Cookbook is our guide and recipes for kiwire platform owner to effectively use Kiwire into their environments.
Quick Start guide
Quick start guide will provide you on how to quickly deploy basic kiwire functionality into your network.
Login to Kiwire
- Login to your kiwire platform which is at http://kiwire_ip/admin
- Login using the default credential , username : admin , password : 7890
Change default password
- Upon login ,you be prompt to change the default password, please change to a secure password.
Setup initial Setting
- Go to configuration -> setting , setup the default parameter such as currency ,timezone and apply the license key given to system
- Go to configuration -> Organisation profile and setup your organisation name , address and brand
Add your 1st NAS device
- Go to Device -> Nas and add your 1st nas devices.
- Fill in your Nas device ip address , shared secret for the radius communication and account information.
Create your 1st Login Page & Journey
- Go to Login Engine –> Page Maker
- Click Create Page
- Drag features you want into the centre panel and save it after you are done.
- Login type (social/simple/voucher/email/register)
- Other information
- You may create multiple pages depending on your requirements.
- Go to Login Engine –> Login Journey to arrange how you want your landing page to appear. For example, you want user to view T&C first before log in or view some information/picture/video. It can be before or after the landing page.
- You may also point user to a URL for pre/post login.
- Just drag the page maker that you have already created before and position it at where you want it to be. Currently Kiwire have 4 landing pages for you to put.
- Save your settings and choose the correct zone for the landing page.
- Go to Login Engine –> Page Maker
- Create a profile for your users via account -> Profile,
Create Users or vouchers
- Create new users via account->users or voucher account-> vouchers.
- to add a users click on the add user and fill in the informations
Login to network
- Connect to the nas network , the captive portal will load , login using the newly created username or vouchers and you will be succesfull login to the network
How to create role & assign administrator to it.
This example we create an sub administrators with access to accounts modules
- Go to Role configurations -> Roles
- Click create role
- Enter a role name for the new role example “account only”
- use the access search box to search or just select and hightlight all the accessible account role from left box to the right box using the <=> icon
- Click on Create to save the new role
- The role is created.
- Go to administrator and add a new administrator “accview” and assign account only role to it.
- The administrator”accview” can only access the account only modules.
Custom HTML code into Page Maker
Page maker support your own html code insertion into the spinet, this allow greater control or creativity on the look and feel of the page created
- Access the page maker by going to Login engine -> page maker , and create new or edit existing page.
- Click on the edit code button
- you can edit the html code and functionality
Setup Social Login
Create a sign up page option
Installing SSL Certificate for Kiwire.
- type : openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csrwhere server is the name of your server.
- This begins the process of generating two files: the Private-Key file for the decryption of your SSL Certificate, and a certificate signing request (CSR) file (used to apply for your SSL Certificate) with apache openssl.When you are prompted for the Common Name (domain name), enter the fully qualified domain name for the site you are securing. If you are generating an Apache CSR for a Wildcard SSL Certificate your common name should start with an asterisk (such as *.example.com).You will then be prompted for your organizational information, beginning with geographic information. There may be default information set already.This will then create your openssl .csr file.
- Open the CSR file with a text editor and copy and paste it (including the BEGIN and END tags) into the SSL provider platform.
- Save (backup) the generated .key file as it will be required later for Certificate installation.
- After you receive your SSL Certificate from SSL provider , you can install it.
- when got the file put it all in /etc/httpd/ssl folder
- edit /etc/httpd/conf.d/ssl.conf
- changeSSLEngine on
SSLCertificateFile with the path to your certificate file sent to you by the Certificate Authority;
SSLCertificateKeyFile with the path to your private key file that was generated with the CSR code you used for the certificate activation;
SSLCertificateChainFile with the path to the CA bundle corresponding to your certificate.
- Restart httpd by : service httpd restart
Using DNS as content filtering
there are dns server provided by cyber security such as norton , mcaffee that provide basic content filtering by using their dns server ip address. the category are
- Security Protection ( prevent malware , phishing sites and scam sites )
Preferred dns : 126.96.36.199
Secondary dns : 188.8.131.52
- Security Protection + Pornography ( security protection and porn sites block )
Preferred dns : 184.108.40.206
Secondary dns : 220.127.116.11
- Security Protection + Pornography + others ( full protection )
Preferred dns : 18.104.22.168
Secondary dns : 22.214.171.124
Setup rate limit / bandwidth control for Mikrotik PPPOE
Kiwire can also support dialup pppoe services for Mikrotik as controller, with Mikrotik as PPPOE server is an popular option for fixed fiber or wifi always on internet services for telco or internet service provider .
One of the requirement is to provide bandwidth or rate limit to the subscriber , the default profile by Kiwire is for WISPr ( Wireless ISP ) which use Wispr attribute , however you can use policy-> radius attribute to add PPPOE rate limit attribute to the profile. the step are
- create a profile as usual for your subscriber
- Access Radius attribute editor by going to Policy-> Radius Attribute
- Add the attribute “Mikrotik-Rate-Limit” ,select “:=” as operator and value in K or MB as you desire in upload/download format as the screenshot.