Orion Wifi is deployed to your existing Wi-Fi infrastructure as a new "Orion" SSID. Use your wireless controller's administrative interface to apply the below settings.
Orion SSID
Add a new SSID with the following parameters:
Network Name / SSID | Orion |
Hidden SSID | No |
Network Security | WPA2 Enterprise (802.1x) |
RADIUS Server | See "RadSec / Radius settings" |
Hotspot 2.0 / Passpoint | See "Hotspot 2.0 configuration" |
RadSec / RADIUS settings
RADIUS Server IPs
Determine if your wireless controller supports RADIUS over TLS (RadSec) and expand the relevant section below:
My wireless controller DOES support RadSec
Download your radsec.zip
from Orion Supply Settings and unzip it.
In your wireless controller, upload or copy/paste the contents of:
bw.radsec.cacert.pem
as a radsec CA certificateopenroaming.root.cacert.pem
as a radsec CA certificatecert.pem
as radsec client certificatekey.pem
as radsec client private key
Apply the following RADIUS settings to your Orion SSID
for both Authentication and Accounting:
Primary Server IP | 216.239.32.91 |
Primary Server Port | 2083 |
Secondary Server IP | 216.239.34.91 |
Secondary Server Port | 2083 |
Shared Secret | radsec |
Radsec Server Name / SAN (if needed) | *.orion.area120.com |
My wireless controller DOES NOT support RadSec
- Download and deploy Orion Radsecproxy, following the steps in the README
- Apply the following RADIUS settings to your Orion SSID:
Authentication Server IP | Your radsecproxy IP |
Authentication Server Port | 1812 |
Accounting Server IP | Your radsecproxy IP |
Accounting Server Port | 1813 |
Shared Secret | radsec |
NAS Identifier
Networks in Orion are automatically named based on their NAS-Identifier attribute. All APs on a shared network should use the same NAS Identifier.
Interim-Update Interval
Set your Accounting Interim-Update interval to 5 minutes (300 seconds).
Chargeable User Identity
Your RADIUS Authentication and Accounting packets must include a Chargeable-User-Identity (CUI) attribute.
Hotspot 2.0 (Passpoint) configuration
Enable Hotspot 2.0 on your Orion SSID with the following settings:
Roaming Consortium OI (RCOI) |
|
Network Type | Chargeable Public |
Detailed Setup Guides
Need more guidance? See detailed setup instructions for the most common enterprise & service provider Wi-Fi controllers. These guides are provided as a courtesy and may not match the experience on your particular firmware. Contact your Wi-Fi equipment manufacturer for additional support.
Once the above steps are complete, your AP should begin broadcasting a new "Orion" SSID. You can proceed to set up your test device.
Next: Prepare your mobile device for testing