» Username: webfilter username
» Password: webfilter password
After the test, once the router is connected, you will see a green light.
Now you need to deploy our DNSs in your network:
» by configuring our DNSs in your DHCP
» by manually configure our DNSs in your Clients
» by configuring our DNSs as “forwarders” in a Microsoft Active Directory Server
Tip: How to prevent a user to change webfilter DNSs?
» by enabling a redirection rule in your Router to divert all outgoing traffic to port 53 (tcp+udp, DNS) to our filtered DNSs.
» by blocking every outgoing traffic to port 53 (tcp+udp) except to our filtered DNSs.
(For further information, please ask to your Router manufacturer)