Template:Networking rutos manual hotspot: Difference between revisions

From Teltonika Networks Wiki
(change user scripts, minor changes)
No edit summary
 
(73 intermediate revisions by 10 users not shown)
Line 1: Line 1:
{{Template:Networking_rutos_manual_fw_disclosure
{{Template: Networking_device_manual_fw_disclosure
| fw_version = {{{series}}}_R_00.02.03.1
| series = {{{series}}}
| series = {{{series}}}
| name  = {{{name}}}
| fw_version ={{Template: Networking_device_manual_latest_fw
| series = {{{series}}}
| name  = {{{name}}}
}}
}}
}}
{{#ifeq: {{{series}}} | RUT9 |<br><i><b>Note</b>: <b>[[{{{name}}} Hotspot (legacy WebUI)|click here]]</b> for the old style WebUI (FW version {{Template: Networking_device_manual_latest_fw | series = RUT9XX}} and earlier) user manual page.</i>|}}
{{#ifeq: {{{series}}} | RUT2 |<br><i><b>Note</b>: <b>[[{{{name}}} Hotspot (legacy WebUI)|click here]]</b> for the old style WebUI (FW version {{Template: Networking_device_manual_latest_fw | series = RUT2XX}} and earlier) user manual page.</i>|}}
==Summary==


==Summary==
On Teltonika Networks devices a <b>Hotspot</b> is a service that provides authentication, authorization and accounting for a network. This chapter is an overview of the Hotspot section for {{{name}}} devices.
{{#switch: {{{series}}}
  | #default =
  | RUT36X|RUT9|TCR1|RUT2|RUT2M|RUT9M|TRB1|TRB2|TRB5|TRB2M|OTD140|RUT361|TRB16|OTD500 =  
<u><b>


'''Hotspot''' is a service that provides authentication, authorization and accounting for a network.
Note:</b> Hotspot is additional software that can be installed from the <b>System → [[{{{name}}} Package Manager|Package Manager]]</b> page.</u>
}}


{{#ifeq:{{{wifi}}}|1
==General==
|
{{{name}}} devices are able to create Hotspot on either Wireless or LAN interface.


Wireless <b>Hotspots</b> are essentially Wireless Access Points - they provide network and/or internet access to other
===Hotspot Instances===
WiFi devices. The difference is that Hotspots are a lot more versatile when it comes to managing, monitoring and
----
authenticating the wireless network's users. For example, while Wireless APs can be password protected, with Hotspots
The <b>Hotspot Instances</b> section displays the main parameters of your Hotspot. By default, a Hotspot instance does not exist on the device. To create a new instance and begin configuration:
you can configure different users with different names, passwords, even data limits and data speeds and more. This
chapter is an overview of the '''Wireless Hotspot''' function in {{{name}}} routers. In Services > Hotspot > General tab
first choose interface on which you want Hotspot to operate, press '''Add''' and after new hotspot instance appears
click on [[File:Networking_rutx_manual_edit_button_v1.png]] to start configuration.


[[File:Network_rutxxx_manual_hotspot_hotspot_instances.png]]
<ol>
|
    <li>select an 'Interface';</li>
{{{name}}} devices are able to create Hotspot on LAN interface.
    <li>click the 'Add' button;</li>
</ol>


[[File:Network_rutx10_manual_hotspot_hotspot_instances_v1.png|border|class=tlt-border]]
[[File:Networking_rutos_manual_hotspot_hotspot_instances_add_button_edit_buton_wifi.png|border|class=tlt-border]]
}}


==General Settings==
After this, a new Hotspot configuration window will appear.


The '''General Settings''' window is where most of the Hotspot configurations take place. This section will be divided
====General Settings====
into sub-sections because configuration for Local authentication and with Radius Server are almost identical, just when
----
Radius is chosen extra tab appears.
The <b>General Settings</b> window is where most of the Hotspot configuration takes place. Look to the sub-sections below for information on configuration fields found in the General Settings sections.


====General====
=====General=====
----
----
[[File:Network_rutxxx_manual_hotspot_general_settings_v1.png|border|class=tlt-border]]
{{#switch: {{{series}}}
  | #default = [[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_general_v3.png|border|class=tlt-border]]
  | TRB1 | TRB5 | TRB16 = [[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_general_trb_v1.png|border|class=tlt-border]]}}


<table class="nd-mantable">
<table class="nd-mantable">
<tr>
    <tr>
<th>field name</th>
<th>Field</th>
<th>value</th>
<th>Value</th>
<th>description</th>
<th>Description</th>
</tr>
    </tr>
<tr>
    <tr>
<td>Enable</td>
<td>Configuration profile</td>
<td>off {{!}} on; default: '''on'''</td>
<td>Cloud4wi | Default | Hotspotsystems | Purple portal; default: <b>Default</b></td>
<td>Toggles WiFi Hotspot instance ON or OFF.</td>
<td>Pre-configures Hotspot settings according to the selected service provider.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Hotspot Network</td>
<td>Enable</td>
<td>IP; default: '''192.168.2.0/24'''</td>
<td>off | on; default: <b>on</b></td>
<td>Defines IP and subnet of Hotspot Network.</td>
<td>Turns the Hotspot instance on or off.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>IP Adress</td>
<td>Hotspot Network</td>
<td>ip; default: '''192.168.2.254'''</td>
<td>ip/netmask; default: <b>{{#switch: {{{series}}} | #default = 192.168.2.0/24 | TRB1 | TRB2 | TRB5 | TRB2M |TRB16 = 192.168.3.0/24}}</b></td>
<td>Defines the IP address of your Hotspot router in network.</td>
<td>IP address and subnet of the Hotspot network. Netmask must be from 16 to 30.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Authentication mode</td>
<td>IP Address</td>
<td>Radius {{!}} Local user {{!}} {{#ifeq:{{{mobile}}}|1| SMS OTP {{!}}}} MAC auth ; default: '''Local users'''
<td>ip; default: '''{{#switch: {{{series}}} | #default = 192.168.2.254 | TRB1 | TRB2 | TRB5 | TRB2M | TRB16 = 192.168.3.254}}'''</td>
</td>
<td>Defines the IP address of your Hotspot router in network.</td>
<td>Authentication mode defines how users will connect to the Hotspot.</td>
    </tr>
</tr>
    <tr>
<tr>
<td>Authentication mode</td>
<td>Allow signup
<td>Local users | Radius | MAC authentication | Single sign-on{{#ifeq:{{{mobile}}}|1| {{!}} SMS OTP}}; default: <b>Local users</b></td>
</td>
<td>Authentication mode defines how users will connect to the Hotspot.</td>
<td>off | on; default: '''off'''</td>
    </tr>
<td>Allows users to sign up to hotspot via landing page.</td>
    <tr>
</tr>
<td>Local users: Allow signup</td>
<tr>
<td>off | <span style="color: #20C0D7;"><b>on</b></span>; default: <b>off</b></td>
<td>Landing Page</td>
<td>Allows users to sign up to hotspot via landing page.</td>
<td>Internal {{!}} External; default: '''Internal'''</td>
    </tr>
<td>If external Landing Page is chosen, new section, to enter website address, will appear, e.g.
    <tr>
http://www.example.com</td>
<td>Local users: <span style="color: #20C0D7;">Expiration time</span></td>
</tr>
<td>integer; default: <b>0</b></td>
<tr>
<td>User credential expiration time. Applies to users who signed up via landing page.</td>
<td>UAM Port</td>
    </tr>
<td>integer; default: '''3990'''</td>
    <tr>
<td>Port to bind for authenticating clients.</td>
<td>Local users: <span style="color: #20C0D7;">Users group</span></td>
</tr>
<td>user group; default: <b>default</b></td>
<tr>
<td>The user group to which users signed up via landing page should be assigned to.</td>
<td>UAM Secret</td>
    </tr>
<td>string; default: <b>none</b></td>
    <tr>
<td>Shared secret between uamserver and hotspot.</td>
<td>Radius {{#ifeq:{{{mobile}}}|1| / SMS OTP}}: Enable MAC authentication</td>
</tr>
<td>off | on; default: <b>off</b></td>
<tr>
<td>Enable MAC address authentication.</td>
<td>Success page</td>
    </tr>
<td>Success Page {{!}} Original URL {{!}} Custom; default: '''Success page'''</td>
    <tr>
<td>Location to return to after successful authentication.</td>
<td>MAC authentication: Require password</td>
</tr>
<td>off | <span style="color:brown">on</span>; default: <b>off</b></td>
<td>Enables password requirement for MAC authentication.</td>
    </tr>
    <tr>
<td>MAC authentication: <span style="color:brown">MAC auth password</span></td>
<td>string; default: <b>none</b></td>
<td>Password for MAC authentication.</td>
    </tr>
    <tr>
<td>MAC authentication / Single sign-on {{#ifeq:{{{mobile}}}|1| / SMS OTP}}: User group</td>
<td>select; default: <b>default</b></td>
<td>Specifies the group of dynamically created users.</td>
    </tr>{{#ifeq:{{{mobile}}}|1|
    <tr>
<td>SMS OTP: Allow password duplicates</td>
<td>off {{!}} on; default: <b>off</b></td>
<td>Allows more than one user to login with a same password.</td>
    </tr>
    <tr>
<td>SMS OTP: Expiration time</td>
<td>unsingned integer; default: <b>0</b></td>
<td>User expiration time in sec (0 means unlimited).</td>
    </tr>|}}
    <tr>
<td>Landing Page</td>
<td>Internal | <span style="color: #f43b1a;">External</span>; default: <b>Internal</b></td>
<td>Location of the landing page.</td>
    </tr>
    <tr>
<td>UAM Port</td>
<td>integer; default: <b>3990</b></td>
<td>Port to bind for authenticating clients.</td>
    </tr>
    <tr>
<td><span style="color: #f43b1a;">Password encoding</span></td>
<td>off {{!}} on; default: <b>none</b></td>
<td>Password encoding with the challenge.</td>
    </tr>
    <tr>
<td><span style="color: #f43b1a;">Landing page address</span></td>
<td>url; default: <b>none</b></td>
<td>External landing page address (http://www.example.com).</td>
    </tr>
    <tr>
<td><span style="color: #f43b1a;">UAM Secret</span></td>
<td>string; default: <b>none</b></td>
<td>Shared secret between uamserver and hotspot.</td>
    </tr>
    <tr>
<td>Success page</td>
<td>Success Page | Original URL | <span style="color:blue">Custom</span>; default: <b>Success page</b></td>
<td>Location to return to after successful authentication.</td>
    </tr>
    <tr>
<td><span style="color:blue">Custom</span></td>
<td>url; default: <b>none</b></td>
<td>Address must contain protocol (http://www.example.com).</td>
    </tr>
</table>
</table>


====Advanced====
=====Advanced=====
----
----
 
[[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_advanced_v1.png|border|class=tlt-border]]
[[File:Network_rutxxx_manual_hotspot_advanced_settings_v1.png|border|class=tlt-border]]


<table class="nd-mantable">
<table class="nd-mantable">
<tr>
    <tr>
<td>Additional interfaces</td>
<th>Field</th>
<td>Available interfaces; default: '''none'''</td>
<th>Value</th>
<td>Shows additional interfaces that can be attached to hotspot instance.</td>
<th>Description</th>
</tr>
    </tr>
<tr>
    <tr>
<td>Logout address</td>
<td>Additional interfaces</td>
<td>ip; default: '''1.0.0.0'''</td>
<td>Available interfaces; default: '''none'''</td>
<td>An address that can be used by users to logout from the Hotspot session.</td>
<td>Choose additional the interfaces you want to attach to this hotspot instance.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Protocol</td>
<td>Enable MAC blocking</td>
<td>HTTP {{!}} HTTPS; default: '''HTTP'''</td>
<td>off {{!}} on; default: off</td>
<td>Protocol to be used for landing page.</td>
<td>Blocks access to MAC addresses that have reached set amount of failed login attempts.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Enable TOS</td>
<td>Logout address</td>
<td>off {{!}} on; default: '''off'''</td>
<td>ip; default: '''1.0.0.0'''</td>
<td>Enables Terms of Service (ToS) requirement. Cient device will be able to access the Internet only after
<td>IP address to instantly logout a client accessing it.</td>
agreeing ToS.</td>
    </tr>
</tr>
    <tr>
<tr>
<td>Protocol</td>
<td>Trial access</td>
<td>HTTP | <span style="color: #20C0D7;">HTTPS</span>; default: <b>HTTP</b></td>
<td>off {{!}} on; default: '''off'''</td>
<td>Protocol to be used for landing page.</td>
<td>Enables trial internet access for a specific group.</td>
    </tr>
</tr>
    <tr>
<tr>
<td>Enable TOS</td>
<td><span style="color: tomato;">Trial access: </span>Group</td>
<td>off | on; default: <b>off</b></td>
<td>User group; default: '''default'''</td>
<td>Enables Terms of Service (ToS) requirement. Client device will be able to access the Internet only after agreeing ToS.</td>
<td>Group of trial users.</td>
    </tr>
</tr>
    <tr>
<tr>
<td>Trial access</td>
<td>HTTPS to landing page redirect</td>
<td>off | <span style="color: #f43b1a; font-weight: bold;">on</span>; default: <b>off</b></td>
<td>off {{!}} on; default: '''off'''</td>
<td>Enables trial internet access for a specific group.</td>
<td>Redirect initial pre-landing page HTTPS requests to hotspot landing page.</td>
    </tr>
</tr>
    <tr>
<tr>
<td><span style="color: #f43b1a;">Group</span></td>
<td>DNS server 1</td>
<td>User group; default: <b>default</b></td>
<td>ip; default: '''8.8.8.8'''</td>
<td>Specifies the group of trial users.</td>
<td>Additional DNS servers that are to be used by the Hotspot.</td>
    </tr>
</tr>
    <tr>
<tr>
<td>Subdomain</td>
<td>DNS server 2</td>
<td>string; default: <b>none</b></td>
<td>ip; default: '''8.8.4.4'''</td>
<td>Combined with Domain to make a DNS alias for the Hotspot IP address.</td>
<td>Additional DNS servers that are to be used by the Hotspot.</td>
    </tr>
</tr>
    <tr>
<td>Domain</td>
<td>string; default: <b>none</b></td>
<td>Combined with Subdomain to make a DNS alias for the Hotspot IP address.</td>
    </tr>
    <tr>
<td>HTTPS to landing page redirect</td>
<td>off | <span style="color: #20C0D7;"><b>on</b></span>; default: <b>off</b></td>
<td>Redirect initial pre-landing page HTTPS requests to hotspot landing page.</td>
    </tr>
    <tr>
<td><span style="color: #20C0D7;"><b>Certificate files from device</b></span></td>
<td>off | on; default: <b>off</b></td>
<td>Specified whether to upload key & certificate files from computer or to use files generated on this device via the <i>System → Administration → <b>[[{{{name}}} Administration#Certificates|Certificates]]</b></i> page.</td>
    </tr>
    <tr>
<td><span style="color: #20C0D7;">SSL key file</span></td>
<td>key file; default: <b>none</b></td>
<td>Upload/select SSL key.</td>
    </tr>
    <tr>
<td><span style="color: #20C0D7;">SSL certificate file</span></td>
<td>certificate file; default: <b>none</b></td>
<td>Upload/select SSL certificate.</td>
    </tr>
    <tr>
<td>Primary DNS server</td>
<td>ip; default: <b>8.8.8.8</b></td>
<td>Additional DNS servers that are to be used by the Hotspot.</td>
    </tr>
    <tr>
<td>Secondary DNS server</td>
<td>ip; default: <b>8.8.4.4</b></td>
<td>Additional DNS servers that are to be used by the Hotspot.</td>
    </tr>
</table>
</table>


====Radius====
=====Radius=====
----
----
<b>Radius</b> authentication mode uses an external RADIUS server, to which you have to provide an address to, instead of using the router's Local Authentication. If you are using Local authentication, this section is not visible.


'''Radius''' authentication mode uses an external Radius servers, to which you have to provide an address to, instead of
[[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_radius_v2.png|border|class=tlt-border]]
using the router's Local Authentication. If you are using Local authentication, you can skip straight to
[[{{{name}}}_Hotspot#Walled_Garden|Walled Garden]].
 
[[File:Network_rutxxx_manual_hotspot_radius_settings_v1.png|border|class=tlt-border]]


<table class="nd-mantable">
<table class="nd-mantable">
<tr>
    <tr>
<td>RADIUS server #1</td>
<th>Field</th>
<td>ip; default: <b>none</b></td>
<th>Value</th>
<td>The IP address of the RADIUS server #1 that is to be used for Authenticating your wireless clients.</td>
<th>Description</th>
</tr>
    </tr>
<tr>
    <tr>
<td>RADIUS server #2</td>
<td>Require Message-Authenticator</td>
<td>ip; default: <b>none</b></td>
<td>off {{!}} on; default: <b>on</b></td>
<td>The IP address of the RADIUS server #2 that is to be used for Authenticating your wireless clients.</td>
<td>Require and validate Message-Authenticator RADIUS attribute on Access-Request replies.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Authentication port</td>
<td>RADIUS server #1</td>
<td>integer [0..65535]; default: '''1812'''</td>
<td>ip; default: <b>none</b></td>
<td>RADIUS server authentication port.</td>
<td>The IP address of the RADIUS server #1 that is to be used for Authenticating your wireless clients.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Accounting port</td>
<td>RADIUS server #2</td>
<td>integer [0..65535]; default: '''1813''' </td>
<td>ip; default: <b>none</b></td>
<td>RADIUS server accounting port.</td>
<td>The IP address of the RADIUS server #2 that is to be used for Authenticating your wireless clients.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>NAS identifier</td>
<td>Authentication port</td>
<td>string; default: <b>none</b></td>
<td>integer [0..65535]; default: <b>1812</b></td>
<td>NAS-Identifier is one of the basic RADIUS attributes.</td>
<td>RADIUS server authentication port.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Radius secret key</td>
<td>Accounting port</td>
<td>string; default: <b>none</b></td>
<td>integer [0..65535]; default: <b>1813</b> </td>
<td>The secret key is a password used for authentication with the RADIUS server.</td>
<td>RADIUS server accounting port.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Swap octets</td>
<td>NAS identifier</td>
<td>off {{!}} on; default: '''off'''</td>
<td>string; default: <b>none</b></td>
<td>Swaps the meaning of input octets and output as it relates to RADIUS attributes.</td>
<td>NAS-Identifier is one of the basic RADIUS attributes.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Location name</td>
<td>Radius secret key</td>
<td>string; default: <b>none</b></td>
<td>string; default: <b>none</b></td>
<td>Custom location name for your Hotspot.</td>
<td>The secret key is a password used for authentication with the RADIUS server.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Location ID</td>
<td>Swap octets</td>
<td>string; default: <b>none</b></td>
<td>off | on; default: <b>off</b></td>
<td>Custom location ID for your Hotspot.</td>
<td>Swaps the meaning of input octets and output as it relates to RADIUS attributes.</td>
</tr>
    </tr>
    <tr>
<td>Location name</td>
<td>string; default: <b>none</b></td>
<td>Custom location name for your Hotspot.</td>
    </tr>
    <tr>
<td>Location ID</td>
<td>string; default: <b>none</b></td>
<td>Custom location ID for your Hotspot.</td>
    </tr>
</table>
</table>


====Walled Garden====
=====Walled Garden=====
----
----
You can add a list of addresses that users connected to the Hotspot will be able to reach without any authentication.
By default this list is empty. Simply write addresses into the Address List.


You can add a list of addresses that users connected to the Hotspot will be able to reach without any authentication. By
Format of address is <b>website.com</b> (does not include https://www).
default this list is empty. Simply write addresses in to Address List.


[[File:Network_rutxxx_manual_hotspot_general_walled_garden_v1.png|border|class=tlt-border]]
[[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_walled_garden_v2.png|border|class=tlt-border]]


====User Scripts====
<table class="nd-mantable">
    <tr>
<th>Field</th>
<th>Value</th>
<th>Description</th>
    </tr>
    <tr>
<td>Mode</td>
<td>Allowlist {{!}} Blocklist; default: <b>Allowlist</b></td>
<td>Select mode for blocking.</td>
    </tr>
    <tr>
<td>Address list</td>
<td>domain names (one record per line); default: <b>none</b></td>
<td>List of addresses the client can access without first authenticating. One record per line. See placeholder for accepted formats. Some domains require both 'www' and non-'www' versions to be entered to ensure proper blocking.</td>
    </tr>
</table>
 
=====URL Parameters=====
----
----
The <b>URL parameters</b> section becomes visible when <b>Landing page</b> is selected as <b>External</b> in [[{{{name}}}_Hotspot#General_2|General settings]] section.


In this tab you can add Scripts that will be executed after a session is authorized in '''Session up'''
[[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_urlparams_v1.png|border|class=tlt-border]]
section, after session has moved from authorized state to unauthorized in '''Session down''' section
and after a new user has been signed up in '''User signup''' section.


[[File:Network_rutxxx_manual_hotspot_user_scripts_v1.png|border|class=tlt-border]]
<table class="nd-mantable">
    <tr>
<th>Field</th>
<th>Value</th>
<th>Description</th>
    </tr>
    <tr>
<td>UAM IP</td>
<td>string; default: <b>none</b></td>
<td>The IP Address of the Captive Portal gateway.</td>
    </tr>
    <tr>
<td>UAM port</td>
<td>string; default: <b>none</b></td>
<td>The port on which the Captive Portal will serve web content.</td>
    </tr>
    <tr>
<td>Called</td>
<td>string; default: <b>none</b></td>
<td>The MAC address of the IP Address of the Captive Portal gateway.</td>
    </tr>
    <tr>
<td>MAC</td>
<td>string; default: <b>none</b></td>
<td>The MAC address of the client trying to gain Internet access.</td>
    </tr>
    <tr>
<td>IP</td>
<td>ip default: <b>none</b></td>
<td>The IP Address of the client trying to gain Internet access.</td>
    </tr>
    <tr>
<td>NAS id</td>
<td>string; default: <b>none</b></td>
<td>An identification for the Captive Portal used in the RADIUS request.</td>
    </tr>
    <tr>
<td>Session id</td>
<td>string; default: <b>none</b></td>
<td>The unique identifer for session.</td>
    </tr>
    <tr>
<td>User url</td>
<td>string; default: <b>none</b></td>
<td>The URL which the user tried to access before he were redirected to the Captive Portal's URL's pages.</td>
    </tr>
    <tr>
<td>Challenge</td>
<td>string; default: <b>none</b></td>
<td>A challenge that should be used together with the user's password to create an encrypted phrase used to log on.</td>
    </tr>
    <tr>
<td>Custom 1</td>
<td>string; default: <b>none</b></td>
<td>Add custom name and custom value which will be displayed in url parameters.</td>
    </tr>
    <tr>
<td>-</td>
<td>SSID | Hostname | FW version | --Custom--; default: <b>SSID</b></td>
<td>-</td>
    </tr>
    <tr>
<td>Custom 2</td>
<td>string; default: <b>none</b></td>
<td>Add custom name and custom value which will be displayed in url parameters.</td>
    </tr>
    <tr>
<td>-</td>
<td>SSID | Hostname | FW version | --Custom--; default: <b>SSID</b></td>
<td>-</td>
    </tr>
</table>


==Local Users==
=====User Scripts=====
 
----
The '''Users Configuration''' tab is used to create new, unique users that can connect to the Hotspot.
In this section you can add custom <b>Scripts</b> that will be executed after a session is authorized in the <b>Session up</b> section, after session has moved from authorized state to unauthorized in the <b>Session down</b> section and after a new user has been signed up in the <b>User signup</b> section.


[[File:Network_rutxxx_manual_hotspot_local_users_v1.png|border|class=tlt-border]]
[[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_user_scripts_v2.png|border|class=tlt-border]]


<table class="nd-mantable">
<table class="nd-mantable">
<tr>
    <tr>
<th>field name</th>
<th>Field</th>
<th>value</th>
<th>Value</th>
<th>description</th>
<th>Description</th>
</tr>
    </tr>
<tr>
    <tr>
<td>Name</td>
<td>Session up</td>
<td>string; default: <b>none</b></td>
<td>bash script; default: <b>none</b></td>
<td>A custom user name used to authenticate clients connecting to the Hotspot.</td>
<td>Script executed after a session is authorized. Executed with the environment variables (Please refer to the wiki).</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Password</td>
<td>Session down</td>
<td>string; default: <b>none</b></td>
<td>bash script; default: <b>none</b></td>
<td>A custom password for the specified user name.</td>
<td>Script executed after a session has moved from authorized state to unauthorized. Executed with the environment variables (Please refer to the wiki).</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Group</td>
<td>User signup</td>
<td>string; default: '''default'''</td>
<td>bash script; default: <b>none</b></td>
<td>After adding user select group that it will be assigned to. Group describes connection speeds and
<td>Script executed after a new user has been created during signup process. Executed with the environment variables (Please refer to the wiki).</td>
dowload/upload limits. The '''default''' group settings have no restrictions. More on User Groups in the
    </tr>
next section.</td>
</tr>
</table>
</table>


==User Groups==
==Local Users==


'''User Groups''' lets set different connection limits for different users. Group '''default''' is already created and
The <b>Local Users</b> section is used to create and manage users that can connect to the Hotspot. The elements comprising the Local Users page are explained in the list and figure below.  
does not have any limitations set. To create new group simply enter the name and press Add.


[[File:Network_rutxxx_manual_hotspot_user_groups_v1.png|border|class=tlt-border]]
<ol>
    <li>Entering a Username, Password and clicking the 'Add' button creates a new user.</li>
    <li>The 'Group' dropdown menu assigns a user to another group.</li>
    <li>The 'Edit' button lets you change a user's password or assign the user to another group.</li>
    <li>The 'Delete[X]' button deletes a user.</li>
</ol>


After adding a group it will not have any limits set, so press edit [[File:Networking rutx manual edit button v1.png]].
[[File:Networking_rutos_manual_hotspot_local_users_add_button_edit_button_v1.png|border|class=tlt-border]]
In following window you will be able to configure yours User Group.


[[File:Network_rutxxx_manual_hotspot_user_group_settings_v1.png|border|class=tlt-border]]
==Landing Page==


<table class="nd-mantable">
This section is used to define how your Hotspot's <b>Landing Page</b> will look like to connecting users.
<tr>
<th>field name</th>
<th>value</th>
<th>description</th>
</tr>
<tr>
<td>Idle timeout</td>
<td>integer; default: <b>none</b></td>
<td>A timeout in seconds after which idle users are automatically disconnected from the Hotspot. (0 means
unlimited)</td>
</tr>
<tr>
<td>Time limit</td>
<td>integer; default: <b>none</b></td>
<td>Disables hotspot user after time limit in sec is reached. (0, meaning unlimited)</td>
</tr>
<tr>
<td>Download bandwidth</td>
<td>integer; default: <b>none</b></td>
<td> Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified
in Kbit/s or Mbit/s.</td>
</tr>
<tr>
<td>Upload bandwidth</td>
<td>integer; default: <b>none</b></td>
<td>Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in
Kbit/s or Mbit/s.</td>
</tr>
<tr>
<td>Download limit</td>
<td>integer; default: <b>none</b></td>
<td>A received data limit that the users assigned to this template can reach. After the data limit is reached,
the user will lose data connection. Download limit is specified in MB.</td>
</tr>
<tr>
<td>Upload limit</td>
<td>integer; default: <b>none</b></td>
<td>A sent data limit that the users assigned to this template can reach. After the data limit is reached, the
user will lose data connection. Upload limit is specified in MB.</td>
</tr>
<tr>
<td>Period</td>
<td>Month {{!}} Week {{!}} Day; default: '''Month'''</td>
<td>The beginning of the period during which the restriction specified in this section will apply. After the
period is over, all specified limits are reset. </td>
</tr>
<tr>
<td>Start day</td>
<td>integer [1..31] {{!}} Monday..Sunday {{!}} integer [1..24]; default: '''1'''</td>
<td>Choices changes depending on what '''Period''' was chosen. Specifies which day of the month, week or hour of
the day the limits will be reset.</td>
</tr>
<tr>
<td>Expiration time</td>
<td>integer; default: '''0'''</td>
<td>Expiration time in sec (0 means unlimited). Only for dynamically created users.</td>
</tr>
</table>


==Landing Page==
{{#switch: {{{series}}}
 
  | #default = <b>Note:</b> since Hotspot supports unauthenticated users, they will be using different IPs. Basically IP will incremented based on the prefix provided. So for example if Hotspot network is 192.168.2.0/24 third octet will be incremented. So for IP 192.168.2.254 would increment to 192.168.3.254. If the network is 172.16.0.0/16 it will increment second octet. So for IP 172.16.255.254 it would increment to 172.17.255.254 and so on. After successful authentication, Hotspot will be using network that is set in Hotspot settings > General settings.
This section is used to define how your Hotspot's Landing Page will look like.
  |TCR1|TRB1|TRB5|TRB16 = <b>Note:</b> since Hotspot supports unauthenticated users, they will be using different IPs. Basically IP will incremented. So for example if Hotspot network is 192.168.2.0/24 third octet will be incremented. So for IP 192.168.2.254 would increment to 192.168.4.254. If the network is 172.16.0.0/16 it will increment second octet. So for IP 172.16.255.254 it would increment to 172.17.255.254 and so on. After successful authentication, Hotspot will be using network that is set in Hotspot settings > General settings.
}}


===General Settings===
===General Settings===
----
----
'''General Settings''' section lets you choose authentication protocol that will be used in Landing Page.
<b>General Settings</b> section lets you choose the authentication protocol and theme that will be used in the Landing Page. You can download more themes using the [[{{{name}}}_Package_Manager|Package Manager]]


[[File:Network_rutxxx_manual_hotspot_landing_page_general_v1.png|border|class=tlt-border]]
[[File:Networking_rutos_manual_hotspot_landing_page_general_settings_v1.png|border|class=tlt-border]]


===Themes===
===Themes===
----
----
The <b>Themes</b> section shows all available landing page themes and allows you to edit them.
The <b>Themes</b> section displays all available Landing Page themes. In order to download a theme, click the 'Download' button, in order to edit a theme, click the 'Edit' button next to it.


[[File:Network_rutxxx_manual_hotspot_landing_page_themes_v1.png|border|class=tlt-border]]
[[File:Networking_rutos_manual_hotspot_landing_page_themes_download_edit_button_v1.png|border|class=tlt-border]]


====Images====
====Images====
Line 344: Line 482:
The <b>Images</b> section allows you to upload custom images to different objects.
The <b>Images</b> section allows you to upload custom images to different objects.


[[File:Network_rutxxx_manual_hotspot_landing_page_themes_images_v1.png|border|class=tlt-border]]
[[File:Networking_rutos_manual_hotspot_landing_page_themes_images_v2.png|border|class=tlt-border]]


====Style settings====
====Style Settings====
----
----


Pressing edit button [[File:Networking rutx manual edit button v1.png]] next to style settings lets you edit how your
Pressing 'Edit' button next to style settings lets you edit how your
landing page will look visually using CSS syntax.
landing page will look visually using CSS syntax.


[[File:Network_rutxxx_manual_hotspot_landing_page_themes_style_v1.png|border|class=tlt-border]]
[[File:Networking_rutos_manual_hotspot_landing_page_themes_style_settings_v1.png|border|class=tlt-border]]
 
====View Settings====
----
In <b>View Settings</b> you can access and modify default templates for various parts of landing page and edit their HTML code.
 
[[File:Networking_rutos_manual_hotspot_landing_page_themes_view_settings_v1.png|border|class=tlt-border]]


====View settings====
====Custom Theme====
----
----
To use custom theme you can download default theme and edit it's content. Then use 'Browse' button to upload it.
[[File:Networking rutos manual hotspot landing page themes upload custom v2.png|border|class=tlt-border]]
==User Groups==
<b>User Groups</b> provides the possibility to set different connection limits for different users. A group called 'default' is already created and does not have any limitations set by default. You can
<ol>
    <li>create a new group by entering a custom Name and clicking 'Add'</li>
    <li>or configure the existing rule by clicking the 'Edit' button next to it.</li>
</ol>
[[File:Networking_rutos_manual_hotspot_user_groups_edit_button_v1.png|border|class=tlt-border]]
A group's settings page will look similar to this:
[[File:Networking_rutos_manual_hotspot_user_groups_group_default_settings_v3.png|border|class=tlt-border]]
<table class="nd-mantable">
    <tr>
        <th>Field</th>
        <th>Value</th>
        <th>Description</th>
    </tr>
    <tr>
        <td>Idle timeout</td>
        <td>integer; default: <b>none</b></td>
        <td>A timeout in seconds after which idle users are automatically disconnected from the Hotspot. (0 means
            unlimited.)</td>
    </tr>
    <tr>
        <td>Time limit</td>
        <td>integer; default: <b>none</b></td>
        <td>Disables hotspot user after time limit in sec is reached. (0, meaning unlimited)</td>
    </tr>
    <tr>
        <td>Download bandwidth</td>
        <td>integer; default: <b>none</b></td>
        <td> Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Mbit/s.</td>
    </tr>
    <tr>
        <td>Upload bandwidth</td>
        <td>integer; default: <b>none</b></td>
        <td>Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Mbit/s.</td>
    </tr>
    <tr>
        <td>Download limit</td>
        <td>integer; default: <b>none</b></td>
        <td>A received data limit that the users assigned to this template can reach. After the data limit is reached,
            the user will lose data connection. Download limit is specified in MB.</td>
    </tr>
    <tr>
        <td>Upload limit</td>
        <td>integer; default: <b>none</b></td>
        <td>A sent data limit that the users assigned to this template can reach. After the data limit is reached, the
            user will lose data connection. Upload limit is specified in MB.</td>
    </tr>
    <tr>
        <td>Warning</td>
        <td>integer; default: <b>none</b></td>
        <td>Send an SMS warning to hotspot user after warning value of download or upload data in MB is reached. Only works with SMS OTP authentication.</td>
    </tr>
    <tr>
        <td>Period</td>
        <td>Month | Week | Day; default: <b>Month</b></td>
        <td>The beginning of the period during which the restriction specified in this section will apply. After the
            period is over, all specified limits are reset. </td>
    </tr>
    <tr>
        <td>Start day</td>
        <td>integer [1..31] | Monday..Sunday | integer [1..24]; default: <b>1</b></td>
        <td>Choices changes depending on what 'Period' was chosen. Specifies which day of the month, week or hour of the
            day the limits will be reset.</td>
    </tr>
</table>


In view settings you can access and modify default templates for various parts of landing page and edit their HTML code.
==User Management==


[[File:Network_rutxxx_manual_hotspot_landing_page_themes_view_settings_v1.png|border|class=tlt-border]]
The <b>User sessions</b> tab displays the status and session statistics of currently logged in users. You can also "kick" (deauthenticate) a user by clicking the 'Logout' button next to it.


==User management==
[[File:Networking_rutos_manual_hotspot_user_management_current_hotspot_users_v1.png|border|class=tlt-border]]


The <b>User management</b> section allows you to manage currently logged in users.


[[File:Network_rutxxx_manual_hotspot_landing_page_user_management_v1.png|border|class=tlt-border]]
The <b>Registered Hotspot Users</b> tab displays the data of unique users that have registered to the hotspot before.
 
[[File:Networking_rutos_manual_hotspot_user_management_registered_hotspot_users_v1.png|border|class=tlt-border]]
 
{{#switch: {{{series}}} | TRB1 | TRB2 | TRB5 | RUT30X | OTD140 | TRB2M | RUT301 | TRB16 | OTD500=
| RUTX | RUTM | RUT36X | TCR1 | RUT9 | RUT9M | RUT2 | RUT2M | RUT361 | TAP100 | TAP200 | #default = {{#switch: {{{name}}} | RUTX08 | RUTX09 | RUTM08 | RUTM09  = | #default =
{{Template:Networking_rutos_manual_hotspot_2.0
| series = {{{series}}}
| name = {{{name}}}
| wifi = {{{wifi}}}
}}}}}}


[[Category:{{{name}}} Services section]]
[[Category:{{{name}}} Services section]]

Latest revision as of 14:01, 3 December 2024

The information in this page is updated in accordance with firmware version .


Summary

On Teltonika Networks devices a Hotspot is a service that provides authentication, authorization and accounting for a network. This chapter is an overview of the Hotspot section for {{{name}}} devices.


General

Hotspot Instances


The Hotspot Instances section displays the main parameters of your Hotspot. By default, a Hotspot instance does not exist on the device. To create a new instance and begin configuration:

  1. select an 'Interface';
  2. click the 'Add' button;

After this, a new Hotspot configuration window will appear.

General Settings


The General Settings window is where most of the Hotspot configuration takes place. Look to the sub-sections below for information on configuration fields found in the General Settings sections.

General

Field Value Description
Configuration profile Cloud4wi | Default | Hotspotsystems | Purple portal; default: Default Pre-configures Hotspot settings according to the selected service provider.
Enable off | on; default: on Turns the Hotspot instance on or off.
Hotspot Network ip/netmask; default: 192.168.2.0/24 IP address and subnet of the Hotspot network. Netmask must be from 16 to 30.
IP Address ip; default: 192.168.2.254 Defines the IP address of your Hotspot router in network.
Authentication mode Local users | Radius | MAC authentication | Single sign-on; default: Local users Authentication mode defines how users will connect to the Hotspot.
Local users: Allow signup off | on; default: off Allows users to sign up to hotspot via landing page.
Local users: Expiration time integer; default: 0 User credential expiration time. Applies to users who signed up via landing page.
Local users: Users group user group; default: default The user group to which users signed up via landing page should be assigned to.
Radius : Enable MAC authentication off | on; default: off Enable MAC address authentication.
MAC authentication: Require password off | on; default: off Enables password requirement for MAC authentication.
MAC authentication: MAC auth password string; default: none Password for MAC authentication.
MAC authentication / Single sign-on : User group select; default: default Specifies the group of dynamically created users.
Landing Page Internal | External; default: Internal Location of the landing page.
UAM Port integer; default: 3990 Port to bind for authenticating clients.
Password encoding off | on; default: none Password encoding with the challenge.
Landing page address url; default: none External landing page address (http://www.example.com).
UAM Secret string; default: none Shared secret between uamserver and hotspot.
Success page Success Page | Original URL | Custom; default: Success page Location to return to after successful authentication.
Custom url; default: none Address must contain protocol (http://www.example.com).
Advanced

Field Value Description
Additional interfaces Available interfaces; default: none Choose additional the interfaces you want to attach to this hotspot instance.
Enable MAC blocking off | on; default: off Blocks access to MAC addresses that have reached set amount of failed login attempts.
Logout address ip; default: 1.0.0.0 IP address to instantly logout a client accessing it.
Protocol HTTP | HTTPS; default: HTTP Protocol to be used for landing page.
Enable TOS off | on; default: off Enables Terms of Service (ToS) requirement. Client device will be able to access the Internet only after agreeing ToS.
Trial access off | on; default: off Enables trial internet access for a specific group.
Group User group; default: default Specifies the group of trial users.
Subdomain string; default: none Combined with Domain to make a DNS alias for the Hotspot IP address.
Domain string; default: none Combined with Subdomain to make a DNS alias for the Hotspot IP address.
HTTPS to landing page redirect off | on; default: off Redirect initial pre-landing page HTTPS requests to hotspot landing page.
Certificate files from device off | on; default: off Specified whether to upload key & certificate files from computer or to use files generated on this device via the System → Administration → [[{{{name}}} Administration#Certificates|Certificates]] page.
SSL key file key file; default: none Upload/select SSL key.
SSL certificate file certificate file; default: none Upload/select SSL certificate.
Primary DNS server ip; default: 8.8.8.8 Additional DNS servers that are to be used by the Hotspot.
Secondary DNS server ip; default: 8.8.4.4 Additional DNS servers that are to be used by the Hotspot.
Radius

Radius authentication mode uses an external RADIUS server, to which you have to provide an address to, instead of using the router's Local Authentication. If you are using Local authentication, this section is not visible.

Field Value Description
Require Message-Authenticator off | on; default: on Require and validate Message-Authenticator RADIUS attribute on Access-Request replies.
RADIUS server #1 ip; default: none The IP address of the RADIUS server #1 that is to be used for Authenticating your wireless clients.
RADIUS server #2 ip; default: none The IP address of the RADIUS server #2 that is to be used for Authenticating your wireless clients.
Authentication port integer [0..65535]; default: 1812 RADIUS server authentication port.
Accounting port integer [0..65535]; default: 1813 RADIUS server accounting port.
NAS identifier string; default: none NAS-Identifier is one of the basic RADIUS attributes.
Radius secret key string; default: none The secret key is a password used for authentication with the RADIUS server.
Swap octets off | on; default: off Swaps the meaning of input octets and output as it relates to RADIUS attributes.
Location name string; default: none Custom location name for your Hotspot.
Location ID string; default: none Custom location ID for your Hotspot.
Walled Garden

You can add a list of addresses that users connected to the Hotspot will be able to reach without any authentication. By default this list is empty. Simply write addresses into the Address List.

Format of address is website.com (does not include https://www).

Field Value Description
Mode Allowlist | Blocklist; default: Allowlist Select mode for blocking.
Address list domain names (one record per line); default: none List of addresses the client can access without first authenticating. One record per line. See placeholder for accepted formats. Some domains require both 'www' and non-'www' versions to be entered to ensure proper blocking.
URL Parameters

The URL parameters section becomes visible when Landing page is selected as External in [[{{{name}}}_Hotspot#General_2|General settings]] section.

Field Value Description
UAM IP string; default: none The IP Address of the Captive Portal gateway.
UAM port string; default: none The port on which the Captive Portal will serve web content.
Called string; default: none The MAC address of the IP Address of the Captive Portal gateway.
MAC string; default: none The MAC address of the client trying to gain Internet access.
IP ip default: none The IP Address of the client trying to gain Internet access.
NAS id string; default: none An identification for the Captive Portal used in the RADIUS request.
Session id string; default: none The unique identifer for session.
User url string; default: none The URL which the user tried to access before he were redirected to the Captive Portal's URL's pages.
Challenge string; default: none A challenge that should be used together with the user's password to create an encrypted phrase used to log on.
Custom 1 string; default: none Add custom name and custom value which will be displayed in url parameters.
- SSID | Hostname | FW version | --Custom--; default: SSID -
Custom 2 string; default: none Add custom name and custom value which will be displayed in url parameters.
- SSID | Hostname | FW version | --Custom--; default: SSID -
User Scripts

In this section you can add custom Scripts that will be executed after a session is authorized in the Session up section, after session has moved from authorized state to unauthorized in the Session down section and after a new user has been signed up in the User signup section.

Field Value Description
Session up bash script; default: none Script executed after a session is authorized. Executed with the environment variables (Please refer to the wiki).
Session down bash script; default: none Script executed after a session has moved from authorized state to unauthorized. Executed with the environment variables (Please refer to the wiki).
User signup bash script; default: none Script executed after a new user has been created during signup process. Executed with the environment variables (Please refer to the wiki).

Local Users

The Local Users section is used to create and manage users that can connect to the Hotspot. The elements comprising the Local Users page are explained in the list and figure below.

  1. Entering a Username, Password and clicking the 'Add' button creates a new user.
  2. The 'Group' dropdown menu assigns a user to another group.
  3. The 'Edit' button lets you change a user's password or assign the user to another group.
  4. The 'Delete[X]' button deletes a user.

Landing Page

This section is used to define how your Hotspot's Landing Page will look like to connecting users.

Note: since Hotspot supports unauthenticated users, they will be using different IPs. Basically IP will incremented based on the prefix provided. So for example if Hotspot network is 192.168.2.0/24 third octet will be incremented. So for IP 192.168.2.254 would increment to 192.168.3.254. If the network is 172.16.0.0/16 it will increment second octet. So for IP 172.16.255.254 it would increment to 172.17.255.254 and so on. After successful authentication, Hotspot will be using network that is set in Hotspot settings > General settings.

General Settings


General Settings section lets you choose the authentication protocol and theme that will be used in the Landing Page. You can download more themes using the [[{{{name}}}_Package_Manager|Package Manager]]

Themes


The Themes section displays all available Landing Page themes. In order to download a theme, click the 'Download' button, in order to edit a theme, click the 'Edit' button next to it.

Images


The Images section allows you to upload custom images to different objects.

Style Settings


Pressing 'Edit' button next to style settings lets you edit how your landing page will look visually using CSS syntax.

View Settings


In View Settings you can access and modify default templates for various parts of landing page and edit their HTML code.

Custom Theme


To use custom theme you can download default theme and edit it's content. Then use 'Browse' button to upload it.

User Groups

User Groups provides the possibility to set different connection limits for different users. A group called 'default' is already created and does not have any limitations set by default. You can

  1. create a new group by entering a custom Name and clicking 'Add'
  2. or configure the existing rule by clicking the 'Edit' button next to it.

A group's settings page will look similar to this:

Field Value Description
Idle timeout integer; default: none A timeout in seconds after which idle users are automatically disconnected from the Hotspot. (0 means unlimited.)
Time limit integer; default: none Disables hotspot user after time limit in sec is reached. (0, meaning unlimited)
Download bandwidth integer; default: none Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Mbit/s.
Upload bandwidth integer; default: none Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Mbit/s.
Download limit integer; default: none A received data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Download limit is specified in MB.
Upload limit integer; default: none A sent data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Upload limit is specified in MB.
Warning integer; default: none Send an SMS warning to hotspot user after warning value of download or upload data in MB is reached. Only works with SMS OTP authentication.
Period Month | Week | Day; default: Month The beginning of the period during which the restriction specified in this section will apply. After the period is over, all specified limits are reset.
Start day integer [1..31] | Monday..Sunday | integer [1..24]; default: 1 Choices changes depending on what 'Period' was chosen. Specifies which day of the month, week or hour of the day the limits will be reset.

User Management

The User sessions tab displays the status and session statistics of currently logged in users. You can also "kick" (deauthenticate) a user by clicking the 'Logout' button next to it.


The Registered Hotspot Users tab displays the data of unique users that have registered to the hotspot before.

Hotspot 2.0

The Hotspot 2.0 displays available WiFi interfaces. In order to begin configuring an interface click the 'Edit' button next to it:

[[File:Networking_rutos_manual_hotspot_2.0_interfaces_edit_button_wifi_v3_{{{wifi}}}.png|border|class=tlt-border]]

After this you should be redirected to the configuration page for that interface.

Hotspot 2.0 Configuration


The main configuration parameters of a Hotspot 2.0 interface will be discussed in this section.

A Hotspot 2.0 interface requires WPA2-EAP encryption. You can configure it in the Network → Wireless page (click 'Edit' next to an interface and find the [[{{{name}}} Wireless#Wireless_Security|Wireless Security]] section).

General Setup


Field Value Description
Enable off | on; default: off Turns Hotspot 2.0 for this interface on or off.
Internet access off | on; default: off Is used to inform the client device whether internet access is available.
Access Network Type Private network | Private network with guest access | Chargeable public network | Free public network | Personal device network | Emergency services only network | Test or experimental; default: Private network The access network type present in beacon and probe response frames. Mobile devices can use this information when selecting a hotspot.
HESSID mac; default: none Homogeneous ESS identifier (optional). This shall be identical to one of the BSSIDs in the homogeneous ESS.
Roaming consortium OI 3 or 5 octet hexstring; default: none Only first three entries are available through Beacon and Probe Response frames.
Network authentication type Not configured | Acceptance of terms and conditions | On-line enrollment supported | http/https redirection | DNS redirection; default: Not configured Type of authentication used on this network.
Redirect URL url; default: none Http/https redirection link.
IP Address type availability Address type not available | Public IPv1 address available | Port restricted IPv4 address available | Single NATed IPv4 address available | Double NATed IPv4 address available | Port restricted IPv4 address and single NATed IPv4 address available | Port restricted IPv4 address and double NATed IPv4 address available | Availability of the address type is not known; default: Availability of the address type is not known Provides information about the IP address version and type that would be available to a mobile device after it authenticates to the network.
Domain name domain name; default: none The Domain Name ANQP-element provides a list of one or more domain names of the entity operating the hotspot network.
Venue group various; default: Unspecified Describes the venue in which the hotspot is located.
Venue type various; default: Unspecified Describes the venue in which the hotspot is located.

OSU Provider


Field Value Description
OSU ssid string; default: none Informs client devices about the SSID used for OSU connections.
OSU server URL url; default: none Is used to inform the client device whether internet access is available.
Name language code string; default: none Two or three character language code (ISO-639).
OSU friendly name string; default: none User-friendly name of an OSU service provider.
OSU NAI string; default: none OSU network access identifier.
OSU method list OMA-DM | SOAP-XML; default: none Configures the supported OSU method(s) of the OSU provider.
Description language code string; default: none Two or three character language code (ISO-639).
Description string; default: none OSU service description.

WAN Metrics


Field Value Description
Link Status Link up | Link Down | Link in test state; default: Link up Provides information about the WAN link that connects the hotspot to the Internet.
Downlink Speed integer [1..4294967295]; default: none Maximum downlink speed in Kbps.
Uplink Speed integer [1..4294967295]; default: none Maximum uplink speed in Kbps.

Venue Name Information


The Venue Name Information is used to configure one or more Venue Name values for Venue Name ANQP information. To add a new Venue configuration, click the 'Add' button.

You should see a new entry appear in the Venue Name Information list.

Field Value Description
Language Code string; default: none Two or three character language code (ISO-639).
Venue Name string; default: none Name of this venue.
Venue URL Information url; default: none Venue URL to provide additional information corresponding to Venue Name information (the URL should contain protocol).

3GPP Cellular Network Information


The 3GPP Cellular Network Information section is used to uniquely identify mobile network operators. To add a new mobile operator instance, click the 'Add' button.

You should see a new entry appear in the 3GPP Cellular Network Information list.

Field Value Description
Mobile Country Code integer; default: none Mobile country code (3 decimal digits).
Mobile Network Code integer; default: none Mobile network code (2 or 3 decimal digits).

Network Access Identifier (NAI) Realm Information


The Network Access Identifier (NAI) Realm Information parameters provide information for stations using interworking network selection to allow automatic connection to a network based on credentials. To add a new NAI Realm Information configuration, click the 'Add' button.

You should see a new entry appear in the Network Access Identifier (NAI) Realm Information list.

Field Value Description
NAI Realm url; default: Link up The NAI Realm provides a list of NAI realms corresponding to the Home SPs that can authenticate a client device.
EAP Method EAP-TLS | EAP-TTLS | PEAP | EAP-FAST; default: Undefined Identifies the EAP method supported by that NAI realm for authentication.
Authentication Parameter Undefined | Non EAP PAP | Non EAP CHAP | Non EAP MSCHAP | Non EAP MSCHAPV2 | Credential certificate | Credential username/password; default: Undefined EAP method authentication parameter.

Operator Friendly Name


The client device may obtain the Operator Friendly Name via GAS/ANQP queries to assist the user during manual hotspot selection. To add a new Operator Friendly Name configuration, click the 'Add' button.

You should see a new entry appear in the Operator Friendly Name list.

Field Value Description
Language Code string; default: Link up Two or three character language code (ISO-639).
Operator's Name string; default: none Provides a friendly name for the Hotspot Operator.

Connection Capability


The Connection Capability section provides information on the status of commonly used communication protocols and ports. To add a new protocol/port configuration, click the 'Add' button.

You should see a new entry appear in the Connection Capability list.

Field Value Description
Protocol ICMP | TCP | UDP; default: ICMP Network protocol type.
Port Number integer [0..65535]; default: none TCP/UDP port number.
Status Closed | Open | Unknown; default: Closed Status to be displayed for the selected protocol/port combination.

[[Category:{{{name}}} Services section]]