UniFi External Portal Server Checklist

unifi external portal server checklist

UniFi External Portal Server Checklist

As the UniFi platform continues to grow and improve, so does the MyPlace Guest Marketing service. We try to make it as seamless as possible to integrate with UniFi, and make it easier for clients and their guests alike to get value from the service. A major part of making this process easier was to improve the information flow on the quality of the MyPlace integration with UniFi. There are many moving parts, and it is important they are all aligned for a perfect user experience. The new UniFi external portal server checklist is available to all customers, as part of their existing package. Check out our UniFi Guest Hotspot Integration for more info

Keeping the Channels Open

For the external portal to work effectively on UniFi all the elements of the process need to be able to communicate without restriction. Captive Portals, by their very nature are blocking mechanisms, to restrict access for the user and to keep them inside a “walled garden”. When the captive portal needs to communicate with multiple services, then this blocking mechanism can get complicated.

Why we built this checklist

We are continuously on-boarding new clients onto the MyPlace Connect platform and we found that we spent a lot of time troubleshooting a various list of issues within the UniFi platform. While we had a list of potential issues and were able to rule each one out manually in the case of a problem, it didn’t scale well, especially after our automated on-boarding went live. So now as part of the client on-boarding session, we introduce these tests so that issues can be found and fixed quickly instead of waiting to speak with our support team. For non technical clients who are interested in WiFi Marketing and WiFi Hotspot Marketing

WiFi Email Capture Service

Are you ready to start capturing customer email on your venues WiFi? Click the link below to learn more

Our UniFi external portal server checklist covers two main categories – site specific tests and controller specific tests, which are outlined below.

Site Specific Tests

These group of tests are for checking that everything is in place on the specific site. Taking into account the local gateway/router and also the site settings on UniFi, these tests will highlight potential issues so that they can be remedied. The UniFi external portal server checklist will display using a traffic light system all potential issues.

site controller checks unifi

Site ID Check

This is a check to test two things. Firstly we need to make sure that the site ID is unique and is not in the default mode. Sometimes when a venue is the first one added to the controller, it can have the site ID “default”. Each site should have a unique ID, and as well as being in the database, it is embedded in the url IMAGE. MyPlace Connect uses this site ID as the unique identifier for each site, and for obvious reasons having many sites with ID “default” could cause some problems

User Group Check

For some reason, if the guest SSID is in a user group that is different to the default user group it causes an issue with the guest portal functionality. A guest SSID could be placed in a separate user group if you wanted to place a bandwidth limit on the guest network. This doesn’t always cause issues, but it can cause issues with the guest portal which is why we incorporated it into our tests

Local Site Ports Check

The site ports check is a test to make sure that the ports on the local router/gateway are open as required. Sometimes port restrictions are in place locally and this can block some of the required channels that the UniFi controller uses

Guest Network Check

This one is a bit obvious, however it does need to be verified. For the guest portal to be active, you will most definitely need an SSID with the guest policy enabled. Just a simple test but one that needs to be done

Take your marketing to the next level

Unlock the Power of WiFi Marketing Transform Your Guest WiFi into a Revenue-Generating Machine!

VLAN Check

VLAN’s are definitely something that should be in place where possible, especially with guests on a network with business critical requirements. That being said, at time of writing, VLAN’s are not a friend of the external guest portal on the UniFi platform. If not properly managed, they can block communication between a client on the guest network and the controller. If they do block communication, then there are steps that you can take to fix it. At least if we detect the presence of a VLAN, we can provide the right information to our client, hence the test being included.

Controller Tests

The second batch of tests that we run is based on the UniFi controller. The UniFi controller being in the correct state is critical to the successful implementation of the external guest portal. The UniFi controller hosting environment is important. The UniFi controller being hosted in a virtual machine environment like AWS just seems to work the best. Cloud keys and On Premise servers are fine, but they just leave to much scope for problems to arise. The purpose of the UniFi external portal server checklist is to trace potential issues with the controller settings.

Controller

UniFi Status Check & Controller Check

These are internal MyPlace systems checks. Not relevant or worthy of more detail so lets move on…

UniFi Controller Credentials Check

As the external portal server guest authentication uses the UniFi API, we need to ensure that we have the correct credentials to allow the API to work. By credentials, we are referring to the admin profile that is ordinarily used to access the UniFi controller. Both superadmin and admin profiles provide sufficient privileges to operate the API and authenticate guests, among other functions. We prefer if clients set up a dedicated admin on UniFi for the MyPlace UniFi Guest Portal Service  and then use those credentials to activate the connection. Whatever way you set it up, these credentials need to be correct, and we run a test for it because if these are wrong, then guests are not going to get any WiFi

FQDN (Fully Qualified Domain Name) Check

The controller needs to be accessible via a Fully Qualified Domain Name (FQDN) and this is a test to confirm that this is indeed in place. There are most certainly reasons this requirement is in place, however that is for another time and place

Controller Ports Check

This is a test to make sure that none of the port access required by the UniFi API have restrictions in place. This test is specifically for the ports on machine hosting the UniFi controller (LINK). If certain ports are restricted then you can see issues like delays on the guest portal authentication.

Controller SSL Certs

This is a critical test as the presence of an SSL cert on the UniFi controller domain is the difference between a smooth login process and a messy, error strewn experience. The captive network assistant is very sensitive to even the smallest anomaly so this needs to be correct. SSL certs can also expire and can be easy to forget about which is why this is an important test to carry out.

UniFi External Portal Server Checklist

Having been just recently released, we are very happy with this checklist to date. Of course, there will always be issues when building a comprehensive software service, and in time we will identify the most important of these and add them into our automated UniFi external portal server checklist. For now, it is one more additional feature for our customers who want to capture email on UniFi and turn their WiFi into a marketing machine