Unifi - Integration Document

Overview

General RADIUS Server Configuration

Navigate to Settings > Profiles > RADIUS and click Create New RADIUS Profile.

Under “CREATE NEW RADIUS PROFILE” give the profile a name, select and Enable Wired and Enable Wireless. Under RADIUS AUTH SERVERS add the IP address of the NAC Edge server for port 1814 and enter the shared secret (this is the secret that you defined when creating RADIUS Clients ).

Under ACCOUNTING select Enable Accounting, Enable Interim Update and set the Interim Update Interval to 300 (5 minutes). Finally, add the IP address of the NAC Edge server under RADIUS Accounting Servers, set the port to 1815 and enter the same shared secret entered for the authentication server.

Click Advanced OPTIONS

Create WPA Enterprise SSID

Give the network (SSID) a name, choose WPA Enterprise, RADIUS Profile and expand Advanced Settings

Enable RADIUS DAS/DAC (CoA) and Save

1 - Secure Wireless Integration

Navigate to Wireless Network > Wireless Networks and select Create New Wireless Network.

Click Advanced OPTIONS

Create WPA Enterprise SSID

Give the network (SSID) a name, choose WPA Enterprise, RADIUS Profile and expand Advanced Settings

Enable RADIUS DAS/DAC (CoA) and Save

2 - Open Wireless Integration

Navigate to Wireless Network > Wireless Networks and select Create New Wireless Network.

Create WPA Enterprise SSID

Give the network (SSID) a name, choose Security as Open and expand Advanced Options

Enable RADIUS DAS/DAC (CoA)

Click expand on RADIUS MAC Authentication

Enable RADIUS MAC Authentication

Select the RADIUS profile created at this step

Select MAC address format as aabbccddeeff (All lower-case, without colons)

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard