Integrating SecureW2 with Extreme Wing Access Points

To complete this configuration, you must already have configured:

  • Extreme ExtremeManagement
  • Extreme Access Control
  • A fully licensed controller with an Advanced Security license

 

Configuring the Wireless Controller to Authenticate with the SecureW2 RADIUS

  1. Configure the RADIUS settings to authenticate against the SecureW2 RADIUS
  2. Configure the Captive Portal on the wireless controller
  3. Configure the SSID for authentication against Access Control

 

Configuring the SecureW2 RADIUS

  1. Navigate to the Network tab under Configuration
  2. Select the AAA Policy section
  3. Click the Add button to create a new AAA policy

Adding the AAA Policy

  1. Name the new policy and click Continue
  2. In the RADIUS Authentication tab, click the Add button to create a new RADIUS Server

Adding the RADIUS server

  1. In the Authentication Server window, update the following settings in addition to populating the default values
    • Host <SecureW2 RADIUS IP Address>
    • Port <SecureW2 RADIUS Port>
    • Secret <SecureW2 RADIUS Shared Secret>
    • Request Proxy Mode Through Wireless Controller

Populating the settings of the RADIUS server

 

Configuring the Captive Portal

  1. Navigate to Configuration > Services
  2. Select the Captive Portals section
  3. Click Add to create a new configuration

Adding the captive portal policy to the network

  1. In the new Captive Portal Policy, select Centralized Controller for the Captive Portal Server Mode
  2. In the Captive Portal Server Host field, specify a non-existent server host where the web request would typically be sent
  3. In the Access field, select No authentication required as the Access Type
  4. Click Ok to save the new policy

Configure the settings of the captive portal and save

  1. While still in the newly created Captive Portal Policy, scroll down to the DNS Whitelist and click the Add button

Create entries in the DNS Whitelist

  1. Create entries in the DNS Whitelist for both the IP address and hostname of the SecureW2 servers used on the network

Adding entries from the DNS Whitelist to the captive portal policy

  1. Click Ok > Exit

Configuring the captive portal policy

  1. In the Captive Portal Policy, select the newly created DNS Whitelist from the dropdown menu
  2. Click Ok and then click Commit
    • The final step is to assign the new Captive Portal Policy to the Device Profiles in use
  3. Navigate to Configuration > Profiles, then navigate to the profile to be modified
  4. Select the Services tab of the profile, then select the checkbox next to the new Captive Portal Policy
  5. Click Ok > Commit

Finalize the configuration of the captive portal policy

Extreme is either registered trademarks or trademarks of Extreme Networks in the United States and/or other countries. Other trademarks, logos and service marks used in this site are the property of SecureW2 or other third parties.