Kiwire 3.0 Administrator - Device & Controller Setup Guide
Kiwire 3.0 Administrator - Device & Controller Setup Guide
Cambium Networks Configuration for Kiwire Hotspot
Cambium Networks Configuration for Kiwire Hotspot
Prerequisites
Before integrating the controller with Kiwire, it is necessary that the controller and access point:
-
are connected to the Internet
-
are reachable on the network
-
have an IP address assigned to the a through DHCP or static
Note:
-
Kiwire-hostname or Kiwire-ip can be obtain by contacting our technical support for our cloud customer. For enterprise client the ip will be on premises Kiwire ip address.
-
Social network hostname list can be obtained from Social network whitelist guide
Part 1: Cambium cnMaestro configuration
-
Login to your Cambium cnMaestro controller
-
Go to WLANs > Configuration > AAA Servers
-
Authentication Server
-
Host: Kiwire-hostname or Kiwire-Ip
-
Secret: create a secret pass phrase
-
Port: 1812
-
Timeout: 3 seconds
-
Attempts: 1
-
-
Accounting Server
-
Host: Kiwire-hostname or Kiwire-ip
-
Secret: secret same as authentication server
-
Port: 1813
-
Timeout: 3 seconds
-
Attempts: 1
-
Accounting Mode: Start-Interim-Stop
-
Accounting Packet: ticked
-
Interim Update Interval: 1800 seconds
-
-
Advanced Settings
-
NAS-Identifier: AP MAC address with capital letters and colon
-
Dynamic Authorization: ticked
-
Dynamic VLAN: ticked
-
Called Station ID: AP-MAC:SSID
-
-
Omaya 3.0 Administrator > Quick Setup > Dashboard
Documentation
Kiwire 3.0 Administrator > Cloud & Policy > Configuration
Kiwire 3.0 Administrator - Cloud & Policy
Policy - Configuration
This configuration module will configure the overall policy for Kiwire platform. To access the configuration module click on Policy > Configuration from the navigation.
Configuration – Main
The main tab enables you to configure the platform’s overall policy or default.
The field and its function description are listed below:
-
Auto disconnect user connected session when same user re-login
This will disconnect the current user connection when the same username is used. This is to resolve issue where user connection stalled without receiving disconnect packet by NAS and user want to login which prevent roaming ghost issue by some network.
* Note : This option will work for profile with one simultaneous device limit only.
-
Auto disconnect the longest idle device when same user re-login (Mikrotik Only)
This will disconnect the current user connection when the longest idle device when the same username is used. This is only for Mikrotik device only.
-
Suspend Users Account when credit has been exhausted
This will suspend all user account whose credit has been fully utilized. The policy will be applied to active database and archive database as well.
-
Remember user credential for the next login (user cookies must be enable)
This is the “remember me” function for user, where the username use by user to login will be recorded to their device, the subsequent login, user’s username will be automatically loaded and displayed.
-
Required two-factor authentication
This is a security process in which the user provides two different authentication factors to verify themselves to better protect both the user’s credentials and the resources the user can access.
-
Required Captcha
This is a security process which helps protect websites from spam and abuse.
-
Delete unverified account
This will delete the temporary access account after 5 minutes if the users does not verify their email address.
* Note : This option will work for users that using email verification sign-up.
-
Redirect login with wrong password
This will redirect user to specific page if wrong password has been input .
Configuration – MAC Security
The field and its function description are listed below:
-
MAC Auto Register
Enable Mac auto register will automatically register or update user account with user’s device MAC address when login.
-
Maximum number of MAC Address to be registered per account
Maximum number of MAC Address to be registered per account.
-
Allow registered MAC to login using the registered Account
This function will allow only registered MAC addresses to login.
Configuration – Autologin
The autologin tab lets you set auto login for the user to automatically reconnect to captive portal and login to network without entering their credential. This will help prevent captive portal fatigue and also enable auto login function to equipment that does not support mac autologin. The cookies auto login will store user login credential into the user browser the moment they login to network successfully, when they reconnect to the same network, Kiwire will check if the cookies exist or still valid, if valid it will auto login the users.
The field and its function description is listed below:
-
Cookies Autologin
Enable auto-login feature that allow user to login using browser cookies that is associated with the user account.
-
Cookies Validity
The time period that cookies will be valid until.
-
MAC Autologin
Enable auto-login feature that allow user to login using MAC address that is associated with the user account.
-
MAC Address Auto Login Days
The time period that MAC address will be valid until.
