Skip to content
English
Customer portal
Visit Neon's Website
  • There are no suggestions because the search field is empty.

HOW DO I SET UP A UNIFI GUEST WI-FI WITH NEON?

Setting Up UniFi Guest Wi-Fi with Neon

Prerequisites

  • A Ubiquiti account with access to account.ui.com
  • Access to your UniFi Site Manager at unifi.ui.com
  • Wi-Fi 2.0 enabled on your Neon account (your Neon account manager will handle this)

System Requirements

  • UniFi OS (Console Firmware): 5.0.3 or newer
  • UniFi Network Application: 10.x or newer
  • Console Hardware: UniFi OS-based console required (UDM, UCG, UDR, UDX, CloudKey G2+, or UniFi OS Server) — legacy self-hosted software controller is not supported
  • Cloud connectivity: Console must be adopted to a Ubiquiti account and connected to Ubiquiti's cloud
  • Firmware channel: Stable release only — Early Access and Release Candidate builds are not supported
  • Access Points / Switches: No additional firmware requirements beyond being adopted and managed by a supported Network Application version

Step 1 — Enable Early API Access

UniFi's API feature requires Early Access to be turned on at two levels: your Ubiquiti account and your UniFi site.

Account level

  1. Go to account.ui.com and sign in.
  2. Go to Account Settings.
  3. Enter your password and click Unlock.
  4. Enable Early Access.


WIFI image 1

Site level

  1. Go to unifi.ui.com and sign in.
  2. Click the profile icon in the upper-right corner.
  3. Enable Early Access.
    WIFI IMAGE 2

Step 2 — Generate a UniFi API Key

The API key gives Neon read/write access to your UniFi account so it can manage your network configuration.

  1. Go to unifi.ui.com and sign in.
  2. Click Settings in the left navigation menu.
  3. Select the API Keys tab.
  4. Click Create New API Key.
  5. Give it a name — e.g., Neon API Key.
  6. Set Expiration to Never Expires.
  7. Enable Site Manager and UniFi Application.
  8. Under Applications, select Network.
  9. Select the sites you want Neon to manage.
  10. Click Create and copy the key immediately — it will not be shown again.

    WIFIimage 3

    WIFIimage 4

Step 3 — Add the API Key to Neon

  1. Log in to your Neon dashboard.
  2. Click Wi-Fi 2.0 in the sidebar.
  3. Click Add (top right) → Add Cloud Credentials.
  4. Enter a name — e.g., UniFi API Key.
  5. Set Device Type to UniFi.
  6. Paste the API key you copied.
  7. Click Add Cloud Credential.

Step 4 — Create an SSID in Neon

  1. In the Neon dashboard, follow the Wi-Fi Setup Wizard to create a new SSID.
  2. Once created, go to unifi.ui.com.
  3. Select the site you used to configure the SSID in Neon.
  4. Go to Settings — you should now see the SSID created by Neon listed in the Wi-Fi table.

Step 5 — Configure the UniFi Captive Portal

  1. In the UniFi Site Manager, click the Wi-Fi network Neon created.
  2. In the drawer that opens, click Hotspot Portal.
  3. The captive portal configuration page will open.
    WIFIimage 5

    WIFIimage 6

External portal server

  1. Enable One Way Methods.
  2. Click Edit and enter 1.1.1.1 as the External Portal Server.
  3. Click Save.

Landing page

  1. Scroll to the Landing Page section.
  2. Enable the Domain checkbox.
  3. Enter: splash.neonwifi.com

Authorization Access (URL whitelist)

Scroll to Authorization Access and add the following URLs. These allow the portal to function correctly before a guest logs in:

  • otel.prod.neonscreens.com
  • splash.neonwifi.com
  • api.wifi.neonwifi.com
  • cdn.neonscreens.com

Optional: You can add additional URLs here to allow guests to access specific sites without logging in. For example, adding facebook.com lets guests visit Facebook before authenticating.

  1. Click Save and close the Hotspot Portal page.
    WIFIimage 7
    WIFIimage 8

You're All Set!

Connect a device to your configured Wi-Fi network — you should see the Neon captive portal appear automatically

FAQ

Why does my device say "No internet" even after connecting?

This is expected behavior. Until you complete the captive portal authentication flow, the device is connected to the Wi-Fi network but internet access is blocked. Open a browser and navigate to any HTTP site (e.g., neverssl.com) to trigger the portal manually.

Why doesn't the captive portal pop up automatically on my device?

Most devices use a connectivity check to detect captive portals and auto-launch the login page. This can fail if the check is blocked, if you're on iOS/Android with aggressive network switching, or if the DNS redirect hasn't propagated yet. If the portal doesn't appear within 10–15 seconds, open your browser manually and navigate to any non-HTTPS site.

How do I manually open the captive portal login page?

Open your browser and go to neverssl.com or success.com. The network will intercept the request and redirect you to the portal login page.

Why do I keep getting redirected to the login page after already connecting?

Your session has likely expired. Session duration is configured by the network administrator. Reconnect and complete the portal flow again. If this happens immediately after authenticating, check that cookies are enabled in your browser — the session token is stored client-side.

How long does my session last before I need to re-authenticate?

Session duration is set by the network administrator and varies by location. Typical configurations range from 1 hour to 24 hours. Once your session expires, reconnect and complete the portal flow again.

Why doesn't the portal work on Android/Samsung devices?

Samsung and some other Android devices use a built-in mini-browser for captive portal detection that has limited functionality and inconsistent behavior. If the portal doesn't load correctly, dismiss the mini-browser notification and open your full browser app (Chrome, Firefox, etc.) to complete authentication manually.

Why does iOS show a mini-browser that won't dismiss?

iOS launches a WebKit mini-browser (Captive Network Assistant) to handle portal authentication. Once you complete the login flow, tap Done or Connect to dismiss it. If the button doesn't appear, the portal may need to return a specific HTTP 200 response with a success body to signal iOS that authentication is complete.

What data is collected when I connect?

This varies by deployment. Typically, guest Wi-Fi portals may collect your name, email address, and/or phone number as part of the login flow, along with your device's MAC address and connection timestamps. Refer to the location's privacy policy for specifics.

Can I customize the portal with my logo and branding?

Yes. Neon WiFi's captive portal supports full branding customization including logo, background, colors, and CTA copy. Changes are managed through the Neon dashboard and apply instantly without any changes needed on the UniFi controller side.

Which UniFi devices support captive portal / guest networks?

All UniFi gateways and access points support guest networks with captive portal. This includes the UCG, UDM, UDM Pro, UDR, UDX series, and all Wi-Fi 5/6/6E access points. The captive portal feature is managed through the UniFi Network application, not the device itself.