CoovaChilli on RouterBOARD 750Gr3

• This page will cover the procedure you need to take in order to get CoovaChilli up and running on a RouterBOARD 750Gr3 flashed with OpenWRT
• The CoovaChilli that comes standard with the 19.07.x version of OpenWRT does not work well with RADIUSdesk and you need to create your own. That procedure we also thoroughly documented on a dedicated page.
• We assume you have a Router freshly flashed with this built of OpenWRT

• We will connect the Internet to the Internet port of the RB750 (Port1)
• We will then configure Coova to run on the LAN side (Ports 2-5) which is where OpenWRT typically used to run its DHCP service and have a gateway at 192.168.1.1
• Because Coova will now remove the IP Address on the LAN side we have to open the firewall on the WAN side for us to still reach the device even with the captive portal in place and running.

• The firewall rules are defined in /etc/config/firewall
• Edit this file and add the following items at the bottom
• Opening for Luci is optional

config rule
    option name 'Allow-SSH'
    option target ACCEPT
    option src 'wan'
    option dest_port '22'
    option proto 'tcp'
    option family 'ipv4'
 
config rule
    option name 'Allow-Luci'
    option target ACCEPT
    option src 'wan'
    option dest_port '80'
    option proto 'tcp'
    option family 'ipv4'

• Save the changes and reboot the router.
• See if you can access the device from the WAN port.

• Coova Chilli is configured by the /etc/config/chilli file.
• Take this file as a reference and modify where needed.

chilli

config chilli
    # option disabled 0    
    option radiusnasid 		"ZA-OpenWRT-MT1"
    option radiussecret		"testing123"
    option uamsecret		"greatsecret"
 
    # Radius parameters (change to the one for your provider)
    option radiusserver1		43.200.100.192
    option dhcpif 		br-lan		
    option dns1			8.8.8.8
    option dns2			8.8.4.4
 
    option tundev 	        'tun0'
    option net			10.1.0.0/16	# For 1000 addresses. Default is 182/24 subnet
    option uamlisten		10.1.0.1	# keep it at 182.1 despite the 180/22 subnet
 
    #Add this for the miniportal for proper captive portal detection on Apple
    option uamhomepage "http://10.1.0.1:3990/www/coova.html"
    option wwwdir "/etc/chilli/www"
 
    # Universal access method (UAM) parameters
    option uamserver	"http://hotspot.radiusdesk.com/cake3/rd_cake/dynamic-details/chilli-browser-detect/"
    option uamport 		3990
    option ssid                   demo1
 
    # Various debug and optimization values
    option swapoctets		1		# swap input and output octets
    option interval 		3600		# config file and host lookup refresh
 
 
    # Add the chilli firewall rules
    option ipup '/etc/chilli/up.sh'
    option ipdown '/etc/chilli/down.sh'
 

• Save the changes and reboot the router.
• After the reboot you should be redirected to a login page from RADIUSdesk when you connect to any of the ports on the LAN side.