HotspotSystem.com Installation Guide for Aruba Instant IAP
Important note: This solution requires a Hotspot Operator Account at HotSpotSystem.com. You can create an Operator Account here. If you would like to see what features you will be able to use with our solutions, click here. If you already have an Operator Account, then read on...
In this guide we set up the Aruba IAP series AP through the virtual controller, via the GUI. This runs in the AP itself.
- First you need to log in to the controller, then click New from the top left corner.
- Go ahead with the settings: Name (SSID) for your desired network name, Primary usage: Guest
- On the next page set Client IP assignment: Virtual Controller managed, then Client VLAN assignment: Default . (if you don't have a custom VLAN configuration set)
- Once you're done, you can click Next.
- On the following page: Splash page type: External From the dropdown choose New.
- Set the following:
Name: set as desired
Type: Radius Authentication
IP or hostname: customer.hotspotsystem.com
URL: /customer/hotspotlogin.php?nasid=operatorusername_locationID (replace operatorusername_locationID with your operator username and location ID, for example hotelwifi_3)
Port: 443
Use https: Enabled
Captive portal failure: Deny internet
Automatic URL whitelisting: Disabled
leave blank Redirect URL.
- Click OK to save.
- Then follow with WISPr: Disabled, MAC authentication: Disabled.
- Auth server 1, click the dropdown and choose: New.
Name is radius.hotspotsystem.com.
IP address is: 195.228.75.174
Auth port: 1812
Accounting port: 1813
Shared key: hotsys123
Retype key: hotsys123
Timeout: 5 sec
Retry count: 3
RFC 3576: Disabled
NAS Identifier: operatorusername_locationID (replace operatorusername_locationID with your operator username and location ID, for example hotelwifi_3)
Dead time: 5 min
- All other settings should be left blank.
- Click Ok to save.
- For Auth server 2, click the dropdown and choose: New.
Name is radius2.hotspotsystem.com.
IP address is: 85.25.150.36
Auth port: 1812
Accounting port: 1813
Shared key: hotsys123
Retype key: hotsys123
Timeout: 5 sec
Retry count: 3
RFC 3576: Disabled
NAS Identifier: your operator name_location ID
Dead time: 5 min
- All other settings should be left blank.
- Click Ok to save.
- Follow with the settings:
Load balancing: Disabled
Reauth interval: 24 hrs
Accounting: Use authentication servers
Accounting mode: Authentication
Accounting interval: 3 min
Blacklisting: fill out as desired, by default leave it blank.
Walled garden: Click the link "Blacklist: 0 Whitelist: 0" under the whitelist, please add the following domains individually by clicking New:
paypal.com, paypalobjects.com, worldpay.com, rbsworldpay.com, adyen.com, hotspotsystem.com,
a1.hotspotsystem.com, a2.hotpotsystem.com, a3.hotspotsystem.com, a4.hotspotsystem.com, a5hotspotsystem.com, a6.hotspotsystem.com, a7.hotspotsystem.com, a8.hotspotsystem.com, a9.hotspotsystem.com, a10.hotspotsystem.com, a11.hotspotsystem.com, a12.hotspotsystem.com, a13.hotspotsystem.com, a14.hotspotsystem.com, a15.hotspotsystem.com, a16.hotspotsystem.com, a17.hotspotsystem.com, a18.hotspotsystem.com, a19.hotspotsystem.com, a20.hotspotsystem.com, a21.hotspotsystem.com, a22.hotspotsystem.com, a23.hotspotsystem.com, a24.hotspotsystem.com,
a25.hotspotsystem.com, a26.hotspotsystem.com, a27.hotspotsystem.com, a28.hotspotsystem.com,
a29.hotspotsystem.com, a30.hotspotsystem.com
For Hotspot FREE SOCIAL locations: you need to add several domains/hosts to the allowed field in order to allow users to log in to there favorite social site. Please follow this article to add these domains/hosts to the whitelist.
- Click Next and use the following:
- Set Role based. Under Roles click New and type Preauthentication as the name.
- Under Access Rules for Preauthentication click New and add the following rule:
Rule type: Access control
Service: Network – any
Action: Allow
Destination: to domain name
Domain name: the domain you want to be accessible
first enter: hotspotsystem.com , click Ok to save.
- You have to add a rule for all domains here:
paypal.com, paypalobjects.com, worldpay.com, rbsworldpay.com, a1.hotspotsystem.com, a2.hotpotsystem.com, a3.hotspotsystem.com, a4.hotspotsystem.com, a5hotspotsystem.com, a6.hotspotsystem.com, a7.hotspotsystem.com, a8.hotspotsystem.com, a9.hotspotsystem.com, a10.hotspotsystem.com, a11.hotspotsystem.com, a12.hotspotsystem.com, a13.hotspotsystem.com, a14.hotspotsystem.com, a15.hotspotsystem.com, a16.hotspotsystem.com, a17.hotspotsystem.com, a18.hotspotsystem.com, a19.hotspotsystem.com, a20.hotspotsystem.com, a21.hotspotsystem.com, a22.hotspotsystem.com, a23.hotspotsystem.com, a24.hotspotsystem.com,
a25.hotspotsystem.com, a26.hotspotsystem.com, a27.hotspotsystem.com, a28.hotspotsystem.com,
a29.hotspotsystem.com, a30.hotspotsystem.com
For Hotspot FREE SOCIAL locations: you need to add several domains/hosts to the allowed field in order to allow users to log in to there favorite social site. Please follow this article to add these domains/hosts to the whitelist.
Finally please go to the Control Center > Manage > Locations > your location > Modify hotspot data > Splash page settings >Internal login/Logout URL set and modify it to Aruba.