1. Home
  2. Devices & Hardware
  3. Ubiquiti UniFi Cloud Controller

Ubiquiti UniFi Cloud Controller

This article describes installation and configuration steps for Ubiquiti UniFi Cloud Controller ( v5.7 or above). Our test was performed with v5.9.29 and v5.10.23.11668-1 controllers and Unifi AP-AC-Lite v4.0.9.9639.

Connecting

Log in to your UniFi controller and click the Setting icon.

Create a Wireless Network that will be enabled for Guest Access.
Go to Settings / Wireless Networks, click Create New Wireless Network and configure following:

Name/SSID: Your SSID ( it’s your choice what will be set as SSID Name, Guest WiFi in our case)
Enabled: Enabled
Security: Open
Guest Policy: Enabled

Click Save to apply changes.

Go to Guest Control page and on the Guest Policies section set following:

Enable Guest Portal: Enabled
Authentication: Hotspot
Default Expiration: 8 Hours
Landing Page: Promotion URL – insert desired URL
Use Secure Portal: Disabled
Redirect using hostname: Disabled
Enable HTTPS Redirection: Disabled

Configuring parameters

On the Portal Customization section as Template Engine set Angular JS and enable Override Default Templates.
Enable RADIUS on the Hotspot section.
Go to Profiles / Radius page.
Click Create New RADIUS Profile and configure following:

Profile Name: Test
RADIUS Auth Server: 13.92.228.228
Port: 1812
Password / Shared secret: (contact our office)
Click Add Auth Server and configure Radius server 2:
RADIUS Account Server: 13.92.228.228
Port: 1813
Password / Shared secret: (contact our office)
Accounting: Disabled

Save changes.

On the Access Control / Pre-Authorization page enter the Walled garden IP’s.

connect.starthotspot.com
cdn.starthotspot.com
starthotspot.com
13.92.228.228
13.90.247.200

If you want to enable Social network login feature, add further IP’s as per below for each network you plan to support.

Please note, these IP ranges are subject to change depending on the social network setup.

Facebook

31.13.24.0/21
www.facebook.com
staticxx.facebook.com
connect.facebook.net
static.xx.fbcdn.net
157.240.0.0/16
31.13.0.0/16
– if it does not work, try adding:
45.64.40.0/22
66.220.144.0/20
69.63.176.0/20
69.171.224.0/19
74.119.76.0/22
103.4.96.0/22
129.134.0.0/16
173.252.64.0/18
179.60.192.0/22
185.60.216.0/22
204.15.20.0/22

Twitter

199.16.156.0/22
199.59.148.0/22
199.96.56.0/21
192.133.76.0/22

LinkedIn

91.225.248.0/23
www.linkedin.com
static.licdn.com
184.51.0.0/16
108.174.0.0/16
– if it does not work, try adding:
103.20.94.0/23
108.174.0.0/22
108.174.4.0/24
108.174.8.0/22
108.174.12.0/23
144.2.0.0/22
144.2.192.0/24
216.52.16.0/23
216.52.18.0/24
216.52.20.0/23
216.52.22.0/24
65.156.227.0/24
8.39.53.0/24
185.63.144.0/24
185.63.147.0/24
199.101.161.0/24
64.152.25.0/24
8.22.161.0/24

Facebook app setup instructions

Twitter app setup instructions

LinkedIn app setup instructions

Apply changes to save.

At the end, you will need to modify two html files on the controller so that it correctly redirects and authenticates.

Download this file and unzip contents (index.html and auth.html) it in your app-unifi-hotspot-portal directory

Last, very important step:
Download this file and unzip contents (index.html and auth.html) it in your app-unifi-hotspot-portal directory
Depending of the OS, it is usually located at the location bellow:

Windows: C:\Users\\Ubiquiti UniFi\data\sites\default\app-unifi-hotspot-portal
MAC: ~/Library/Application Support/UniFi/data/sites/default/app-unifi-hotspot-portal
Linux: /usr/lib/unifi/sites/default/app-unifi-hotspot-portal

If you are using Cloud key, please upload our index and auth files into appropriate site folder. By default it’s:

/srv/unifi/data/sites/default/app-unifi-hotspot-portal

Troubleshooting

Having troubles? Here is a quick check list:

1. Make sure that you selected CHAP and not MS-CHAP

2. Make sure that you replaced index and auth files.
– If it’s local controller installation files are on your computer. See paths above.
– If it’s Cloud Key installation, upload these files into appropriate folder
– If it’s Hostifi, send your files to the admin to replace original ones.

3. Make sure that you typed AP MAC address into our cloud portal

4. If the mobile you are testing is not reaching our Hotspot splash page, but instead you get ERR_CONNECTION_REFUSED with address like http://yourpublicip:8880/guest/s/…. please make sure that your AP can reach machine where controller is being hosted. If it’s your personal computer, do a port forwarding, unblock firewall etc…

5. Make sure to match exact model of your AP. In some cases mistakes are not obvious, for example:

6. Client MAC is not received

If you are getting the splash page, but can not login and receive “Invalid password” or other errors, please check if the AP is sending client MAC address.
Some versions of Unifi AP firmware are buggy and do not send client MAC.
In such case, downgrade AP firmware to the earlier version.
At the time of writing, downgrade from 4.0.42 to 4.0.9 resolved the issue.

If your attempts to downgrade via web links (SSH or Unifi Controller) continuously fail, please do it this way: SCP into the AP, copy the firmware file to /tmp, then SSH in and run command.

7. Make sure that you configured Ubiquity AP (Unifi Controller) when you deploy APs with the controller.

If you need help with configuration, please go to starthotspot.com and contact our tech support. We’ll be glad to help you.

Updated on September 20, 2019

Was this article helpful?