This article describes the installation and configuration steps for Ubiquiti UniFi Cloud Controller in Legacy mode. Instructions in this guide is only for older UniFi controllers which have Legacy mode and shouldn’t be used for new setups. Our test was performed with Unifi controller 6.4.54 and Unifi AP-AC-Lite firmware version 6.6.55.1589
(the previous tests were performed with controllers v5.9.29, v5.10.23.11668-1, v5.11.50, v5.13.32, v5.14.23.0 and Unifi AP-AC-Lite firmware v4.0.54.10625, v4.0.9.9639, v6.5.28.14491. Some Unifi controller versions don’t work (like 6.0.45.0) so please use v 6.4.54)
Log in to your UniFi controller and click the Setting icon.
Go to the Site page and click Apply changes.
Create a Wireless Network that will be enabled for Guest Access.
Go to Settings / Wireless Networks, click Create New Wireless Network and configure following:
Click Advanced Options and from the Radius MAC Authentication section, change the MAC Address format to AA-BB-CC-DD-EE-FF and save changes.
Go to Guest Control page and on the Guest Policies section set following:
On the Portal Customization section as Template Engine set Angular JS and enable Override Default Templates.
Later, when you change index.html and auth.html files Desktop preview will change to:
In the Hotspot section enable Radius-based authorization
Override Default Template should be disabled in the Voucher Customization section.
On the RADIUS section under Profile click Create new RADIUS profile button or select the previously created RADIUS Profile and configure the following:
As Authentication type select CHAP.
Accept incoming disconnect request: DISABLED
( check the Configuring parameters section to learn how to create a new Radius profile)
On the Access Control / Pre-Authorization section enter the Walled garden IP’s.
Go to the Profiles Radius section and click Create new RADIUS profile button.
Click Create New RADIUS Profile and configure following:
Save changes.
If you want to enable Social network login feature or use Paypal as payment gateway, add further IP’s as per below for each network you plan to support.
31.13.24.0/21
www.facebook.com
staticxx.facebook.com
connect.facebook.net
static.xx.fbcdn.net
157.240.0.0/16
31.13.0.0/16
– if it does not work, try adding:
45.64.40.0/22
66.220.144.0/20
69.63.176.0/20
69.171.224.0/19
74.119.76.0/22
103.4.96.0/22
129.134.0.0/16
173.252.64.0/18
179.60.192.0/22
185.60.216.0/22
204.15.20.0/22
199.16.156.0/22
199.59.148.0/22
199.96.56.0/21
192.133.76.0/22
91.225.248.0/23
www.linkedin.com
static.licdn.com
184.51.0.0/16
108.174.0.0/16
– if it does not work, try adding:
103.20.94.0/23
108.174.0.0/22
108.174.4.0/24
108.174.8.0/22
108.174.12.0/23
144.2.0.0/22
144.2.192.0/24
216.52.16.0/23
216.52.18.0/24
216.52.20.0/23
216.52.22.0/24
65.156.227.0/24
8.39.53.0/24
185.63.144.0/24
185.63.147.0/24
199.101.161.0/24
64.152.25.0/24
8.22.161.0/24
paypal.com
sandbox.paypal.com
paypalobjects.com
paypalssl.doubleclick.net
paypal.112.2o7.net
securepics.ebaystatic.com
mobile.paypal.com
m.paypal.com
Facebook app setup instructions
Twitter app setup instructions
LinkedIn app setup instructions
Apply changes to save.
Last, very important step:
Download this file and unzip contents (index.html and auth.html) it in your app-unifi-hotspot-portal directory
Depending of the OS, it is usually located at the location bellow:
If you are using Cloud key, please upload our index and auth files into appropriate site folder. By default it’s: