Template:Networking rutos manual hotspot: Difference between revisions

From Teltonika Networks Wiki
No edit summary
No edit summary
Line 6: Line 6:
==Summary==
==Summary==


'''Hotspot''' is a service that provides authentication, authorization and accounting for a network.
On Teltonika Networks devices a <b>Hotspot</b> is a service that provides authentication, authorization and accounting for a network. This chapter is an overview of the Hotspot section for {{{name}}} devices.


{{#ifeq:{{{wifi}}}|1
==General==
|
{{{name}}} devices are able to create Hotspot on either Wireless or LAN interface.


Wireless <b>Hotspots</b> are essentially Wireless Access Points - they provide network and/or internet access to other
===Hotspot Instances===
WiFi devices. The difference is that Hotspots are a lot more versatile when it comes to managing, monitoring and
----
authenticating the wireless network's users. For example, while Wireless APs can be password protected, with Hotspots
The <b>Hotspot Instances</b> section displays the main parameters of your Hotspot. By default, a Hotspot instance does not exist on the device. To create a new instance and begin configuration:
you can configure different users with different names, passwords, even data limits and data speeds and more. This
chapter is an overview of the '''Wireless Hotspot''' function in {{{name}}} routers. In Services > Hotspot > General tab
first choose interface on which you want Hotspot to operate, press '''Add''' and after new hotspot instance appears
click on [[File:Networking_rutx_manual_edit_button_v1.png]] to start configuration.


[[File:Network_rutxxx_manual_hotspot_hotspot_instances.png]]
<ol>
|
    <li>select an 'Interface';</li>
{{{name}}} devices are able to create Hotspot on LAN interface.
    <li>click the 'Add' button;</li>
    <li>click the 'Edit' button next to the newly added Hotspot instance.</li>
</ol>


[[File:Network_rutx10_manual_hotspot_hotspot_instances_v1.png|border|class=tlt-border]]
[[File:Networking_rutos_manual_hotspot_hotspot_instances_add_button_edit_buton_wifi_{{{wifi}}}.png|border|class=tlt-border]]
}}


==General Settings==
After this you should be redirected to the Hotspot's configuration page.


The '''General Settings''' window is where most of the Hotspot configurations take place. This section will be divided
====General Settings====
into sub-sections because configuration for Local authentication and with Radius Server are almost identical, just when
----
Radius is chosen extra tab appears.
The <b>General Settings</b> window is where most of the Hotspot configuration takes place. Look to the sub-sections below for information on configuration fields found in the General Settings sections.


====General====
=====General=====
----
----
[[File:Network_rutxxx_manual_hotspot_general_settings_v1.png|border|class=tlt-border]]
[[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_general.png|border|class=tlt-border]]


<table class="nd-mantable">
<table class="nd-mantable">
<tr>
    <tr>
<th>field name</th>
<th>Field</th>
<th>value</th>
<th>Value</th>
<th>description</th>
<th>Description</th>
</tr>
    </tr>
<tr>
    <tr>
<td>Enable</td>
<td>Enable</td>
<td>off {{!}} on; default: '''on'''</td>
<td>off | on; default: <b>on</b></td>
<td>Toggles WiFi Hotspot instance ON or OFF.</td>
<td>Turns the Hotspot instance on or off.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Hotspot Network</td>
<td>Hotspot Network</td>
<td>IP; default: '''192.168.2.0/24'''</td>
<td>ip/netmask; default: <b>192.168.2.0/24</b></td>
<td>Defines IP and subnet of Hotspot Network.</td>
<td>IP address and subnet of the Hotspot network.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>IP Adress</td>
<td>IP Address</td>
<td>ip; default: '''192.168.2.254'''</td>
<td>ip; default: '''192.168.2.254'''</td>
<td>Defines the IP address of your Hotspot router in network.</td>
<td>Defines the IP address of your Hotspot router in network.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Authentication mode</td>
<td>Authentication mode</td>
<td>Radius {{!}} Local user {{!}} {{#ifeq:{{{mobile}}}|1| SMS OTP {{!}}}} MAC auth ; default: '''Local users'''
<td>Radius | Local user | {{#ifeq:{{{mobile}}}|1|SMS OTP <nowiki|</nowiki> |}}MAC auth ; default: <b>Local users</b></td>
</td>
<td>Authentication mode defines how users will connect to the Hotspot.</td>
<td>Authentication mode defines how users will connect to the Hotspot.</td>
    </tr>
</tr>
    <tr>
<tr>
<td>Allow signup</td>
<td>Allow signup
<td>off | on; default: <b>off</b></td>
</td>
<td>Allows users to sign up to hotspot via landing page.</td>
<td>off | on; default: '''off'''</td>
    </tr>
<td>Allows users to sign up to hotspot via landing page.</td>
    <tr>
</tr>
<td>Landing Page</td>
<tr>
<td>Internal | External; default: <b>Internal</b></td>
<td>Landing Page</td>
<td>If external Landing Page is chosen, new section, to enter website address, will appear, e.g., <i><nowiki>http://www.example.com</nowiki></i></td>
<td>Internal {{!}} External; default: '''Internal'''</td>
    </tr>
<td>If external Landing Page is chosen, new section, to enter website address, will appear, e.g.
    <tr>
http://www.example.com</td>
<td>UAM Port</td>
</tr>
<td>integer; default: <b>3990</b></td>
<tr>
<td>Port to bind for authenticating clients.</td>
<td>UAM Port</td>
    </tr>
<td>integer; default: '''3990'''</td>
    <tr>
<td>Port to bind for authenticating clients.</td>
<td>UAM Secret</td>
</tr>
<td>string; default: <b>none</b></td>
<tr>
<td>Shared secret between uamserver and hotspot.</td>
<td>UAM Secret</td>
    </tr>
<td>string; default: <b>none</b></td>
    <tr>
<td>Shared secret between uamserver and hotspot.</td>
<td>Success page</td>
</tr>
<td>Success Page | Original URL | Custom; default: <b>Success page</b></td>
<tr>
<td>Location to return to after successful authentication.</td>
<td>Success page</td>
    </tr>
<td>Success Page {{!}} Original URL {{!}} Custom; default: '''Success page'''</td>
<td>Location to return to after successful authentication.</td>
</tr>
</table>
</table>


====Advanced====
=====Advanced=====
----
----
 
[[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_advanced.png|border|class=tlt-border]]
[[File:Network_rutxxx_manual_hotspot_advanced_settings_v1.png|border|class=tlt-border]]


<table class="nd-mantable">
<table class="nd-mantable">
<tr>
    <tr>
<td>Additional interfaces</td>
<th>Field</th>
<td>Available interfaces; default: '''none'''</td>
<th>Value</th>
<td>Shows additional interfaces that can be attached to hotspot instance.</td>
<th>Description</th>
</tr>
    </tr>
<tr>
    <tr>
<td>Logout address</td>
<td>Additional interfaces</td>
<td>ip; default: '''1.0.0.0'''</td>
<td>Available interfaces; default: '''none'''</td>
<td>An address that can be used by users to logout from the Hotspot session.</td>
<td>Shows additional interfaces that can be attached to hotspot instance.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Protocol</td>
<td>Logout address</td>
<td>HTTP {{!}} HTTPS; default: '''HTTP'''</td>
<td>ip; default: '''1.0.0.0'''</td>
<td>Protocol to be used for landing page.</td>
<td>An address that can be used by users to logout from the Hotspot session.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Enable TOS</td>
<td>Protocol</td>
<td>off {{!}} on; default: '''off'''</td>
<td>HTTP | HTTPS; default: <b>HTTP</b></td>
<td>Enables Terms of Service (ToS) requirement. Cient device will be able to access the Internet only after
<td>Protocol to be used for landing page.</td>
agreeing ToS.</td>
    </tr>
</tr>
    <tr>
<tr>
<td>Enable TOS</td>
<td>Trial access</td>
<td>off | on; default: <b>off</b></td>
<td>off {{!}} on; default: '''off'''</td>
<td>Enables Terms of Service (ToS) requirement. Client device will be able to access the Internet only after agreeing ToS.</td>
<td>Enables trial internet access for a specific group.</td>
    </tr>
</tr>
    <tr>
<tr>
<td>Trial access</td>
<td><span style="color: tomato;">Trial access: </span>Group</td>
<td>off | on; default: <b>off</b></td>
<td>User group; default: '''default'''</td>
<td>Enables trial internet access for a specific group.</td>
<td>Group of trial users.</td>
    </tr>
</tr>
    <tr>
<tr>
<td><span style="color: tomato;">Trial access: </span>Group</td>
<td>HTTPS to landing page redirect</td>
<td>User group; default: <b>default<b/>td>
<td>off {{!}} on; default: '''off'''</td>
<td>Group of trial users.</td>
<td>Redirect initial pre-landing page HTTPS requests to hotspot landing page.</td>
    </tr>
</tr>
    <tr>
<tr>
<td>HTTPS to landing page redirect</td>
<td>DNS server 1</td>
<td>off | on; default: <b>off</b></td>
<td>ip; default: '''8.8.8.8'''</td>
<td>Redirect initial pre-landing page HTTPS requests to hotspot landing page.</td>
<td>Additional DNS servers that are to be used by the Hotspot.</td>
    </tr>
</tr>
    <tr>
<tr>
<td>DNS server 1</td>
<td>DNS server 2</td>
<td>ip; default: <b>8.8.8.8</b></td>
<td>ip; default: '''8.8.4.4'''</td>
<td>Additional DNS servers that are to be used by the Hotspot.</td>
<td>Additional DNS servers that are to be used by the Hotspot.</td>
    </tr>
</tr>
    <tr>
<td>DNS server 2</td>
<td>ip; default: <b>8.8.4.4</b></td>
<td>Additional DNS servers that are to be used by the Hotspot.</td>
    </tr>
</table>
</table>


====Radius====
=====Radius=====
----
----
</b>Radius</b> authentication mode uses an external RADIUS server, to which you have to provide an address to, instead of using the router's Local Authentication. If you are using Local authentication, this section is not visible.


'''Radius''' authentication mode uses an external Radius servers, to which you have to provide an address to, instead of
[[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_radius.png|border|class=tlt-border]]
using the router's Local Authentication. If you are using Local authentication, you can skip straight to
[[{{{name}}}_Hotspot#Walled_Garden|Walled Garden]].
 
[[File:Network_rutxxx_manual_hotspot_radius_settings_v1.png|border|class=tlt-border]]


<table class="nd-mantable">
<table class="nd-mantable">
<tr>
    <tr>
<td>RADIUS server #1</td>
<td>RADIUS server #1</td>
<td>ip; default: <b>none</b></td>
<td>ip; default: <b>none</b></td>
<td>The IP address of the RADIUS server #1 that is to be used for Authenticating your wireless clients.</td>
<td>The IP address of the RADIUS server #1 that is to be used for Authenticating your wireless clients.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>RADIUS server #2</td>
<td>RADIUS server #2</td>
<td>ip; default: <b>none</b></td>
<td>ip; default: <b>none</b></td>
<td>The IP address of the RADIUS server #2 that is to be used for Authenticating your wireless clients.</td>
<td>The IP address of the RADIUS server #2 that is to be used for Authenticating your wireless clients.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Authentication port</td>
<td>Authentication port</td>
<td>integer [0..65535]; default: '''1812'''</td>
<td>integer [0..65535]; default: <b>1812</b></td>
<td>RADIUS server authentication port.</td>
<td>RADIUS server authentication port.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Accounting port</td>
<td>Accounting port</td>
<td>integer [0..65535]; default: '''1813''' </td>
<td>integer [0..65535]; default: <b>1813</b> </td>
<td>RADIUS server accounting port.</td>
<td>RADIUS server accounting port.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>NAS identifier</td>
<td>NAS identifier</td>
<td>string; default: <b>none</b></td>
<td>string; default: <b>none</b></td>
<td>NAS-Identifier is one of the basic RADIUS attributes.</td>
<td>NAS-Identifier is one of the basic RADIUS attributes.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Radius secret key</td>
<td>Radius secret key</td>
<td>string; default: <b>none</b></td>
<td>string; default: <b>none</b></td>
<td>The secret key is a password used for authentication with the RADIUS server.</td>
<td>The secret key is a password used for authentication with the RADIUS server.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Swap octets</td>
<td>Swap octets</td>
<td>off {{!}} on; default: '''off'''</td>
<td>off | on; default: <b>off</b></td>
<td>Swaps the meaning of input octets and output as it relates to RADIUS attributes.</td>
<td>Swaps the meaning of input octets and output as it relates to RADIUS attributes.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Location name</td>
<td>Location name</td>
<td>string; default: <b>none</b></td>
<td>string; default: <b>none</b></td>
<td>Custom location name for your Hotspot.</td>
<td>Custom location name for your Hotspot.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Location ID</td>
<td>Location ID</td>
<td>string; default: <b>none</b></td>
<td>string; default: <b>none</b></td>
<td>Custom location ID for your Hotspot.</td>
<td>Custom location ID for your Hotspot.</td>
</tr>
    </tr>
</table>
</table>


====Walled Garden====
=====Walled Garden=====
----
----
You can add a list of addresses that users connected to the Hotspot will be able to reach without any authentication. By default this list is empty. Simply write addresses into the Address List.


You can add a list of addresses that users connected to the Hotspot will be able to reach without any authentication. By
[[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_walled_garden.png|border|class=tlt-border]]
default this list is empty. Simply write addresses in to Address List.


[[File:Network_rutxxx_manual_hotspot_general_walled_garden_v1.png|border|class=tlt-border]]
=====User Scripts=====
 
====User Scripts====
----
----
In this tab you can add Scripts that will be executed after a session is authorized in the <b>Session up</b> section, after session has moved from authorized state to unauthorized in tge <b>Session down</b> section and after a new user has been signed up in the <b>User signup</b> section.


In this tab you can add Scripts that will be executed after a session is authorized in '''Session up'''
[[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_user_scripts.png|border|class=tlt-border]]
section, after session has moved from authorized state to unauthorized in '''Session down''' section
and after a new user has been signed up in '''User signup''' section.
 
[[File:Network_rutxxx_manual_hotspot_user_scripts_v1.png|border|class=tlt-border]]


==Local Users==
==Local Users==


The '''Users Configuration''' tab is used to create new, unique users that can connect to the Hotspot.
The <b>Users Configuration</b> tab is used to create new, unique users that can connect to the Hotspot.


[[File:Network_rutxxx_manual_hotspot_local_users_v1.png|border|class=tlt-border]]
[[File:Network_rutxxx_manual_hotspot_local_users_v1.png|border|class=tlt-border]]


<table class="nd-mantable">
<table class="nd-mantable">
<tr>
    <tr>
<th>field name</th>
<th>Field</th>
<th>value</th>
<th>Value</th>
<th>description</th>
<th>Description</th>
</tr>
    </tr>
<tr>
    <tr>
<td>Name</td>
<td>Name</td>
<td>string; default: <b>none</b></td>
<td>string; default: <b>none</b></td>
<td>A custom user name used to authenticate clients connecting to the Hotspot.</td>
<td>A custom user name used to authenticate clients connecting to the Hotspot.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Password</td>
<td>Password</td>
<td>string; default: <b>none</b></td>
<td>string; default: <b>none</b></td>
<td>A custom password for the specified user name.</td>
<td>A custom password for the specified user name.</td>
</tr>
    </tr>
<tr>
    <tr>
<td>Group</td>
<td>Group</td>
<td>string; default: '''default'''</td>
<td>string; default: <b>default</b></td>
<td>After adding user select group that it will be assigned to. Group describes connection speeds and
<td>After adding user select group that it will be assigned to. Group describes connection speeds and download/upload limits. The 'default' group settings have no restrictions. More on User Groups in the next section.</td>
dowload/upload limits. The '''default''' group settings have no restrictions. More on User Groups in the
    </tr>
next section.</td>
</tr>
</table>
</table>


==User Groups==
==User Groups==


'''User Groups''' lets set different connection limits for different users. Group '''default''' is already created and
<b>User Groups</b> provides the possibility to set different connection limits for different users. A group called 'default' is already created and does not have any limitations set by default. You can edit this group or create a new by entering a custom name and clicking the 'Add' button.
does not have any limitations set. To create new group simply enter the name and press Add.


[[File:Network_rutxxx_manual_hotspot_user_groups_v1.png|border|class=tlt-border]]
[[File:Network_rutxxx_manual_hotspot_user_groups_v1.png|border|class=tlt-border]]

Revision as of 10:35, 26 August 2020

Template:Networking rutos manual fw disclosure

Summary

On Teltonika Networks devices a Hotspot is a service that provides authentication, authorization and accounting for a network. This chapter is an overview of the Hotspot section for {{{name}}} devices.

General

Hotspot Instances


The Hotspot Instances section displays the main parameters of your Hotspot. By default, a Hotspot instance does not exist on the device. To create a new instance and begin configuration:

  1. select an 'Interface';
  2. click the 'Add' button;
  3. click the 'Edit' button next to the newly added Hotspot instance.

[[File:Networking_rutos_manual_hotspot_hotspot_instances_add_button_edit_buton_wifi_{{{wifi}}}.png|border|class=tlt-border]]

After this you should be redirected to the Hotspot's configuration page.

General Settings


The General Settings window is where most of the Hotspot configuration takes place. Look to the sub-sections below for information on configuration fields found in the General Settings sections.

General

Field Value Description
Enable off | on; default: on Turns the Hotspot instance on or off.
Hotspot Network ip/netmask; default: 192.168.2.0/24 IP address and subnet of the Hotspot network.
IP Address ip; default: 192.168.2.254 Defines the IP address of your Hotspot router in network.
Authentication mode Radius | Local user | </nowiki>MAC auth ; default: Local users Authentication mode defines how users will connect to the Hotspot.
Allow signup off | on; default: off Allows users to sign up to hotspot via landing page.
Landing Page Internal | External; default: Internal If external Landing Page is chosen, new section, to enter website address, will appear, e.g., http://www.example.com
UAM Port integer; default: 3990 Port to bind for authenticating clients.
UAM Secret string; default: none Shared secret between uamserver and hotspot.
Success page Success Page | Original URL | Custom; default: Success page Location to return to after successful authentication.
Advanced

Field Value Description
Additional interfaces Available interfaces; default: none Shows additional interfaces that can be attached to hotspot instance.
Logout address ip; default: 1.0.0.0 An address that can be used by users to logout from the Hotspot session.
Protocol HTTP | HTTPS; default: HTTP Protocol to be used for landing page.
Enable TOS off | on; default: off Enables Terms of Service (ToS) requirement. Client device will be able to access the Internet only after agreeing ToS.
Trial access off | on; default: off Enables trial internet access for a specific group.
Trial access: Group User group; default: defaulttd> Group of trial users.
HTTPS to landing page redirect off | on; default: off Redirect initial pre-landing page HTTPS requests to hotspot landing page.
DNS server 1 ip; default: 8.8.8.8 Additional DNS servers that are to be used by the Hotspot.
DNS server 2 ip; default: 8.8.4.4 Additional DNS servers that are to be used by the Hotspot.
Radius

Radius authentication mode uses an external RADIUS server, to which you have to provide an address to, instead of using the router's Local Authentication. If you are using Local authentication, this section is not visible.

RADIUS server #1 ip; default: none The IP address of the RADIUS server #1 that is to be used for Authenticating your wireless clients.
RADIUS server #2 ip; default: none The IP address of the RADIUS server #2 that is to be used for Authenticating your wireless clients.
Authentication port integer [0..65535]; default: 1812 RADIUS server authentication port.
Accounting port integer [0..65535]; default: 1813 RADIUS server accounting port.
NAS identifier string; default: none NAS-Identifier is one of the basic RADIUS attributes.
Radius secret key string; default: none The secret key is a password used for authentication with the RADIUS server.
Swap octets off | on; default: off Swaps the meaning of input octets and output as it relates to RADIUS attributes.
Location name string; default: none Custom location name for your Hotspot.
Location ID string; default: none Custom location ID for your Hotspot.
Walled Garden

You can add a list of addresses that users connected to the Hotspot will be able to reach without any authentication. By default this list is empty. Simply write addresses into the Address List.

User Scripts

In this tab you can add Scripts that will be executed after a session is authorized in the Session up section, after session has moved from authorized state to unauthorized in tge Session down section and after a new user has been signed up in the User signup section.

Local Users

The Users Configuration tab is used to create new, unique users that can connect to the Hotspot.

File:Network rutxxx manual hotspot local users v1.png

Field Value Description
Name string; default: none A custom user name used to authenticate clients connecting to the Hotspot.
Password string; default: none A custom password for the specified user name.
Group string; default: default After adding user select group that it will be assigned to. Group describes connection speeds and download/upload limits. The 'default' group settings have no restrictions. More on User Groups in the next section.

User Groups

User Groups provides the possibility to set different connection limits for different users. A group called 'default' is already created and does not have any limitations set by default. You can edit this group or create a new by entering a custom name and clicking the 'Add' button.

File:Network rutxxx manual hotspot user groups v1.png

After adding a group it will not have any limits set, so press edit . In following window you will be able to configure yours User Group.

File:Network rutxxx manual hotspot user group settings v1.png

field name value description
Idle timeout integer; default: none A timeout in seconds after which idle users are automatically disconnected from the Hotspot. (0 means unlimited)
Time limit integer; default: none Disables hotspot user after time limit in sec is reached. (0, meaning unlimited)
Download bandwidth integer; default: none Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s or Mbit/s.
Upload bandwidth integer; default: none Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s or Mbit/s.
Download limit integer; default: none A received data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Download limit is specified in MB.
Upload limit integer; default: none A sent data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Upload limit is specified in MB.
Period Month | Week | Day; default: Month The beginning of the period during which the restriction specified in this section will apply. After the period is over, all specified limits are reset.
Start day integer [1..31] | Monday..Sunday | integer [1..24]; default: 1 Choices changes depending on what Period was chosen. Specifies which day of the month, week or hour of the day the limits will be reset.
Expiration time integer; default: 0 Expiration time in sec (0 means unlimited). Only for dynamically created users.

Landing Page

This section is used to define how your Hotspot's Landing Page will look like.

General Settings


General Settings section lets you choose authentication protocol that will be used in Landing Page.

File:Network rutxxx manual hotspot landing page general v1.png

Themes


The Themes section shows all available landing page themes and allows you to edit them.

File:Network rutxxx manual hotspot landing page themes v1.png

Images


The Images section allows you to upload custom images to different objects.

File:Network rutxxx manual hotspot landing page themes images v1.png

Style settings


Pressing edit button next to style settings lets you edit how your landing page will look visually using CSS syntax.

File:Network rutxxx manual hotspot landing page themes style v1.png

View settings


In view settings you can access and modify default templates for various parts of landing page and edit their HTML code.

File:Network rutxxx manual hotspot landing page themes view settings v1.png

User management

The User management section allows you to manage currently logged in users.

File:Network rutxxx manual hotspot landing page user management v1.png

[[Category:{{{name}}} Services section]]