Complete prerequisites
Orion uses RadSec (RADIUS over TLS) to identify you as a supplier, and to secure our communications with your network.
Depending on the type of Wi-Fi access point that you are using, you may need to follow one or more of the following steps. For AP-specific guides, see Configure Wi-Fi APs for Orion.
Download your RadSec Certificates
On the Orion Supplier portal, go to the RadSec Certficates tab.
Click on Download Orion Certificate, then Generate Client Certificate Bundle:
A file named radsec.zip should download.
You can follow these steps at any time to download a fresh certificate bundle. Downloading a new bundle will not deactivate previously-downloaded certificate bundles.
Deploy & Configure Radsec Proxy (if needed)
Check your wireless LAN equipment documentation for RadSec (RADIUS over TLS) support.
If your wireless LAN controller does not support RadSec, you’ll need to deploy Orion Radsecproxy inside your environment before configuring your wireless LAN.
Follow the instructions in the Orion Radsecproxy README to deploy the Radsecproxy if needed.
Upload your RadSec CA certificate (if needed)
Some Wi-Fi access points (namely Cisco Meraki), require you to upload their internally-generated CA certificate to Orion.
On the Orion Supplier portal, go to the RadSec Certificates tab. Click on Download Orion Certificate, then Download Root CA Certificate:
A file named [filename] should download. You will need to upload it to the access point's platform.
Additionally, once you have downloaded the access point's CA Certificate, you need to upload it to Orion. On the Orion Supplier portal, go to the RadSec Certficates tab. Click on Upload CA Certificate, then select your file. (Note: only .pem files are supported.) Add a description to remind you of the certificate in the future, then click Confirm.
Some certificates, like the Orion Root CA Certificate and the OpenRoaming Root CA Certificate, cannot be uploaded to Orion.
Request the Orion Network Verification app
After deploying Orion to your Wi-Fi infrastructure, you will need to use the Orion Network Verification app to confirm that it is working as intended. Request access to the app before deploying Orion Wi-Fi.