This article explains the need for Wireless Internet Service Provider Roaming (WISPr) in Aruba Instant Access Points and the steps to configure it.
Environment : This article applies to all the IAP models running 18.104.22.168_3.2.0.
Need for WISPr
Wireless Internet Service Provider roaming (WISPr) authentication allows a smart client to authenticate on the network when they roam between wireless internet service providers, even if the wireless hotspot uses an Internet Service Provider (ISP) with whom the client may not have an account.
How WISPr work?
If you are a hotspot operator using WISPr authentication and a client that has an account with your ISP attempts to access the Internet at your hotspot, then your ISP’s WISPr AAA server authenticates that client directly and allows the client access on the network. Smart Client on the mobile device sends the authentication credentials to the IAP via http, which IAP then send to the ISP’s RADIUS server. If, however, the client only has an account with a partnerISP, then your ISP’s WISPr AAA server forwards that client’s credentials to the partner ISP’s WISPr AAA server for authentication. When the client is authenticated on the partner ISP, it is also authenticated on your hotspot’s own ISP as per their service agreements. The IAP assigns the default WISPr user role to the client when your ISP sends an authentication message to the IAP.
After authenticating successfully on ISP’s RADIUS server, IAP starts accounting for the client, and will stops accounting when client disconnect.
Step 1: Create a wireless “Guest” network.
Enter the desired client IP and VLAN assignment.
Step 2: The following two types of WISPr authentication are supported:
- Internal – Authenticated
- External - RADIUS Server
Select the Internal – Authenticated or the External - RADIUS Server option from the Splash page type dropdown before you configure WISPr authentication. Click on “Next”.
Step 3: Assign the required network permissions
Step 4: configure WISPr parameters in Settings -> WISPr.
IAP sends these parameters to radius server for different ISPs.1. In the Instant UI, click Settings in the top-right corner, then select the WISPr tab. Enter the ISO Country Code section of the WISPr Location ID in the ISO Country Code text box.
- Enter the E.164 Area Code section of the WISPr Location ID in the E.164 Area Code text box.
- Enter the operator name of the Hotspot in the Operator Name text box.
- Enter the E.164 Country Code section of the WISPr Location ID in the E.164 Country Code text box.
- Enter the SSID/Zone section of the WISPr Location ID in the SSID/Zone text box.
- Enter the name of the Hotspot location in the Location Name text box. If no name is defined, the
- parameter will use the name of the IAP to which the user has associated.
- Click OK to apply the changes.
NOTE: The parameters described above, to define WISPr RADIUS attributes, are specific to the RADIUS server your ISP uses for WISPr authentication. Contact your ISP to determine these values. You can find a list of ISO and ITU country and area codes at the ISO and ITU websites (www.iso.org and http://www.itu.int.).
The same can be configured through the CLI of the IAP using the following commands:
wlan ssid-profile CMCC
To verify the WISPr configuration:
IAP# show wispr config
WISPr ISO Country Code :
WISPr E.164 Country Code :
WISPr E.164 Area Code :
WISPr SSID :
WISPr Operator Name :CMCC
WISPr Location Name :
Another command that can give an idea about the WISPr configuration and troubleshooting is "show client debug".