How to set up ACS 3 as an external Hotspot Portal Server?

DrayOS Hotspot Web Portal supports various authentication methods like facebook, Google. After Hotspot Web Portal clients provide their account credentials, these external servers will send API (permit) back to the router to allow Internet access.

ACS 3 can achieve it too. By setting up ACS 3 as an external portal server, we are able to:

This article will demonstrate how to set up ACS 3 as a Hotspot Portal Server.

How does ACS 3 work as an external Hotspot Portal Server?

a screenshot of Hotspot flow
  1. On ACS 3 Dashboard
    1. Tap the Network box which is located at the top.
    2. Click the network group.

    a screenshot of network group

  2. Go to Hotspot Web Portal >> Profile.
  3. a screenshot of profile page

  4. Click Add and name the new profile
  5. a screenshot of new profile naming

  6. Click Edit at the new profile
  7. a screenshot of new profile editing

  8. On the profile setup page,
    • Basic Settings & Applied Interfaces
      1. Enable this profile
      2. Enter comments (It will be applied to the Hotspot Web Portal profile of CPE site.)
      3. Select the interfaces to apply this profile

      a screenshot of Basic Settings & Applied Interfaces

    • External RADIUS Server
      1. Click Edit at External RADIUS Server
      2. Enter the address of RADIUS server
      3. Set 1812 as Destination Port
      4. Enter the secret of RADIUS server
      5. Enter the username of MySQL
      6. Enter the password of MySQL
      7. Click Confirm
      8. MAC Address Format does matter, default format in FreeRADIUS is AA-BB-CC-DD-EE-FF
    • Note:
      • A RADIUS server is required for ACS3 server to save the MAC addresses of clients’ devices. Without a RADIUS server, we won’t be able to set up ACS 3 as an external Hotspot Portal server.
      • FreeRADIUS is recommended to be your RADIUS server choice.
      • This MySQL database is used for the RADIUS server, it’s not ACS one.
      • ACS 3 server is set to add/update database name: "radius", please set database name to "radius" in MySQL database on FreeRADIUS server.
      • Please add client entry for ACS 3 server and CPE router in clients.conf to allow remote access to FreeRADIUS server
      • The MySQL database for the FreeRADIUS server must be set to allow this account to remote access ACS IP.
      • Docker Container will be an easy way to set up FreeRADIUS & MySQL (Linux). a screenshot of external RADIUS server setup
    • Portal Server & Quota Policy
      1. Select login methods (multiple selections)
      2. Enter the Captive Portal URL(ACS server)
      3. (Optional) Enable Captive Portal Detection to trigger the unauthenticated clients to automatically pop-up the Web Portal page when connect to the selected interfaces
      4. (Optional) Edit the default Landing Page URL to make the clients visit a specific website with successful authenticating
      5. Select a Quota Profile (Quota Profiles can be set up in Hotspot Web Portal >> Quota Management)
      6. Click Continue
      7. a screenshot of Portal Server & Quota Policy
  9. After customizing the Splash page, please add Radius server IP and ACS IP to destination IP on Whitelist Setup page, so that CPE allows Radius server and ACS to pass.
  10. Apply the profile: Go to Hotspot Web Portal >> Network & Device. a screenshot of Network device page
  11. At Network & Device page,
    1. Select the User Group
    2. Select the Hotspot Web Portal profile for the device(s).
    3. Click Save a screenshot of Network Device page
  12. Go to Hotspot Web Portal >> Profile, click View Log a screenshot of View Log
  13. Status Overview is available to observe the applied process. a screenshot of profile information & Overview
  14. On CPE site, the hotspot profile will be set up after ACS finished provisioning. a screenshot of Hotspot profile
  15. Once new clients connect to the selected interface of the router, they need to use one of the authentications to access the Internet. a screenshot of Login_Page

    Note: ACS 3 does apply the profile only when CPEs send inform to it. Thus if there is no ACS applied profile on the CPEs site, please go to System Maintenance >> TR-069 Setting and click Test With Inform or wait for the next periodic inform.

    a screenshot of TR-069 Setting
  16. Go to Hotspot >> Web Portal Analytics, this page will demonstrate all clients’ information. a screenshot of Analytics page
  17. For detailed information, click View Detail at Action. a screenshot of View Detial a screenshot of detail of clients

Published On:2021-05-19 

Was this helpful?