CoovaChilli
CoovaChilli is an open-source captive portal / access controller (the fork of ChilliSpot) that enforces WiFi access by redirecting unauthenticated clients to an external UAM splash page and authorizing them via RADIUS — in this setup, IronWiFi hosts both the splash page and the RADIUS server. Configuration is done in
/etc/chilli.conf
radiusserver1
uamserver
radiussecret
Prerequisites
In IronWiFi Console (complete these first):
- Create a Network in IronWiFi Console
- Create a Captive Portal with the appropriate vendor
- Note your RADIUS settings and Splash Page URL
In CoovaChilli:
- Administrative access to CoovaChilli device
- Network connectivity to IronWiFi RADIUS servers
Device Configuration
RADIUS Settings
Configure your device with:
| Setting | Value |
|---|---|
| Primary Server | |
| Auth Port | |
| Acct Port | |
| Shared Secret | |
Captive Portal
- Enable external captive portal
- Set splash page URL from IronWiFi
- Configure walled garden to include
107.178.250.42
Walled Garden
Add these entries for pre-authentication access:
Required for IronWiFi:
- (IronWiFi splash page)
107.178.250.42 - DNS servers
Authentication Provider Domains:
If using social login providers, add the following domains to your walled garden:
| Provider | Required Entries |
|---|---|
| |
| |
| |
| |
| Microsoft | |
WPA-Enterprise
For 802.1X authentication:
- Set security to WPA2-Enterprise
- Configure RADIUS server details
- Test with a known user
Troubleshooting
| Issue | Possible Cause | Solution |
|---|---|---|
| Portal not appearing | Walled garden misconfigured | Check walled garden includes |
| Authentication failing | RADIUS settings incorrect | Verify RADIUS IP, ports, and shared secret match IronWiFi Console |
| No internet after auth | Firewall or VLAN issue | Check firewall rules and VLAN settings |
Getting Help
For device-specific questions:
- Check manufacturer documentation
- Contact IronWiFi support at support@ironwifi.com
Related Topics
Shared configuration
Was this page helpful?