How to set up an External Captive Portal with a UniFi Controller

Defaut template

How to set up an External Captive Portal with a UniFi Controller



Print

How to set up an External Captive Portal with a UniFi Controller

Configuring your UniFi controller to redirect guests to Fydelia splash pages

Preparation

You will need:

  • A controller with the latest software version, which is one of the following:
    • CloudKey with an externally accessible IP or FQDN
    • Local controller with an externally accessible IP or FQDN
    • Cloud-based UniFi controller
  • A Fydelia account and splash page using the UniFi Entrance form

1. Creating a dedicated Admin Account for Fydelia

Fydelia requires a basic admin account on your site in order to be able to authenticate guest devices onto your network.

CLICK HERE to learn how to set up a new admin user on your controller.

2. Create a new Wireless network

Choose Wireless Networks and click create:

mceclip0.png

3. Enter an SSID name

For example: Fydelia Coffee Free WiFI

mceclip1.png

Leave it as an Open network (so no password required) and tick the Guest Policy option.

Guest Policy means that guests will be required to follow the Guest Control flow that we will set up now.
Note: if you disable guest policy, users will be allowed straight onto the internet with no captive portal or splash page.

4. Guest Control settings

Choose Guest Control from the left menu

mceclip2.png

5. Enable the guest portal and choose External portal server

mceclip3.png

6. Enter the IP address for Fydelia

The IP address for Fydelia is: 144.76.195.139

7. Configure redirection

In the redirection settings area, tick the first two and untick the HTTPS Redirection option:

mceclip5.png

Be sure to enter ondemand.fydelia.com in the hostname field.

Note: For the 3rd option, it is important not to enable HTTPS Redirection, as some devices will consider this as a hijack of the existing SSL connection, causing an invalid certificate error message.

8. Pre-authorization access

Add the IP and domain names:

9. Post-authorization access

mceclip7.png

If required, you can restrict guest access to sensitive subnets (e.g. cash tills, PDQ Handheld Devices, Printers etc) by restricting guests to specific subnets.

10. You’re all set

Any access points you now adopt to this site will automatically broadcast your SSID and redirect guests to your Fydelia splash page.

Table of Contents