Kiwire 3.0 Administrator - Device & Controller Setup Guide
Kiwire 3.0 Administrator - Device & Controller Setup Guide
Cambium Networks Configuration for Kiwire Hotspot
Cambium Networks Configuration for Kiwire Hotspot
Prerequisites
Before integrating the controller with Kiwire, it is necessary that the controller and access point:
-
are connected to the Internet
-
are reachable on the network
-
have an IP address assigned to the a through DHCP or static
Note:
-
Kiwire-hostname or Kiwire-ip can be obtain by contacting our technical support for our cloud customer. For enterprise client the ip will be on premises Kiwire ip address.
-
Social network hostname list can be obtained from Social network whitelist guide
Part 1: Cambium cnMaestro configuration
-
Login to your Cambium cnMaestro controller
-
Go to WLANs > Configuration > AAA Servers
-
Authentication Server
-
Host: Kiwire-hostname or Kiwire-Ip
-
Secret: create a secret pass phrase
-
Port: 1812
-
Timeout: 3 seconds
-
Attempts: 1
-
-
Accounting Server
-
Host: Kiwire-hostname or Kiwire-ip
-
Secret: secret same as authentication server
-
Port: 1813
-
Timeout: 3 seconds
-
Attempts: 1
-
Accounting Mode: Start-Interim-Stop
-
Accounting Packet: ticked
-
Interim Update Interval: 1800 seconds
-
-
Advanced Settings
-
NAS-Identifier: AP MAC address with capital letters and colon
-
Dynamic Authorization: ticked
-
Dynamic VLAN: ticked
-
Called Station ID: AP-MAC:SSID
-
-
Omaya 3.0 Administrator > Quick Setup > Dashboard
Documentation
Kiwire 3.0 Administrator > Integration > Active Directory
Kiwire 3.0 Administrator - Integration
Integration - Active Directory
Active Directory module lets you to authenticate user authentication via their credential with your existing Microsoft Windows server active directory. In this module, objects are organised in a number of levels such as domains, trees and forests. At the top of the structure is the forest. A forest is a collection of multiple trees that share a common global catalog, directory schema, logical structure, and directory configuration. In a multi-domain forest, each domain contains only those items that belong in that domain. Global Catalog servers provide a global list of all objects in a forest. Kiwire allow you to map active directory user associated groups with a local Kiwire profiles.
How it Works?
-
Send credential to Kiwire, which itself will connect to Microsoft Active Directory services and perform authentication on behalf.
-
If request is to primary forest tree domain, active directory will check with its domain for correct node to perform authentication.
-
Active directory will revert the authentication status.
-
A locally assigned profile will attached to the user’s authentication. Kiwire will send the local assign profiles to NAS and let user connect to network.
-
The profile and authorization will be send to the NAS and user will be able to connect.
For Kiwire to authenticate with your Microsoft Active Directory, you are required to provide a read only domain administrator privileges account in order to authenticate user active directory credential.
Manage Active Directory Connection
To access the active directory module, click on Integration > Active Directory from the navigation. This includes main and mapping for Kiwire platform.
Note: Please save the setting before click on test button.
The field and its function description is listed below.
NOTE: You can use diagnostic active directory to verify if your configuration are successful. If there is connection or credential issue the error will be displayed. To determine your Base DN, please refer to your active directory setup.
Active Directory Mapping
One of Kiwire new feature is capability to map active directory users groups with a local profile. This allow you assign relative local profile such as different groups with different profiles. The mapping screen will list all associated active directory groups [Group name] with the local profile [Link to profile]. If a user is a member of multiple groups, the priority will determine which profile the user will be assigned to. Please save the active directory configuration prior using the Mapping function.
The field and its function description is listed below.
Add New Active Directory
Click on “Add Active Directory” button and populate the required fields. Fill in the field with relevant information to complete the process.
The field and its function description is listed below.
EDIT OR DELETE ACTIVE DIRECTORY
Click the edit icon on the listing screen to edit the setting of the active directory. The edit screen be display which you can edit the setting of the active directory. Click on the delete icon to delete the active directory. A prompt will be display to ask for your confirmation to proceed to delete the active directory. Please exercise with cautions as this not a reversible action.