Your members can use our RADIUS integration to log in to your wifi/network using their Cobot credentials. In this way, you can control access to your wifi, keep track of time pass usage, and gain valuable insight regarding the use of your coworking space.

The RADIUS integration can also play an essential role in your emergency preparedness protocols and legal compliance. Your space may have an obligation to track who is present at all times, depending on your local laws or insurance policy.

How it works

Radius consists of two parts: a server and a client device (your network router or access points). After you sign up, we provide you with access to a server via our partner service IronWifi. Most routers today support Radius. However, please double-check that yours supports it before signing up.

This guide will cover:

  1. Setting Up Wifi Login With RADIUS

    1. Captive Portal

    2. WPA2 Enterprise / IEEE 802.1X

  2. Supported Routers & Protocols

  3. Setting Up Your Router

    1. Recommended domains to whitelist in your router

  4. Informing Your Members

    1. Trusted Certificates

    2. Guest Accounts & Group Access

  5. Troubleshooting


Setting Up Wifi Login With RADIUS

To set up RADIUS, go to Setup » Wifi Integration » Setup Radius Server. You will receive 30 free days, and then the charges will be invoiced along with your Cobot subscription.

We provide a RADIUS server with which your (wifi) router must be able to communicate. There are two ways of setting this up. The capabilities of your network devices will determine which one you can use.

Captive Portal

A captive portal is a log-in form shown in the user's browser. Your wifi is managed with the same security level as before (probably with a shared password).

Pros:

  • The form can be customized, e.g., with information for new members or your logo and colors.

  • You can give people access to certain pages even if they don't have an account yet, or have run out of time passes. This way, you can allow access to Cobot so people can sign up or buy more time passes.

Cons:

  • Sometimes the form might not show up immediately. For instance, when you navigate to a website that uses HTTPS, it may simply give you an error instead of showing the form. This is due to how captive portals are implemented and cannot be changed.

WPA2 Enterprise / IEEE 802.1X

WPA2 Enterprise replaces the shared wifi password you used before. Instead of a dialog asking them for the wifi password, people are presented with a dialog requesting a log-in and password. They will use their Cobot credentials to complete the log-in.

Pros:

  • Works reliably—the form will always be there.

Cons:

  • Anyone without a Cobot membership or members who have run out of time passes cannot access the wifi to buy more passes. They would need to use their phone, or you would need to provide a tablet or similar device.

  • You cannot customize the form.

  • Some people (depending on their operating system and version) will see a security warning when joining the wifi for the first time. On newer systems, members can skip the warning. On older Windows versions, they can't skip it. Instead, people have to install a wifi profile, which you can generate here.


Supported Routers & Protocols

Please check your router's manual, and if you are still unsure, consult a network specialist. The following vendors are known to provide routers and software that are compatible with our RADIUS offering:

Our integration supports the following RADIUS protocols:

  • PAP

  • MSCHAP

  • MSCHAPv2

  • TTLS-PAP

  • TTLS-MSCHAP

  • TTLS-MSCHAPV2

  • PEAP-PAP

  • PEAP-MSCHAP

  • PEAP-MSCHAPV2


Setting Up Your Router

This depends on your router, so please check your manual. If you are unsure about what to do, please consult a network specialist.

In general, you'll need to activate the router's captive portal feature or enable WPA2 Enterprise and configure it to authenticate against the RADIUS server(s) provided by Cobot. If your router does not support changing the RADIUS port, the authentication can also be done on the default port (9112) if you send the actual port using a RADIUS attribute "NAS-ID (NAS-Identifier)." If that doesn't work either, contact us, and we can run an extra server for you using the default port (at an additional cost).

After that, your members should see a log-in page when they try to access the internet. By entering their Cobot log-in credentials, they will get access.

Recommended domains to whitelist in your router

This only applies to spaces using a captive portal.

To allow members to visit important websites without logging in (e.g., to sign up for Cobot and enter payment information from within your space), you should whitelist the following domains in your router:

  • [your Cobot domain] (which looks like [yourspace].cobot.me)

  • your custom Cobot domain if you have one set up, for example members.[yourdomain.com]

  • cobot.me

  • scss.cobot.me

  • d1irzpk85sdttw.cloudfront.net

  • ducs6lkglwy4t.cloudfront.net

  • d3ck5av7wm02dz.cloudfront.net

  • d35ei1u0r0ivot.cloudfront.net

  • payments.cobot-platform.com

  • www.paypalobjects.com

  • api.stripe.com

  • js.stripe.com

  • q.stripe.com

  • paypal.com

  • live.adyen.com

If you want members who haven't logged in to the captive portal to use any of our add-ons, you will have to whitelist additional domains. Please contact us for details.


Informing Your Members

To help with your member onboarding, include a note in your member confirmation email about how they can access your WiFi network.

Trusted Certificates

The Radius server uses Trusted Certificates. Your members, especially newer Android users, may be prompted to enter a domain before accessing your WiFi network. This domain needs to be "ironwifi.com."

Guest Accounts & Group Access

Check out our detailed guides on how to set up guest accounts and group access here:


Troubleshooting

If you or your members are having trouble logging in, check your authentication logs. These will help explain why there is an access reject notice, such as an incorrect password or invalid membership.

If you still are unsure what the problem is, send us a message to support@cobot.me or IronWifi Directly at support@ironwifi.com.

Please provide the email address of the person experiencing issues and any error screens or troubleshooting steps you have already taken.

Did this answer your question?