Aruba IAP: Quick Setup Guide


Prerequisites:

1. Open a ticket with Wavespot and provide MAC-address of the IAP. Provide your full name and a phone number in the ticket for follow up. You should proceed with the next steps only after you have received confirmation of receipt from an account representative. 


Integrating Aruba IAP with Wavespot Cloud using Aruba Central:

1.
 Login to the Aruba central web interface and click on Configuration

2. On the left menu, Under Wireless Configuration choose Networks

3. Click on Create New and configure as per below:

    a. Type: Wireless

    b.Name (SSID): Wavespot WiFi 


    c.Primary Usage: Guest


4. Click Next and configure the following:

   a. Client IP Assignment: Virtual Controller Assigned.


5. Click Next and configure with the following:

  1. Splash Page Type: External

  2. Captive Portal Profile: Choose New... and configure with:

               i. Name: wavespotwifi
               ii. Type: Radius Authentication
               iii. IP or Hostname: Shared Separately
               iv. URL: /login.php
               v. Port: 80
               vi. Use HTTPS: Unticked
               vii. Captive Portal Failure: Deny Internet
               viii. Automatic URL Whitelisting: Ticked
               ix. Redirect URL: Leave Blank

c. Click Save
d. WISPr: Disabled

e. Encryption: Disabled
f. MAC Authentication: Disabled
g. Authentication Server 1: Choose New... and configure with:
  1. Name: wavespotradius

  2. IP Address: Shared Separately

  3. Shared Key: Shared Separately

  4. Retype Key: as above

  5. Auth Port: Shared Separately

  6. Accounting Port: Shared Separately

  7. NAS Identifier: MAC of the AP

  8. All other values should be left at their defaults.

h. Click on Save Server



i. Authentication Server 2: Leave on Select
j. Load Balancing: Disabled
k. Reauth Interval: 24 hrs
l. Accounting: Enabled
m. Accounting Mode: Authentication
n. Accounting Interval: 1 min
o. Blacklisting: Disabled
p. Walled Garden: Click on 0 blacklist, 0 whitelist and configure with:
     i. Under Whitelist click on New and enter the below domains:

        1. Facebook: facebook.com,facebook.net,fbcdn.net.akamaihd.net

        2. Twitter: twimg.com,twitter.com,twitter-any.s3.amazonaws.com

        3. Wavespot: wavespot.net,newrelic.com,cloudfront.net,s3.amazonaws.com 



6. Click Save and Click Next an configure as following:

    a. Access Rules: Role Based

    b. Under Role click on New and enter Preauth as the Name. Click Ok to add.



c. Under Access Rules for Selected Roles click on the Plus icon

    i. Add a new rule one by one for each of the domain in whitelisting

    ii. Eg: Access Control / Network / Any / Allow / To a Domain Namewavespot.net

    iii. After all the whitelist domains are entered, enter the following rule: Access Control / Network / Any / Deny / To All Destinations


d. Tick the box Assign Pre-authentication Role and select Preauth.




7. Click Finish


Activate Wavespot account:

  • Create a new account at http://app.wavespot.net/wavespot/activate. Select the service plan and enter any discount code provided by your Account Manager.
  • Enter MAC-Address of Aruba Controller when activating a new account.