Kiwire 3.0 Administrator - Device & Controller Setup Guide
Kiwire 3.0 Administrator - Device & Controller Setup Guide
Cambium Networks Configuration for Kiwire Hotspot
Cambium Networks Configuration for Kiwire Hotspot
Prerequisites
Before integrating the controller with Kiwire, it is necessary that the controller and access point:
-
are connected to the Internet
-
are reachable on the network
-
have an IP address assigned to the a through DHCP or static
Note:
-
Kiwire-hostname or Kiwire-ip can be obtain by contacting our technical support for our cloud customer. For enterprise client the ip will be on premises Kiwire ip address.
-
Social network hostname list can be obtained from Social network whitelist guide
Part 1: Cambium cnMaestro configuration
-
Login to your Cambium cnMaestro controller
-
Go to WLANs > Configuration > AAA Servers
-
Authentication Server
-
Host: Kiwire-hostname or Kiwire-Ip
-
Secret: create a secret pass phrase
-
Port: 1812
-
Timeout: 3 seconds
-
Attempts: 1
-
-
Accounting Server
-
Host: Kiwire-hostname or Kiwire-ip
-
Secret: secret same as authentication server
-
Port: 1813
-
Timeout: 3 seconds
-
Attempts: 1
-
Accounting Mode: Start-Interim-Stop
-
Accounting Packet: ticked
-
Interim Update Interval: 1800 seconds
-
-
Advanced Settings
-
NAS-Identifier: AP MAC address with capital letters and colon
-
Dynamic Authorization: ticked
-
Dynamic VLAN: ticked
-
Called Station ID: AP-MAC:SSID
-
-
Omaya 3.0 Administrator > Quick Setup > Dashboard
Documentation
Ubiquiti-UAP
Configure the Filter on Ubiquiti UAP devices
You can activate the cloud content filter on any model of Ubiquiti by these steps:
If you haven’t registered yet, you can do it now for free here: Click here to register
Connect to the dashboard by entering the IP address in your browser. Then insert your credentials to log in.
1. First of all, you need to change the DNS of the device.
To do that, click on the [Network] menu and open the [WAN Network Settings] submenu.
Type 185.236.104.104 in the Primary DNS IP field and 185.236.105.105 in the Secondary DNS IP field.
2. Now you need to configure the dynamic DNS service. To do that, open the [Services] menu, enable ‘Dynamic DNS’ and configure it this way:
» Service: Choose the Dyndns.org service. IMPORTANT: you do not have to register on dyndns.org; the service works anyway because the servers redirect the request to themselves.
» Host Name: Type in the word filter.
» User Name: Type in the cloud content filter’s registration email/username.
» Password: Type in the cloud content filter’s password.
» Click on [Change] to apply the changes.
You can now enable and configure the DHCP server to distribute the content filter’s DNS to the devices within your network.
To do that, open the [LAN Network Settings] submenu in the same page and enable the DHCP server. Then fill in the following fields:
» Range Start: Insert the first IP of the DHCP range.
» Range End: Insert the last IP of the DHCP range.
» Netmask: Insert the subnet mask of your network.
» Lease Time: Choose a DHCP lease time (in seconds).
» Primary DNS IP: Type in 185.236.104.104 as the filter’s primary DNS.
» Secondary DNS IP: Type in 185.236.105.105 as the filter’s secondary DNS.
» Finally, click on [Change] to apply the configuration.
Alternatively, you can manually change the DNS of the devices that you want to filter.
Optional: Deny DNS Changes by User
You can enforce security by disabling DNS changes by users. To do this, you can proceed this way:
» Click on [Network] and open the [Firewall] menu.
» Now you need to create rules to block all traffic on port 53 (DNS Service), TCP and UDP, except on the filter’s DNS servers.
See the image below to understand how to create these rules.
