|
|
(10 intermediate revisions by 3 users not shown) |
Line 1: |
Line 1: |
| ==Summary==
| | {{Template: Networking_rutos_manual_hotspot_rut2_rut9 |
| | | <!------------------------DEVICE-----------------------> |
| Wireless '''Hotspots''' are essentially Wireless Access Points - they provide network and/or internet access to other Wi-Fi devices. The difference is that Hotspots are a lot more versatile when it comes to managing, monitoring and authenticating the wireless network's users. For example, while Wireless APs can be password protected, with Hotspots you can configure different users with different names, passwords, even data limits and data speeds and more. This chapter is an overview of the '''Wireless Hotspot''' function in RUT routers.
| | | name = RUT955 |
| | | | series = RUT9 |
| ==General==
| | <!----------------------SEPARATORS---------------------> |
| | | | wifi = 1 |
| The '''General''' tab is where most of the Hotspot configurations take place. This section will be divided into six sub-sections - one for each '''Authentication mode''', since the chosen '''Authentication mode''' will define how the Hotspot will be configured in general.
| | | mobile = 1 |
| | | }} |
| ===External Radius===
| |
| ----
| |
| '''External Radius''' authentication mode uses an external Radius server, to which you have to provide an address to, instead of using the router's internal Radius server.
| |
| | |
| [[File:Services hotspot configuration external v 2.PNG]]
| |
| | |
| <table class="nd-mantable"> | |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Configuration profile</td>
| |
| <td>Custom | Cloud4wi | Hotspotsystem; Default: '''Custom'''</td>
| |
| <td>If not set to '''Custom''', Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the '''Walled Garden''' section. Used only with '''External radius''' Authentication mode. </td>
| |
| </tr>
| |
| <tr>
| |
| <td>Enable</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Toggles Wi-Fi Hotspot ON or OFF</td>
| |
| </tr>
| |
| <tr>
| |
| <td>AP IP</td>
| |
| <td>ip; Default: '''192.168.2.254/24'''</td>
| |
| <td>Access Point IP address defines the IP address of your Hotspot's network</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Logout address</td>
| |
| <td>host | ip; Default: '''1.1.1.1'''</td>
| |
| <td>An address that can be used by users to logout from the Hotspot session</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Authentication mode</td>
| |
| <td>External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; Default: '''Without radius'''</td>
| |
| <td>Authentication mode defines how users will connect to the Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Authentication protocol</td>
| |
| <td>PAP | CHAP; Default: '''PAP'''</td>
| |
| <td>Authentication protocol used to authenticate new connections on the Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Terms of service</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the '''Landing Page''' section</td>
| |
| </tr>
| |
| <tr>
| |
| <td>RADIUS server #1 | RADIUS server #2</td>
| |
| <td>ip; Default: " "</td>
| |
| <td>The IP address of the RADIUS server that is to be used for Authenticating your wireless clients </td>
| |
| </tr>
| |
| <tr>
| |
| <td>Authentication port</td>
| |
| <td>integer [0..65535]; Default: '''1812'''</td>
| |
| <td>RADIUS server authentication port</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Accounting port</td>
| |
| <td>integer [0..65535]; Default: '''1813''' </td>
| |
| <td>RADIUS server accounting port</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Radius secret key</td>
| |
| <td>string; Default: " "</td>
| |
| <td>The secret key is a password used for authentication with the RADIUS server</td>
| |
| </tr>
| |
| <tr>
| |
| <td>UAM port</td>
| |
| <td>integer [0..65535]; Default: '''3990'''</td>
| |
| <td>Port to bind for authenticating clients</td>
| |
| </tr>
| |
| <tr>
| |
| <td>UAM UI port</td>
| |
| <td>integer [0..65535]; Default: '''4990'''</td>
| |
| <td>UAM User Interface port</td>
| |
| </tr>
| |
| <tr>
| |
| <td>UAM secret</td>
| |
| <td>string; Default: " "</td>
| |
| <td>Shared secret between the UAM server and the Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>NAS identifier</td>
| |
| <td>string; Default: " "</td>
| |
| <td>NAS-Identifier is one of the basic RADIUS attributes</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Swap octets</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Swaps the meaning of input octets and output as it relates to RADIUS attributes</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Location name</td>
| |
| <td>string; Default: " "</td>
| |
| <td>Custom location name for your Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>External landing page</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Enables the use of an external landing page</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Landing page address</td>
| |
| <td>string; Default: " "</td>
| |
| <td>A custom Hotspot's external landing page</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Success URL</td>
| |
| <td>string; Default: " "</td>
| |
| <td>A custom redirect URL after successful Hotspot login</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Protocol</td>
| |
| <td>HTTP | HTTPS; Default: '''HTTP'''</td>
| |
| <td>Connection protocol of your Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>HTTPS to landing page redirect</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Redirects HTTP pages to landing page</td>
| |
| </tr>
| |
| <tr>
| |
| <td>SSL key file</td>
| |
| <td>.key file; Default: " "</td>
| |
| <td>SSL key file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
| |
| </tr>
| |
| <tr>
| |
| <td>SSL certificate file</td>
| |
| <td>.crt file; Default: " "</td>
| |
| <td>SSL certificate file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Use custom DNS</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Enables the use of custom DNS servers instead of your regular DNS</td>
| |
| </tr>
| |
| <tr>
| |
| <td>DNS server 1 | DNS server 2</td>
| |
| <td>ip; Default: " "</td>
| |
| <td>Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled</td>
| |
| </tr>
| |
| </table>
| |
| | |
| ===Internal Radius===
| |
| ---- | |
| '''Internal Radius''' is Authentication mode that uses the router's internal RADIUS server for authentication. Teltonika routers' RADIUS server has RFC 2866 RADIUS Accounting and RFC 2869 RADIUS Extensions implemented.
| |
| | |
| [[File:Services hotspot configuration internal v 2.PNG]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Configuration profile</td>
| |
| <td>Custom | Cloud4wi | Hotspotsystem; Default: '''Custom'''</td>
| |
| <td>If not set to '''Custom''', Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the '''Walled Garden''' section. Used only with '''External radius''' Authentication mode.</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Enable</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Toggles Wi-Fi Hotspot ON or OFF</td>
| |
| </tr>
| |
| <tr>
| |
| <td>AP IP</td>
| |
| <td>ip; Default: '''192.168.2.254/24'''</td>
| |
| <td>Access Point IP address defines the IP address of your Hotspot's network</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Logout address</td>
| |
| <td>host | ip; Default: '''1.1.1.1'''</td>
| |
| <td>An address that can be used by users to logout from the Hotspot session</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Authentication mode</td>
| |
| <td>External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; Default: '''Without radius'''</td>
| |
| <td>Authentication mode defines how users will connect to the Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Terms of service</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the '''Landing Page''' section</td>
| |
| </tr>
| |
| <tr>
| |
| <td>External landing page</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Enables the use of an external landing page</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Landing page address</td>
| |
| <td>string; Default: " "</td>
| |
| <td>A custom Hotspot's external landing page</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Success URL</td>
| |
| <td>string; Default: " "</td>
| |
| <td>A custom redirect URL after successful Hotspot login</td>
| |
| </tr>
| |
| <tr>
| |
| <td>HTTPS to landing page redirect</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Redirects HTTP pages to landing page</td>
| |
| </tr>
| |
| <tr>
| |
| <td>SSL key file</td>
| |
| <td>.key file; Default: " "</td>
| |
| <td>SSL key file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
| |
| </tr>
| |
| <tr>
| |
| <td>SSL certificate file</td>
| |
| <td>.crt file; Default: " "</td>
| |
| <td>SSL certificate file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Use custom DNS</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Enables the use of custom DNS servers instead of your regular DNS</td>
| |
| </tr>
| |
| <tr>
| |
| <td>DNS server 1 | DNS server 2</td>
| |
| <td>ip; Default: " "</td>
| |
| <td>Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled</td>
| |
| </tr>
| |
| </table>
| |
| | |
| Information on how to configure Internal radius server can be found [[#Radius_Server|here]].
| |
| | |
| ===Without Radius===
| |
| ---- | |
| '''Without Radius''' Authentication doesn't use a Radius server to authenticate users connecting to the Hotspot, instead it gives you the possibility to configure different users with different password and session parameters.
| |
| | |
| [[File:Services hotspot configuration without v 2.PNG]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Configuration profile</td>
| |
| <td>Custom | Cloud4wi | Hotspotsystem; Default: '''Custom'''</td>
| |
| <td>If not set to '''Custom''', Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the '''Walled Garden''' section. Used only with '''External radius''' Authentication mode.</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Enable</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Toggles Wi-Fi Hotspot ON or OFF</td>
| |
| </tr>
| |
| <tr>
| |
| <td>AP IP</td>
| |
| <td>ip; Default: '''192.168.2.254/24'''</td>
| |
| <td>Access Point IP address defines the IP address of your Hotspot's network</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Logout address</td>
| |
| <td>host | ip; Default: '''1.1.1.1'''</td>
| |
| <td>An address that can be used by users to logout from the Hotspot session</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Authentication mode</td>
| |
| <td>External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; Default: '''Without radius'''</td>
| |
| <td>Authentication mode defines how users will connect to the Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Terms of service</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the '''Landing Page''' section</td>
| |
| </tr>
| |
| <tr>
| |
| <td>External landing page</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Enables the use of an external landing page</td>
| |
| </tr>
| |
|
| |
| <tr>
| |
| <td>Landing page address</td>
| |
| <td>string; Default: " "</td>
| |
| <td>A custom Hotspot's external landing page</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Success URL</td>
| |
| <td>string; Default: " "</td>
| |
| <td>A custom redirect URL after successful Hotspot login</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Protocol</td>
| |
| <td>HTTP | HTTPS; Default: '''HTTP'''</td>
| |
| <td>Connection protocol of your Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>HTTPS to landing page redirect</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Redirects HTTP pages to landing page</td>
| |
| </tr>
| |
| <tr>
| |
| <td>SSL key file</td>
| |
| <td>.key file; Default: " "</td>
| |
| <td>SSL key file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
| |
| </tr>
| |
| <tr>
| |
| <td>SSL certificate file</td>
| |
| <td>.crt file; Default: " "</td>
| |
| <td>SSL certificate file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Use custom DNS</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Enables the use of custom DNS servers instead of your regular DNS</td>
| |
| </tr>
| |
| <tr>
| |
| <td>DNS server 1 | DNS server 2</td>
| |
| <td>ip; Default: " "</td>
| |
| <td> Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled</td>
| |
| </tr>
| |
| </table>
| |
| | |
| ====Users Configuration====
| |
| ---- | |
| The '''Users Configuration''' tab is used to create new, unique users that can connect to the Hotspot.
| |
| | |
| [[Image:Services hotspot configuration user.PNG]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Username</td>
| |
| <td>string; Default: " "</td>
| |
| <td>A custom user name used to authenticate clients connecting to the Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Password</td>
| |
| <td>string; Default: " "</td>
| |
| <td>A custom password for the specified user name</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Session Template</td>
| |
| <td>string; Default: '''unlimited'''</td>
| |
| <td>Session templates define session settings for different users. The '''unlimited''' Session Template is a default template with no restrictions. More on Session Template in the next section</td>
| |
| </tr>
| |
| </table>
| |
| | |
| ====Session Templates====
| |
| ---- | |
| A '''Session Template''' is a set of rules that can be prescribed to a Hotspot user. A default template named '''unlimited''' is present in the router, but it has no configured restrictions. You can edit the default template or you can create a custom template and configure it.
| |
| | |
| [[Image:Services hotspot configuration session template.PNG| border |class=tlt-border]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Idle timeout</td>
| |
| <td>integer; Default: " "</td>
| |
| <td>A timeout in seconds after which idle users are automatically disconnected from the Hotspot. 0 means unlimited</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Session timeout</td>
| |
| <td>integer; Default: " "</td>
| |
| <td>A timeout in seconds after users are automatically disconnected from the Hotspot. The timeout countdown begins when a user is authenticated to the Hotspot and, after an amount of time specified in this field, the user gets disconnected from the Hotspot. 0 means unlimited</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Download bandwidth</td>
| |
| <td>integer; Default: " "</td>
| |
| <td> Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s, Mbit/s, Gbit/s</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Upload bandwidth</td>
| |
| <td>integer; Default: " "</td>
| |
| <td>Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s, Mbit/s or Gbit/s</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Download limit</td>
| |
| <td>integer; Default: " "</td>
| |
| <td>A received data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Download limit is specified in MB</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Upload limit</td>
| |
| <td>integer; Default: " "</td>
| |
| <td>A sent data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Upload limit is specified in MB</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Period</td>
| |
| <td>Month | Week | Day; Default: '''Month'''</td>
| |
| <td>The beginning of the period during which the restriction specified in this section will apply. After the period is over, all specified limits are reset </td>
| |
| </tr>
| |
| <tr>
| |
| <td>Start day | Start hour</td>
| |
| <td>integer [1..31] | Monday..Sunday | integer [1..24]; Default: '''day 1'''</td>
| |
| <td>Specifies which day of the month, week or hour of the day the limits will be reset</td>
| |
| </tr>
| |
| </table>
| |
| | |
| ===Advertisement===
| |
| ---- | |
| The '''Advertisement''' Authentication mode doesn't use any kind of actual authentication. Instead when a user connects to the Hotspot he first gets redirected to a specified advertisement page. After that the user is free to use the Hotspot.
| |
| | |
| [[File:Services_hotspot_configuration_advertisement_v3.PNG|border|class=tlt-border]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Configuration profile</td>
| |
| <td>Custom | Cloud4wi | Hotspotsystem; Default: '''Custom'''</td>
| |
| <td>If not set to '''Custom''', Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the '''Walled Garden''' section. Used only with '''External radius''' Authentication mode.</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Enable</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Toggles Wi-Fi Hotspot ON or OFF</td>
| |
| </tr>
| |
| <tr>
| |
| <td>AP IP</td>
| |
| <td>ip; Default: '''192.168.2.254/24'''</td>
| |
| <td>Access Point IP address defines the IP address of your Hotspot's network</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Authentication mode</td>
| |
| <td>External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; Default: '''Without radius'''</td>
| |
| <td>Authentication mode defines how users will connect to the Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Advertisement address</td>
| |
| <td>host | ip; Default: " "</td>
| |
| <td>The address of the advertisement page that newly connected users will be redirected to</td>
| |
| </tr>
| |
| <tr>
| |
| <td>HTTPS to landing page redirect</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Redirects HTTP pages to landing page</td>
| |
| </tr>
| |
| <tr>
| |
| <td>SSL key file</td>
| |
| <td>.key file; Default: " "</td>
| |
| <td>SSL key file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled </td>
| |
| </tr>
| |
| <tr>
| |
| <td>SSL certificate file</td>
| |
| <td>.crt file; Default: " "</td>
| |
| <td>SSL certificate file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Use custom DNS</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Enables the use of custom DNS servers instead of your regular DNS</td>
| |
| </tr>
| |
| <tr>
| |
| <td>DNS server 1 | DNS server 2</td>
| |
| <td>ip; Default: " "</td>
| |
| <td>Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled</td>
| |
| </tr>
| |
| </table>
| |
| | |
| ===MAC auth===
| |
| ---- | |
| '''MAC auth''' Authentication mode authenticates users by their MAC address. A list of accepted or unaccepted MAC addresses can be configured in the router's WebUI's Wireless section under Interface Configuration->[[Wireless#MAC_Filter|MAC Filter]]
| |
| | |
| [[File:Services hotspot configuration mac v 2.PNG| border | class=tlt-border]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Configuration profile</td>
| |
| <td>Custom | Cloud4wi | Hotspotsystem; Default: '''Custom'''</td>
| |
| <td>If not set to '''Custom''', Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the '''Walled Garden''' section. Used only with '''External radius''' Authentication mode.</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Enable</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Toggles Wi-Fi Hotspot ON or OFF</td>
| |
| </tr>
| |
| <tr>
| |
| <td>AP IP</td>
| |
| <td>ip; Default: '''192.168.2.254/24'''</td>
| |
| <td>Access Point IP address defines the IP address of your Hotspot's network</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Logout address</td>
| |
| <td>host | ip; Default: '''1.1.1.1'''</td>
| |
| <td>An address that can be used by users to logout from the Hotspot session</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Authentication mode</td>
| |
| <td>External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; Default: '''Without radius'''</td>
| |
| <td>Authentication mode defines how users will connect to the Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Terms of service</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the '''Landing Page''' section</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Password protection</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Enables Hotspot password protection</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Password</td>
| |
| <td>string; Default: " "</td>
| |
| <td>A password used to authenticate connecting clients to the Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Website access link</td>
| |
| <td>Link | Auto redirect | Custom address; Default: '''Link'''</td>
| |
| <td>Requested website access mode</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Protocol</td>
| |
| <td>HTTP | HTTPS; Default: '''HTTP'''</td>
| |
| <td>Connection protocol of your Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>HTTPS to landing page redirect</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Redirects HTTP pages to landing page</td>
| |
| </tr>
| |
| <tr>
| |
| <td>SSL key file</td>
| |
| <td>.key file; Default: " "</td>
| |
| <td>SSL key file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
| |
| </tr>
| |
| <tr>
| |
| <td>SSL certificate file</td>
| |
| <td>.crt file; Default: " "</td>
| |
| <td>SSL certificate file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Use custom DNS</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Enables the use of custom DNS servers instead of your regular DNS</td>
| |
| </tr>
| |
| <tr>
| |
| <td>DNS server 1 | DNS server 2</td>
| |
| <td>ip; Default: " "</td>
| |
| <td>Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled</td>
| |
| </tr>
| |
| </table>
| |
| | |
| ===SMS OTP===
| |
| ---- | |
| With '''SMS OTP''' Authentication mode connecting users are prompted to enter their phone number. After that, the router sends and SMS message containing a code to the specified number. Users then authenticate themselves to the Hotspot using this code.
| |
| | |
| [[File:Services hotspot configuration sms v 2.PNG |border| class=tlt-border]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Configuration profile</td>
| |
| <td>Custom | Cloud4wi | Hotspotsystem; Default: '''Custom'''</td>
| |
| <td>If not set to '''Custom''', Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the '''Walled Garden''' section. Used only with '''External radius''' Authentication mode.</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Enable</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Toggles Wi-Fi Hotspot ON or OFF</td>
| |
| </tr>
| |
| <tr>
| |
| <td>AP IP</td>
| |
| <td>ip; Default: '''192.168.2.254/24'''</td>
| |
| <td>Access Point IP address defines the IP address of your Hotspot's network</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Authentication mode</td>
| |
| <td>External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; Default: '''Without radius'''</td>
| |
| <td>Authentication mode defines how users will connect to the Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Protocol</td>
| |
| <td>HTTP | HTTPS; Default: '''HTTP'''</td>
| |
| <td>Connection protocol of your Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>HTTPS to landing page redirect</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Redirects HTTP pages to landing page</td>
| |
| </tr>
| |
| <tr>
| |
| <td>SSL key file</td>
| |
| <td>.key file; Default: " "</td>
| |
| <td>SSL key file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
| |
| </tr>
| |
| <tr>
| |
| <td>SSL certificate file</td>
| |
| <td>.crt file; Default: " "</td>
| |
| <td>SSL certificate file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Use custom DNS</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Enables the use of custom DNS servers instead of your regular DNS</td>
| |
| </tr>
| |
| <tr>
| |
| <td>DNS server 1 | DNS server 2</td>
| |
| <td>ip; Default: " "</td>
| |
| <td>Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled</td>
| |
| </tr>
| |
| </table>
| |
| | |
| ===Walled Garden===
| |
| ----
| |
| You can configure a list of addresses that users connected to the Hotspot will be able to reach without any authentication. By default this list is empty. Click the '''Add''' button to add a new address.
| |
| | |
| [[Image:Services hotspot configuration walled garden.png| border| class=tlt-border]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Enable</td>
| |
| <td>yes | no; Default: '''yes'''</td>
| |
| <td>Enables or disables an entry of the list</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Address</td>
| |
| <td>host | ip; Default: " "</td>
| |
| <td>An address that users connected to the Hotspot can reach without authentication</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Port</td>
| |
| <td>integer [0..65535]; Default: " "</td>
| |
| <td>Specifies the port through which the user can connect to the provided address. This field becomes visible only if '''Allow subdomains''' is disabled</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Allow subdomains</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>If checked, users can connect to the specified address and all of its subdomains</td>
| |
| </tr>
| |
| </table>
| |
| | |
| ==Restricted Internet Access== | |
| | |
| The '''Restricted Internet Access''' page provides you with the possibility to restrict internet access on Hotspot on specified hours. Blue squares represent restricted access, white squares - allowed access. Bellow is an example of a configuration that restricts internet access outside of working hours.
| |
| | |
| [[Image:Services hotspot restricted list.PNG|border|class=tlt-border]]
| |
| | |
| ==Logging==
| |
| The Hotspot '''Logging''' section is used to send Hotspot or Wireless information to an FTP or Syslog server.
| |
| [[Image:Services hotspot logging configuration logging.PNG|border| class=tlt-border]]
| |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Enable</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td> Enables or disables whole logging section's fuctionality </td>
| |
| </tr>
| |
| </table>
| |
| [[Image:Services hotspot logging configuration syslog.PNG|border| class=tlt-border]]
| |
| | |
| <table class="nd-mantable"> | |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Enable</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Toggles logging to Syslog ON or OFF </td>
| |
| </tr>
| |
| <tr>
| |
| <td>Server address</td>
| |
| <td>host | ip; Default: '''" "'''</td>
| |
| <td>Syslog server address</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Port</td>
| |
| <td>integer [0..65535]; Default: '''" "'''</td>
| |
| <td>Syslog server port</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Protocol</td>
| |
| <td>UDP|TCP Default: '''TCP'''</td>
| |
| <td>Protocol of the syslog server</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Prefix text</td>
| |
| <td>string; Default: '''" "''' </td>
| |
| <td>Prefix custom text to streamed messages</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Protocol filter</td>
| |
| <td>UDP|TCP|Any; Default: '''Any'''</td>
| |
| <td>Filter log messages depending on protocol</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Port filter </td>
| |
| <td>integer [0..65535]; Default: '''" "'''</td>
| |
| <td>Filter log messages depending on port of port range</td>
| |
| </tr>
| |
| </table>
| |
| | |
| | |
| [[Image:Services hotspot logging configuration ftp.PNG|border| class=tlt-border]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Enable</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Toggles logging to FTP ON or OFF</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Server address</td>
| |
| <td>host | ip; Default: '''your.ftp.server'''</td>
| |
| <td>FTP server address.</td>
| |
| </tr>
| |
| <tr>
| |
| <td>User name</td>
| |
| <td>string; Default: '''username'''</td>
| |
| <td>User name used for authentication when logging into an FTP server</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Password</td>
| |
| <td>string; Default: '''password'''</td>
| |
| <td>Password used for authentication when logging into an FTP server</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Port</td>
| |
| <td>integer [0..65535]; Default: '''21''' </td>
| |
| <td>FTP server port</td>
| |
| </tr>
| |
| <tr>
| |
| <td>File name extras</td>
| |
| <td>No extra information | MAC address | Serial number | Custom string; Default: '''No extra information'''</td>
| |
| <td>Extra information to be added to the log filename</td>
| |
| </tr>
| |
| </table>
| |
| | |
| ===FTP Upload Settings===
| |
| ---- | |
| Here you can configure your timing settings for the log upload via FTP feature.
| |
| | |
| [[Image:Services hotspot logging configuration ftp set.PNG|border|class=tlt-border]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Mode</td>
| |
| <td>Fixed | Interval; Default: '''Fixed'''</td>
| |
| <td>The scheduling mode to be used for uploading to FTP server</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Hours</td>
| |
| <td>time; Default: '''8 hours'''</td>
| |
| <td>Time interval when the uploads will take place</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Minutes</td>
| |
| <td>time;Default: '''15 minutes'''</td>
| |
| <td>Time interval when the uploads will take place</td>
| |
| </tr>
| |
| <td>Days</td>
| |
| <td>time;Default: '''Monday, Tuesday, Wednesday, Thursday, Friday'''</td>
| |
| <td>On which day upload will take place</td>
| |
| <tr>
| |
| | |
| </tr>
| |
| </table>
| |
| | |
| ===Wifi Log/SMS OTP Log===
| |
| ---- | |
| WiFi and SMS OTP logs show information about connections to your WiFi Hotspot. FTP logging has to be enabled.
| |
| [[Image:Services hotspot logging configuration Wifi log.PNG|border|class=tlt-border]]
| |
| [[Image:Services hotspot logging configuration SMS OTP log.PNG|border|class=tlt-border]]
| |
| | |
| ==Landing Page==
| |
| | |
| This section is used to define how your Hotspot's Landing Page will look like.
| |
| | |
| [[Image:Services hotspot landing page general.PNG|border|class=tlt-border]]
| |
| | |
| ===Template===
| |
| ---- | |
| This is a template based on the default landing page. You can edit its HTML code to make it look however you want!
| |
| | |
| [[Image:Services hotspot landing page template.PNG|border|class=tlt-border]]
| |
| | |
| ===Custom Landing Page===
| |
| ---- | |
| | |
| ==Radius Server==
| |
| | |
| This section is used to configure your '''Radius Server''' for use with '''[[#Internal_Radius|Internal radius]]''' Authentication mode
| |
| | |
| [[Image:Services hotspot radius server.PNG|border|class=tlt-border]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Enable</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Toggles Radius Server ON or OFF</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Remote access</td>
| |
| <td>yes | no; Default: '''no'''</td>
| |
| <td>Toggles remote access to the Radius Server ON or OFF.</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Accounting port</td>
| |
| <td>integer [0..65535]; Default: '''1813'''</td>
| |
| <td>Radius server accounting port </td>
| |
| </tr>
| |
| <tr>
| |
| <td>Authentication port</td>
| |
| <td>integer [0..65535]; Default: '''1812'''</td>
| |
| <td>Radius server authentication port</td>
| |
| </tr>
| |
| </table>
| |
| | |
| | |
| ===Session Settings===
| |
| ---- | |
| A '''Session Template''' is a set of rules that can be prescribed to a Hotspot user. A default template named '''unlimited''' is present in the router, but it has no configured restriction. You can edit the default template or you can create a custom template and configure it.
| |
| | |
| [[Image:Services hotspot configuration session template.PNG|border|class=tlt-border]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Idle timeout</td>
| |
| <td>integer; Default: " "</td>
| |
| <td>A timeout in seconds after which idle users are automatically disconnected from the Hotspot. 0 means unlimited</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Session timeout</td>
| |
| <td>integer; Default: " "</td>
| |
| <td>A timeout in seconds after users are automatically disconnected from the Hotspot. The timeout countdown begins when a user is authenticated to the Hotspot and, after an amount of time specified in this field, the user gets disconnected from the Hotspot. 0 means unlimited</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Download bandwidth</td>
| |
| <td>integer; Default: " "</td>
| |
| <td>Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s, Mbit/s or Gbit/s</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Upload bandwidth</td>
| |
| <td>integer; Default: " "</td>
| |
| <td>Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s, Mbit/s or Gbit/s</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Download limit</td>
| |
| <td>integer; Default: " "</td>
| |
| <td>A received data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Download limit is specified in MB</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Upload limit</td>
| |
| <td>integer; Default: " "</td>
| |
| <td>A sent data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Upload limit is specified in MB</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Period</td>
| |
| <td>Month | Week | Day; Default: '''Month'''</td>
| |
| <td>The beginning of the period during which the restriction specified in this section will apply. After the period is over, all specified limits are reset </td>
| |
| </tr>
| |
| <tr>
| |
| <td>Start day | Start hour</td>
| |
| <td>integer [1..31] | Monday..Sunday | integer [1..24]; Default: '''day 1'''</td>
| |
| <td>Specifies which day of the month, week or hour of the day the limits will be reset</td>
| |
| </tr>
| |
| </table>
| |
| | |
| ===Users Configuration Settings===
| |
| ---- | |
| The '''Users Configuration''' tab is used to create new, unique users that can connect to the Hotspot.
| |
| | |
| [[Image:Services hotspot configuration user.PNG]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Username</td>
| |
| <td>string; Default: " "</td>
| |
| <td>A custom user name used to authenticate clients connecting to the Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Password</td>
| |
| <td>string; Default: " " </td>
| |
| <td>A custom password for the specified user name</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Session Template</td>
| |
| <td>string; Default: '''unlimited'''</td>
| |
| <td>Session templates define session settings for different users. The '''unlimited''' Session Template is a default template with no restrictions. More on Session Template in the next section</td>
| |
| </tr>
| |
| </table>
| |
| | |
| ===Clients Configuration Settings===
| |
| ---- | |
| [[Image:Services hotspot radius server clients.PNG|border|class=tlt-border]]
| |
| | |
| <table class="nd-mantable">
| |
| <tr>
| |
| <th>field name</th>
| |
| <th>value</th>
| |
| <th>description</th>
| |
| </tr>
| |
| <tr>
| |
| <td>Enable</td>
| |
| <td>yes | no; Default: '''yes'''</td>
| |
| <td>Toggles Clients Configuration ON or OFF</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Client name</td>
| |
| <td>string; Default: " "</td>
| |
| <td>A custom user name used to authenticate clients connecting to the Hotspot</td>
| |
| </tr>
| |
| <tr>
| |
| <td>IP address</td>
| |
| <td>ip; Default: " "</td>
| |
| <td>The IP address of the client </td>
| |
| </tr>
| |
| <tr>
| |
| <td>Netmask</td>
| |
| <td>integer [0..32]; Default: " "</td>
| |
| <td>The netmask of the client</td>
| |
| </tr>
| |
| <tr>
| |
| <td>Radius shared secret</td>
| |
| <td>string; Default: " "</td>
| |
| <td>Radius shared secret used for communication between the client/NAS and the radius server</td>
| |
| </tr>
| |
| </table>
| |
| | |
| ==Statistics==
| |
| | |
| The '''Statistics''' page shows statistics about connections to the hotspot. '''Reminder: Statistics page becomes visible only when device is connected to the hotspot.'''
| |
| | |
| [[Image:Services hotspot stats.PNG|border|class=tlt-border]]
| |
| | |
| ==Manage==
| |
| | |
| With the help of the '''Manage''' page you manage the users that are connected to your Hotspot. To reach the '''Manage''' window, go to Services->Hotspot. The '''Manage''' button will be located next to your Hotspot instance.
| |
| | |
| [[Image:Services hotspot manage reach.PNG|border|class=tlt-border]]
| |
| | |
| [[Image:Services hotspot manage.PNG|border|class=tlt-border]]
| |
| | |
| [[Category:RUT955 WebUI]]
| |
The information in this page is updated in accordance with firmware version RUT9_R_00.07.06.16.
Note: click here for the old style WebUI (FW version RUT9XX_R_00.06.09.5 and earlier) user manual page.
Summary
On Teltonika Networks devices a Hotspot is a service that provides authentication, authorization and accounting for a network. This chapter is an overview of the Hotspot section for RUT955 devices.
Note: Hotspot is additional software that can be installed from the System → Package Manager page.
General
Hotspot Instances
The Hotspot Instances section displays the main parameters of your Hotspot. By default, a Hotspot instance does not exist on the device. To create a new instance and begin configuration:
- select an 'Interface';
- click the 'Add' button;
After this, a new Hotspot configuration window will appear.
General Settings
The General Settings window is where most of the Hotspot configuration takes place. Look to the sub-sections below for information on configuration fields found in the General Settings sections.
General
Field |
Value |
Description |
Configuration profile |
Cloud4wi | Default | Hotspotsystems | Purple portal; default: Default |
Pre-configures Hotspot settings according to the selected service provider. |
Enable |
off | on; default: on |
Turns the Hotspot instance on or off. |
Hotspot Network |
ip/netmask; default: 192.168.2.0/24 |
IP address and subnet of the Hotspot network. |
IP Address |
ip; default: 192.168.2.254 |
Defines the IP address of your Hotspot router in network. |
Authentication mode |
Radius | Local user | SMS OTP |MAC auth ; default: Local users |
Authentication mode defines how users will connect to the Hotspot. |
Allow signup |
off | on; default: off |
Allows users to sign up to hotspot via landing page. |
Expiration time |
integer; default: 0 |
User credential expiration time. Applies to users who signed up via landing page. |
Users group |
user group; default: default |
The user group to which users signed up via landing page should be assigned to. |
Landing Page |
Internal | External; default: Internal |
If external Landing Page is chosen, new section, to enter website address, will appear, e.g., http://www.example.com |
UAM Port |
integer; default: 3990 |
Port to bind for authenticating clients. |
UAM Secret |
string; default: none |
Shared secret between uamserver and hotspot. |
Success page |
Success Page | Original URL | Custom; default: Success page |
Location to return to after successful authentication. |
Advanced
Field |
Value |
Description |
Additional interfaces |
Available interfaces; default: none |
Shows additional interfaces that can be attached to hotspot instance. |
Logout address |
ip; default: 1.0.0.0 |
An address that can be used by users to logout from the Hotspot session. |
Protocol |
HTTP | HTTPS; default: HTTP |
Protocol to be used for landing page. |
Enable TOS |
off | on; default: off |
Enables Terms of Service (ToS) requirement. Client device will be able to access the Internet only after agreeing ToS. |
Trial access |
off | on; default: off |
Enables trial internet access for a specific group. |
Trial access: Group |
User group; default: default |
Group of trial users. |
HTTPS to landing page redirect |
off | on; default: off |
Redirect initial pre-landing page HTTPS requests to hotspot landing page. |
Certificate files from device |
off | on; default: off |
Specified whether to upload key & certificate files from computer or to use files generated on this device via the System → Administration → Certificates page. |
SSL key file |
key file; default: none |
Upload/select SSL key. |
SSL certificate file |
certificate file; default: none |
Upload/select SSL certificate. |
DNS server 1 |
ip; default: 8.8.8.8 |
Additional DNS servers that are to be used by the Hotspot. |
DNS server 2 |
ip; default: 8.8.4.4 |
Additional DNS servers that are to be used by the Hotspot. |
Radius
Radius authentication mode uses an external RADIUS server, to which you have to provide an address to, instead of using the router's Local Authentication. If you are using Local authentication, this section is not visible.
Field |
Value |
Description |
RADIUS server #1 |
ip; default: none |
The IP address of the RADIUS server #1 that is to be used for Authenticating your wireless clients. |
RADIUS server #2 |
ip; default: none |
The IP address of the RADIUS server #2 that is to be used for Authenticating your wireless clients. |
Authentication port |
integer [0..65535]; default: 1812 |
RADIUS server authentication port. |
Accounting port |
integer [0..65535]; default: 1813 |
RADIUS server accounting port. |
NAS identifier |
string; default: none |
NAS-Identifier is one of the basic RADIUS attributes. |
Radius secret key |
string; default: none |
The secret key is a password used for authentication with the RADIUS server. |
Swap octets |
off | on; default: off |
Swaps the meaning of input octets and output as it relates to RADIUS attributes. |
Location name |
string; default: none |
Custom location name for your Hotspot. |
Location ID |
string; default: none |
Custom location ID for your Hotspot. |
Walled Garden
You can add a list of addresses that users connected to the Hotspot will be able to reach without any authentication.
By default this list is empty. Simply write addresses into the Address List.
Format of address is website.com (does not include https://www).
URL Parameters
The URL parameters section becomes visible when Landing page is selected as External in General settings section.
Field |
Value |
Description |
UAM IP |
string; default: none |
The IP Address of the Captive Portal gateway. |
UAM port |
string; default: none |
The port on which the Captive Portal will serve web content. |
Called |
string; default: none |
The MAC address of the IP Address of the Captive Portal gateway. |
MAC |
string; default: none |
The MAC address of the client trying to gain Internet access. |
NAS id |
string; default: none |
An identification for the Captive Portal used in the RADIUS request. |
Session id |
string; default: none |
The unique identifer for session. |
User url |
string; default: none |
The URL which the user tried to access before he were redirected to the Captive Portal's URL's pages. |
Challenge |
string; default: none |
A challenge that should be used together with the user's password to create an encrypted phrase used to log on. |
Custom 1 |
string; default: none |
Add custom name and custom value which will be displayed in url parameters. |
- |
SSID | Hostname | FW version | --Custom--; default: SSID |
- |
Custom 2 |
string; default: none |
Add custom name and custom value which will be displayed in url parameters. |
- |
SSID | Hostname | FW version | --Custom--; default: SSID |
- |
User Scripts
In this section you can add custom Scripts that will be executed after a session is authorized in the Session up section, after session has moved from authorized state to unauthorized in the Session down section and after a new user has been signed up in the User signup section.
Local Users
The Local Users section is used to create and manage users that can connect to the Hotspot. The elements comprising the Local Users page are explained in the list and figure below.
- Entering a Username, Password and clicking the 'Add' button creates a new user.
- The 'Group' dropdown menu assigns a user to another group.
- The 'Edit' button lets you change a user's password or assign the user to another group.
- The 'Delete[X]' button deletes a user.
Landing Page
This section is used to define how your Hotspot's Landing Page will look like to connecting users.
General Settings
General Settings section lets you choose the authentication protocol and theme that will be used in the Landing Page. You can download more themes using the Package Manager
Themes
The Themes section displays all available Landing Page themes. In order to download a theme, click the 'Download' button, in order to edit a theme, click the 'Edit' button next to it.
Images
The Images section allows you to upload custom images to different objects.
Style Settings
Pressing edit button next to style settings lets you edit how your
landing page will look visually using CSS syntax.
View Settings
In View Settings you can access and modify default templates for various parts of landing page and edit their HTML code.
Custom Theme
To use custom theme you can download default theme and edit it's content. Then use upload button to upload it.
User Groups
User Groups provides the possibility to set different connection limits for different users. A group called 'default' is already created and does not have any limitations set by default. You can
- create a new group by entering a custom Name and clicking 'Add'
- or configure the existing rule by clicking the 'Edit' button next to it.
A group's settings page will look similar to this:
Field |
Value |
Description |
Idle timeout |
integer; default: none |
A timeout in seconds after which idle users are automatically disconnected from the Hotspot. (0 means
unlimited.) |
Time limit |
integer; default: none |
Disables hotspot user after time limit in sec is reached. (0, meaning unlimited) |
Download bandwidth |
integer; default: none |
Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Mbit/s. |
Upload bandwidth |
integer; default: none |
Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Mbit/s. |
Download limit |
integer; default: none |
A received data limit that the users assigned to this template can reach. After the data limit is reached,
the user will lose data connection. Download limit is specified in MB. |
Upload limit |
integer; default: none |
A sent data limit that the users assigned to this template can reach. After the data limit is reached, the
user will lose data connection. Upload limit is specified in MB. |
Warning |
integer; default: none |
Send an SMS warning to hotspot user after warning value of download or upload data in MB is reached. Only works with SMS OTP authentication. |
Period |
Month | Week | Day; default: Month |
The beginning of the period during which the restriction specified in this section will apply. After the
period is over, all specified limits are reset. |
Start day |
integer [1..31] | Monday..Sunday | integer [1..24]; default: 1 |
Choices changes depending on what 'Period' was chosen. Specifies which day of the month, week or hour of the
day the limits will be reset. |
User Management
The Current Hotspot Users tab displays the status and session statistics of currently logged in users. You can also "kick" (deauthenticate) a user by clicking the 'Logout' button next to it.
The Registered Hotspot Users tab displays the data of unique users that have registered to the hotspot before.
Hotspot 2.0
The Hotspot 2.0 displays available WiFi interfaces. In order to begin configuring an interface click the 'Edit' button next to it:
After this you should be redirected to the configuration page for that interface.
Hotspot 2.0 Configuration
The main configuration parameters of a Hotspot 2.0 interface will be discussed in this section.
A Hotspot 2.0 interface requires WPA2-EAP encryption. You can configure it in the Network → Wireless page (click 'Edit' next to an interface and find the Wireless Security section).
General Setup
Field |
Value |
Description |
Enable |
off | on; default: off |
Turns Hotspot 2.0 for this interface on or off. |
Internet access |
off | on; default: off |
Is used to inform the client device whether internet access is available. |
Access Network Type |
Private network | Private network with guest access | Chargeable public network | Free public network | Personal device network | Emergency services only network | Test or experimental; default: Private network |
The access network type present in beacon and probe response frames. Mobile devices can use this information when selecting a hotspot. |
HESSID |
mac; default: none |
Homogeneous ESS identifier (optional). This shall be identical to one of the BSSIDs in the homogeneous ESS. |
Roaming consortium OI |
3 or 5 octet hexstring; default: none |
Only first three entries are available through Beacon and Probe Response frames. |
Network authentication type |
Not configured | Acceptance of terms and conditions | On-line enrollment supported | http/https redirection | DNS redirection; default: Not configured |
Type of authentication used on this network. |
IP Address type availability |
Address type not available | Public IPv1 address available | Port restricted IPv4 address available | Single NATed IPv4 address available | Double NATed IPv4 address available | Port restricted IPv4 address and single NATed IPv4 address available | Port restricted IPv4 address and double NATed IPv4 address available | Availability of the address type is not known; default: Availability of the address type is not known |
Provides information about the IP address version and type that would be available to a mobile device after it authenticates to the network. |
Domain name |
domain name; default: none |
The Domain Name ANQP-element provides a list of one or more domain names of the entity operating the hotspot network. |
Venue group |
various; default: Unspecified |
Describes the venue in which the hotspot is located. |
Venue type |
various; default: Unspecified |
Describes the venue in which the hotspot is located. |
OSU Provider
Field |
Value |
Description |
OSU ssid |
string; default: none |
Informs client devices about the SSID used for OSU connections. |
OSU server URL |
url; default: none |
Is used to inform the client device whether internet access is available. |
Name language code |
string; default: none |
Two or three character language code (ISO-639). |
OSU friendly name |
string; default: none |
User-friendly name of an OSU service provider. |
OSU NAI |
string; default: none |
OSU network access identifier. |
OSU method list |
OMA-DM | SOAP-XML; default: none |
Configures the supported OSU method(s) of the OSU provider. |
Description language code |
string; default: none |
Two or three character language code (ISO-639). |
Description |
string; default: none |
OSU service description. |
WAN Metrics
Field |
Value |
Description |
Link Status |
Link up | Link Down; default: Link up |
Provides information about the WAN link that connects the hotspot to the Internet. |
Downlink Speed |
integer [1..4294967295]; default: none |
Maximum downlink speed in Kbps. |
Uplink Speed |
integer [1..4294967295]; default: none |
Maximum uplink speed in Kbps. |
Venue Name Information
The Venue Name Information is used to configure one or more Venue Name values for Venue Name ANQP information. To add a new Venue configuration, click the 'Add' button.
You should see a new entry appear in the Venue Name Information list.
Field |
Value |
Description |
Language Code |
string; default: none |
Two or three character language code (ISO-639). |
Venue Name |
string; default: none |
Name of this venue. |
Venue URL Information |
url; default: none |
Venue URL to provide additional information corresponding to Venue Name information (the URL should contain protocol). |
3GPP Cellular Network Information
The 3GPP Cellular Network Information section is used to uniquely identify mobile network operators. To add a new mobile operator instance, click the 'Add' button.
You should see a new entry appear in the 3GPP Cellular Network Information list.
Field |
Value |
Description |
Mobile Country Code |
integer; default: none |
Mobile country code (3 decimal digits). |
Mobile Network Code |
integer; default: none |
Mobile network code (2 or 3 decimal digits). |
Network Access Identifier (NAI) Realm Information
The Network Access Identifier (NAI) Realm Information parameters provide information for stations using interworking network selection to allow automatic connection to a network based on credentials. To add a new NAI Realm Information configuration, click the 'Add' button.
You should see a new entry appear in the Network Access Identifier (NAI) Realm Information list.
Field |
Value |
Description |
NAI Realm |
url; default: Link up |
The NAI Realm provides a list of NAI realms corresponding to the Home SPs that can authenticate a client device. |
EAP Method |
EAP-TLS | EAP-TTLS | PEAP | EAP-FAST; default: Undefined |
Identifies the EAP method supported by that NAI realm for authentication. |
Authentication Parameter |
Undefined | Non EAP PAP | Non EAP CHAP | Non EAP MSCHAP | Non EAP MSCHAPV2 | Credential certificate | Credential username/password; default: Undefined |
EAP method authentication parameter. |
Operator Friendly Name
The client device may obtain the Operator Friendly Name via GAS/ANQP queries to assist the user during manual hotspot selection. To add a new Operator Friendly Name configuration, click the 'Add' button.
You should see a new entry appear in the Operator Friendly Name list.
Field |
Value |
Description |
Language Code |
string; default: Link up |
Two or three character language code (ISO-639). |
Operator's Name |
string; default: none |
Provides a friendly name for the Hotspot Operator. |
Connection Capability
The Connection Capability section provides information on the status of commonly used communication protocols and ports. To add a new protocol/port configuration, click the 'Add' button.
You should see a new entry appear in the Connection Capability list.
Field |
Value |
Description |
Protocol |
ICMP | TCP | UDP; default: ICMP |
Network protocol type. |
Port Number |
integer [0..65535]; default: none |
TCP/UDP port number. |
Status |
Closed | Open | Unknown; default: Closed |
Status to be displayed for the selected protocol/port combination. |