I am running an Omada Controller on DN1. We also have a dashboard with a backend hosted on DM2, and an external captive portal hosted on DM3.

I would like to know which domain names and IP addresses should be allowed in the Access Control section of the Omada Controller.

At the moment, I have already added:

• The domain name and IP address of the external captive portal
• The domain name of the dashboard

My questions are:

• Do I also need to add the domain name or IP address of the Omada Controller itself on the access control list?

Notes:

• No RADIUS server is used for authentication.
• Internet Access for Wi-Fi users is handled via APIs developed on the backend of the dashboard.

• These APIs communicate with the Omada Controller using the following Omada endpoints:

  • CONTROLLER_IP:PORT/CONTROLLER_ID/api/v2/hotspot/login
  • CONTROLLER_IP:PORT/CONTROLLER_ID/api/v2/hotspot/extPortal/auth