β οΈ Important: The system has been tested on UniFi OS version 9.0. Version 7.4 and above introduced the UniFi API authentication method used by Wireless Social.
Guest WiFi configuration
To configure the Guest WiFi via on your UniFi access points, firstly log in to your UniFi controller interface, then follow each of the sections below in order.
Guest Network and Hotspot Configuration
To configure the guest network and hotspot, follow the steps below:
Go to Settings and select WiFi.
If you donβt have an open network created; click Create New, otherwise edit the existing network you would like to use. Use the following settings:
Name: e.g _Venue Name Guest WiFi.
Advanced: Manual.
Hotspot: Captive Portal.
Security Protocol: Open.
Click Apply Changes to save or click Add WiFi Network to save.
On the left-hand menu click the Insights
icon, and then select Hotspot.
Click Landing Page at the top of the screen. Enable the Landing Page if prompted.
On the right-hand sidebar, on the Branding
tab, scroll down to the bottom and add the following URL under the Success Landing Page section:Click Save.
Next, click Authentication
and choose External Portal Server under the One Way Methods section.π Note: Ensure all other Authentication Methods are disabled first.
Enter 0.0.0.0 as the External Portal Server address and click save.
Click Save.
Next, still on the right-hand sidebar, click the Settings
icon. Configure with:Default Expiration: 8 Hours.
Show Landing Page: Yes.
HTTPs Redirection Support: No.
Encrypted URL: No.
Secure Portal: Yes.
Domain: Enable and enter: unifi-wifi.wireless-social.com
Authorization Access: Under Pre-Authorization rules add all of the following walled garden domains. There may also be other relevant regional accounts if your venue is outside of the UK or US that you will need to add.
Click Save to confirm.
API Access
To configure the API access; follow the instructions below for your controller type:
Create an Admin user on your UniFi Dream Machine or CloudKey Gen2
To configure an Admin user on your Dream Machine controller, follow the steps below:
On the bottom left, click the Admin & Users
icon.Click Create New and then Create New User. Enter the following:
Enter the First Name and Last Name.
Admin: Enable.
Create a Username and Password and make a note of this.
β οΈ Important: You will need to send this information to the Support team and is essential for completing the set up.
Use a Predefined Role: Enabled.
Role: Super Admin.
π€ Tip: We recommend that you create the new user as a Super Admin. This will only be used for API access to authenticate clients and give their devices access to the internet at the venue.
Click Create to save.
Create an Admin user on your UniFi Network Application
To configure an Admin user on your network application, follow the below steps:
On the left-hand menu, click the Admins
icon.In the top right corner click the plus
icon and then configure with the following:Remote Access: Disable.
Email: enter your chosen email.
Username: enter your chosen username and make a note of this.
Set Admin Password: Enable.
Temporary: set a password.
Role: Site Administrator.
β οΈ Important: You will need to send your Username and Password to the Support team, this is essential for completing the set up.
Click Invite to save.
UniFi Firewall set up
π€ Tip: If you don't have an in-built UniFi Firewall, skip to the External Firewall rules section.
If your UniFi controller has an in-built firewall, please follow the instructions below to configure the UniFi Firewall rules.
From the left hand menu, click the Settings
icon, then select Policy Engine and choose the Traffic & Firewall Rules tab.Click Create Entry and then choose the Advanced option. Configure with the below:
Type: Internet In.
Name: WS API Access.
Action: Accept.
Protocol: TCP.
Under the Source section configure with the below:
Source Type: Object.
Address Group: click New. In the menu box that opens, enter the following:
Name: Guest WiFi Auth IP Addresses
Click Add Multiple and enter the all of the below IP addresses:
18.134.235.222.
18.134.223.213.
188.39.31.210.
Click Add.
Click Create to save.
Port Object: Any.
Next, under the Destination section configure as follows:
Destination Type: Object.
Address Group: Any.
Port Group: Click New. In the new menu screen enter the below settings:
Profile Name: Guest Wifi Auth Port.
Port: 443.
Click Create to save.
Click Add Rule to save.
External Firewall rules set up
If your UniFi Controller is behind a router or firewall or you do not have an in-built UniFi Firewall you will need to set up a port forward or firewall rule to allow this.
Please create a new port forward or firewall rule with the following:
Local/Internal IP: Your UniFi Controller Internal LAN IP - e.g. 192.168.0.1.
Protocol: TCP.
Destination Port: 443 - for UDM/UDW/UDR/CloudKey Gen2.
β οΈ Important: Guests must be able to access the controller for the login page to be loaded, please ensure that guests on your public network can access the controller via its IP or domain-name to the port you run the hotspot controller on. The default port is 8880.
Contact Support
The final step is to send the following information to the Support team:
Local/Internal IP: Your UniFi Controller Public facing IP e.g. 192.168.0.1.
Username.
Password.
Support will add these details into our portal to complete the set up.
π Note: this is the username and password you created in the earlier API set up section.