Difference between revisions of "RUT850 Hotspot"

From Teltonika Networks Wiki
 
(36 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
{{Template: Networking_rutxxx_manual_fw_disclosure
 +
| fw_version = RUT850_R_00.01.04
 +
}}
 
==Summary==
 
==Summary==
  
Wireless '''Hotspots''' are essentially Wireless Access Points - they provide network and/or internet access to other Wi-Fi devices. The difference is that Hotspots are a lot more versatile when it comes to managing, monitoring and authenticating the wireless network's users. For example, while Wireless APs can be password protected, with Hotspots you can configure different users with different names, passwords, even data limits and data speeds and more. This chapter is an overview of the '''Wireless Hotspot''' function in RUT routers.
+
Wireless '''Hotspots''' are essentially Wireless Access Points - they provide network and/or internet access to other WiFi devices. The difference is that Hotspots are a lot more versatile when it comes to managing, monitoring and authenticating the wireless network's users. For example, while Wireless APs can be password protected, with Hotspots you can configure different users with different names, passwords, even data limits and data speeds and more. This chapter is an overview of the '''Wireless Hotspot''' function in RUT routers.
  
 
==General==
 
==General==
Line 11: Line 14:
 
'''External Radius''' authentication mode uses an external Radius server, to which you have to provide an address to, instead of using the router's internal Radius server.
 
'''External Radius''' authentication mode uses an external Radius server, to which you have to provide an address to, instead of using the router's internal Radius server.
  
[[Image:Services hotspot configuration external.PNG]]
+
[[File:Services hotspot configuration external v 2.PNG]]
  
{| class="wikitable"
+
<table class="nd-mantable">
|+
+
    <tr>
! style="width: 250px; background: black; color: white;"  | Field name
+
        <th>Field</th>
! style="width: 250px; background: black; color: white;"  | Value
+
      <th>Value</th>
! style="width: 1200px; background: black; color: white;" | Description
+
      <th>Description</th>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Enable
+
    <tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
      <td>Configuration profile</td>
| style="text-align: left; vertical-align: top;" | Toggles Wi-Fi Hotspot ON or OFF
+
      <td>Custom | Cloud4wi | Hotspotsystem; default: '''Custom'''</td>
|-
+
      <td>If not set to '''Custom''', Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the '''Walled Garden''' section. Used only with '''External radius''' Authentication mode. </td>
! style="text-align: left; vertical-align: top;" | AP IP
+
    </tr>
| style="text-align: left; vertical-align: top;" | ip; Default: '''192.168.2.254/24'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | Access Point IP address defines the IP address of your Hotspot's network
+
      <td>Enable</td>
|-
+
      <td>yes | no; default: '''no'''</td>
! style="text-align: left; vertical-align: top;" | Logout address
+
      <td>Toggles Wi-Fi Hotspot ON or OFF</td>
| style="text-align: left; vertical-align: top;" | host {{!}} ip; Default: '''1.1.1.1'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | An address that can be used by users to logout from the Hotspot session
+
    <tr>
|-
+
    <td>AP IP</td>
! style="text-align: left; vertical-align: top;" | Authentication mode
+
        <td>ip; default: '''192.168.2.254/24'''</td>
| style="text-align: left; vertical-align: top;" | External radius {{!}} Internal radius {{!}} Without radius {{!}} Advertisement {{!}} MAC auth {{!}} SMS OTP; Default: '''Without radius'''
+
        <td>Access Point IP address defines the IP address of your Hotspot's network</td>
| style="text-align: left; vertical-align: top;" | Authentication mode defines how users will connect to the Hotspot
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | Authentication protocol
+
    <td>Logout address</td>
| style="text-align: left; vertical-align: top;" | PAP {{!}} CHAP; Default: '''PAP'''
+
        <td>host | ip; default: '''1.1.1.1'''</td>
| style="text-align: left; vertical-align: top;" | Authentication protocol used to authenticate new connections on the Hotspot
+
        <td>An address that can be used by users to logout from the Hotspot session</td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Terms of service
+
    <tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
      <td>Authentication mode</td>
| style="text-align: left; vertical-align: top;" | If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the '''Landing Page''' section
+
      <td>External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; default: '''Without radius'''</td>
|-
+
      <td>Authentication mode defines how users will connect to the Hotspot</td>
! style="text-align: left; vertical-align: top;" | RADIUS server #1 {{!}} RADIUS server #2
+
    </tr>
| style="text-align: left; vertical-align: top;" | ip; Default: " "
+
    <tr>
| style="text-align: left; vertical-align: top;" | The IP address of the RADIUS server that is to be used for Authenticating your wireless clients  
+
      <td>Authentication protocol</td>
|-
+
      <td>PAP | CHAP; default: '''PAP'''</td>
! style="text-align: left; vertical-align: top;" | Authentication port
+
      <td>Authentication protocol used to authenticate new connections on the Hotspot</td>
| style="text-align: left; vertical-align: top;" | integer [0..65535]; Default: '''1812'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | RADIUS server authentication port
+
    <tr>
|-
+
    <td>Terms of service</td>
! style="text-align: left; vertical-align: top;" | Accounting port
+
        <td>yes | no; default: '''no'''</td>
| style="text-align: left; vertical-align: top;" | integer [0..65535]; Default: '''1813'''
+
        <td>If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the '''Landing Page''' section</td>
| style="text-align: left; vertical-align: top;" | RADIUS server accounting port
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | Radius secret key
+
    <td>RADIUS server #1 | RADIUS server #2</td>
| style="text-align: left; vertical-align: top;" | string; Default: " "
+
        <td>ip; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | The secret key is a password used for authentication with the RADIUS server
+
        <td>The IP address of the RADIUS server that is to be used for Authenticating your wireless clients </td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | UAM port
+
    <tr>
| style="text-align: left; vertical-align: top;" | integer [0..65535]; Default: '''3990'''
+
      <td>Authentication port</td>
| style="text-align: left; vertical-align: top;" | Port to bind for authenticating clients
+
      <td>integer [0..65535]; default: '''1812'''</td>
|-
+
      <td>RADIUS server authentication port</td>
! style="text-align: left; vertical-align: top;" | UAM UI port
+
    </tr>
| style="text-align: left; vertical-align: top;" | integer [0..65535]; Default: '''4990'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | UAM User Interface port
+
      <td>Accounting port</td>
|-
+
      <td>integer [0..65535]; default: '''1813''' </td>
! style="text-align: left; vertical-align: top;" | UAM secret
+
      <td>RADIUS server accounting port</td>
| style="text-align: left; vertical-align: top;" | string; Default: " "
+
    </tr>
| style="text-align: left; vertical-align: top;" | Shared secret between the UAM server and the Hotspot
+
    <tr>
|-
+
    <td>Radius secret key</td>
! style="text-align: left; vertical-align: top;" | NAS identifier
+
        <td>string; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | string; Default: " "
+
        <td>The secret key is a password used for authentication with the RADIUS server</td>
| style="text-align: left; vertical-align: top;" | NAS-Identifier is one of the basic RADIUS attributes
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | Swap octets
+
      <td>UAM port</td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
      <td>integer [0..65535]; default: '''3990'''</td>
| style="text-align: left; vertical-align: top;" | Swaps the meaning of input octets and output as it relates to RADIUS attributes
+
      <td>Port to bind for authenticating clients</td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Location name
+
    <tr>
| style="text-align: left; vertical-align: top;" | string; Default: " "
+
      <td>UAM UI port</td>
| style="text-align: left; vertical-align: top;" | Custom location name for your Hotspot
+
      <td>integer [0..65535]; default: '''4990'''</td>
|-
+
      <td>UAM User Interface port</td>
! style="text-align: left; vertical-align: top;" | External landing page
+
    </tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | Enables the use of an external landing page
+
    <td>UAM secret</td>
|-
+
        <td>string; default: <b>none</b></td>
! style="text-align: left; vertical-align: top;" | Protocol
+
        <td>Shared secret between the UAM server and the Hotspot</td>
| style="text-align: left; vertical-align: top;" | HTTP {{!}} HTTPS; Default: '''HTTP'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Connection protocol of your Hotspot
+
    <tr>
|-
+
    <td>NAS identifier</td>
! style="text-align: left; vertical-align: top;" | HTTPS redirect
+
        <td>string; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
        <td>NAS-Identifier is one of the basic RADIUS attributes</td>
| style="text-align: left; vertical-align: top;" | Redirects HTTP pages to landing page
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | SSL key file
+
      <td>Swap octets</td>
| style="text-align: left; vertical-align: top;" | .key file; Default: " "
+
      <td>yes | no; default: '''no'''</td>
| style="text-align: left; vertical-align: top;" | SSL key file used for authentication. This field becomes visible only if '''HTTPS redirect''' is enabled
+
      <td>Swaps the meaning of input octets and output as it relates to RADIUS attributes</td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | SSL certificate file
+
    <tr>
| style="text-align: left; vertical-align: top;" | .crt file; Default: " "
+
    <td>Location name</td>
| style="text-align: left; vertical-align: top;" | SSL certificate file used for authentication. This field becomes visible only if '''HTTPS redirect''' is enabled
+
        <td>string; default: <b>none</b></td>
|-
+
        <td>Custom location name for your Hotspot</td>
! style="text-align: left; vertical-align: top;" | Use custom DNS
+
    </tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | Enables the use of custom DNS servers instead of your regular DNS
+
    <td>External landing page</td>
|-
+
        <td>yes | no; default: '''no'''</td>
! style="text-align: left; vertical-align: top;" | DNS server 1 {{!}} DNS server 2
+
        <td>Enables the use of an external landing page</td>
| style="text-align: left; vertical-align: top;" | ip; Default: " "
+
    </tr>
| style="text-align: left; vertical-align: top;" | Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled
+
    <tr>
|-
+
    <td>Landing page address</td>
|}
+
        <td>string; default: <b>none</b></td>
 +
        <td>A custom Hotspot's external landing page</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Success URL</td>
 +
        <td>string; default: <b>none</b></td>
 +
        <td>A custom redirect URL after successful Hotspot login</td>
 +
    </tr>
 +
    <tr>
 +
      <td>Protocol</td>
 +
      <td>HTTP | HTTPS; default: '''HTTP'''</td>
 +
      <td>Connection protocol of your Hotspot</td>
 +
    </tr>
 +
    <tr>
 +
    <td>HTTPS to landing page redirect</td>
 +
        <td>yes | no; default: '''no'''</td>
 +
        <td>Redirects HTTP pages to landing page</td>
 +
    </tr>
 +
    <tr>
 +
    <td>SSL key file</td>
 +
        <td>.key file; default: <b>none</b></td>
 +
        <td>SSL key file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
 +
    </tr>
 +
    <tr>
 +
    <td>SSL certificate file</td>
 +
        <td>.crt file; default: <b>none</b></td>
 +
        <td>SSL certificate file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Use custom DNS</td>
 +
        <td>yes | no; default: '''no'''</td>
 +
        <td>Enables the use of custom DNS servers instead of your regular DNS</td>
 +
    </tr>
 +
    <tr>
 +
    <td>DNS server 1 | DNS server 2</td>
 +
        <td>ip; default: <b>none</b></td>
 +
        <td>Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled</td>
 +
    </tr>
 +
</table>
  
 
===Internal Radius===
 
===Internal Radius===
 
----
 
----
'''Internal Radius''' is Authentication mode that uses the router's internal RADIUS server for authentication. Teltonika routers' RADIUS server has RFC 2866 RADIUS Accounting and RFC 2869 RADIUS Extensions implemented
+
'''Internal Radius''' is Authentication mode that uses the router's internal RADIUS server for authentication. Teltonika routers' RADIUS server has RFC 2866 RADIUS Accounting and RFC 2869 RADIUS Extensions implemented.
  
[[Image:Services hotspot configuration internal.PNG]]
+
[[File:Services hotspot configuration internal v 2.PNG]]
  
{| class="wikitable"
+
<table class="nd-mantable">
|+
+
    <tr>
! style="width: 250px; background: black; color: white;"  | Field name
+
        <th>Field</th>
! style="width: 250px; background: black; color: white;"  | Value
+
      <th>Value</th>
! style="width: 1200px; background: black; color: white;" | Description
+
      <th>Description</th>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Enable
+
    <tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
      <td>Configuration profile</td>
| style="text-align: left; vertical-align: top;" | Toggles Wi-Fi Hotspot ON or OFF
+
      <td>Custom | Cloud4wi | Hotspotsystem; default: '''Custom'''</td>
|-
+
      <td>If not set to '''Custom''', Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the '''Walled Garden''' section. Used only with '''External radius''' Authentication mode.</td>
! style="text-align: left; vertical-align: top;" | AP IP
+
    </tr>
| style="text-align: left; vertical-align: top;" | ip; Default: '''192.168.2.254/24'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | Access Point IP address defines the IP address of your Hotspot's network
+
      <td>Enable</td>
|-
+
      <td>yes | no; default: '''no'''</td>
! style="text-align: left; vertical-align: top;" | Logout address
+
      <td>Toggles Wi-Fi Hotspot ON or OFF</td>
| style="text-align: left; vertical-align: top;" | host {{!}} ip; Default: '''1.1.1.1'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | An address that can be used by users to logout from the Hotspot session
+
    <tr>
|-
+
    <td>AP IP</td>
! style="text-align: left; vertical-align: top;" | Authentication mode
+
        <td>ip; default: '''192.168.2.254/24'''</td>
| style="text-align: left; vertical-align: top;" | External radius {{!}} Internal radius {{!}} Without radius {{!}} Advertisement {{!}} MAC auth {{!}} SMS OTP; Default: '''Without radius'''
+
        <td>Access Point IP address defines the IP address of your Hotspot's network</td>
| style="text-align: left; vertical-align: top;" | Authentication mode defines how users will connect to the Hotspot
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | Terms of service
+
    <td>Logout address</td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
        <td>host | ip; default: '''1.1.1.1'''</td>
| style="text-align: left; vertical-align: top;" | If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the '''Landing Page''' section
+
        <td>An address that can be used by users to logout from the Hotspot session</td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | External landing page
+
    <tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
      <td>Authentication mode</td>
| style="text-align: left; vertical-align: top;" | Enables the use of an external landing page
+
      <td>External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; default: '''Without radius'''</td>
|-
+
      <td>Authentication mode defines how users will connect to the Hotspot</td>
! style="text-align: left; vertical-align: top;" | Protocol
+
    </tr>
| style="text-align: left; vertical-align: top;" | HTTP {{!}} HTTPS; Default: '''HTTP'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | Connection protocol of your Hotspot
+
      <td>Terms of service</td>
|-
+
      <td>yes | no; default: '''no'''</td>
! style="text-align: left; vertical-align: top;" | HTTPS redirect
+
      <td>If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the '''Landing Page''' section</td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Redirects HTTP pages to landing page
+
    <tr>
|-
+
    <td>External landing page</td>
! style="text-align: left; vertical-align: top;" | SSL key file
+
        <td>yes | no; default: '''no'''</td>
| style="text-align: left; vertical-align: top;" | .key file; Default: " "
+
        <td>Enables the use of an external landing page</td>
| style="text-align: left; vertical-align: top;" | SSL key file used for authentication. This field becomes visible only if '''HTTPS redirect''' is enabled
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | SSL certificate file
+
    <td>Landing page address</td>
| style="text-align: left; vertical-align: top;" | .crt file; Default: " "
+
        <td>string; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | SSL certificate file used for authentication. This field becomes visible only if '''HTTPS redirect''' is enabled
+
        <td>A custom Hotspot's external landing page</td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Use custom DNS
+
    <tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
    <td>Success URL</td>
| style="text-align: left; vertical-align: top;" | Enables the use of custom DNS servers instead of your regular DNS
+
        <td>string; default: <b>none</b></td>
|-
+
        <td>A custom redirect URL after successful Hotspot login</td>
! style="text-align: left; vertical-align: top;" | DNS server 1 {{!}} DNS server 2
+
    </tr>
| style="text-align: left; vertical-align: top;" | ip; Default: " "
+
    <tr>
| style="text-align: left; vertical-align: top;" | Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled
+
      <td>HTTPS to landing page redirect</td>
|-
+
      <td>yes | no; default: '''no'''</td>
|}
+
      <td>Redirects HTTP pages to landing page</td>
 +
    </tr>
 +
    <tr>
 +
      <td>SSL key file</td>
 +
      <td>.key file; default: <b>none</b></td>
 +
      <td>SSL key file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
 +
    </tr>
 +
    <tr>
 +
    <td>SSL certificate file</td>
 +
        <td>.crt file; default: <b>none</b></td>
 +
        <td>SSL certificate file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Use custom DNS</td>
 +
        <td>yes | no; default: '''no'''</td>
 +
        <td>Enables the use of custom DNS servers instead of your regular DNS</td>
 +
    </tr>
 +
    <tr>
 +
    <td>DNS server 1 | DNS server 2</td>
 +
        <td>ip; default: <b>none</b></td>
 +
        <td>Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled</td>
 +
    </tr>
 +
</table>
  
 
Information on how to configure Internal radius server can be found [[#Radius_Server|here]].
 
Information on how to configure Internal radius server can be found [[#Radius_Server|here]].
Line 181: Line 244:
 
'''Without Radius''' Authentication doesn't use a Radius server to authenticate users connecting to the Hotspot, instead it gives you the possibility to configure different users with different password and session parameters.
 
'''Without Radius''' Authentication doesn't use a Radius server to authenticate users connecting to the Hotspot, instead it gives you the possibility to configure different users with different password and session parameters.
  
[[Image:Services hotspot configuration without.PNG]]
+
[[File:Services hotspot configuration without v 2.PNG]]
  
{| class="wikitable"
+
<table class="nd-mantable">
|+
+
    <tr>
! style="width: 250px; background: black; color: white;"  | Field name
+
        <th>Field</th>
! style="width: 250px; background: black; color: white;"  | Value
+
      <th>Value</th>
! style="width: 1200px; background: black; color: white;" | Description
+
      <th>Description</th>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Enable
+
    <tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
      <td>Configuration profile</td>
| style="text-align: left; vertical-align: top;" | Toggles Wi-Fi Hotspot ON or OFF
+
      <td>Custom | Cloud4wi | Hotspotsystem; default: '''Custom'''</td>
|-
+
      <td>If not set to '''Custom''', Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the '''Walled Garden''' section. Used only with '''External radius''' Authentication mode.</td>
! style="text-align: left; vertical-align: top;" | AP IP
+
    </tr>
| style="text-align: left; vertical-align: top;" | ip; Default: '''192.168.2.254/24'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | Access Point IP address defines the IP address of your Hotspot's network
+
      <td>Enable</td>
|-
+
      <td>yes | no; default: '''no'''</td>
! style="text-align: left; vertical-align: top;" | Logout address
+
      <td>Toggles Wi-Fi Hotspot ON or OFF</td>
| style="text-align: left; vertical-align: top;" | host {{!}} ip; Default: '''1.1.1.1'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | An address that can be used by users to logout from the Hotspot session
+
    <tr>
|-
+
    <td>AP IP</td>
! style="text-align: left; vertical-align: top;" | Authentication mode
+
        <td>ip; default: '''192.168.2.254/24'''</td>
| style="text-align: left; vertical-align: top;" | External radius {{!}} Internal radius {{!}} Without radius {{!}} Advertisement {{!}} MAC auth {{!}} SMS OTP; Default: '''Without radius'''
+
        <td>Access Point IP address defines the IP address of your Hotspot's network</td>
| style="text-align: left; vertical-align: top;" | Authentication mode defines how users will connect to the Hotspot
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | Terms of service
+
    <td>Logout address</td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
        <td>host | ip; default: '''1.1.1.1'''</td>
| style="text-align: left; vertical-align: top;" | If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the '''Landing Page''' section
+
        <td>An address that can be used by users to logout from the Hotspot session</td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | External landing page
+
    <tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
      <td>Authentication mode</td>
| style="text-align: left; vertical-align: top;" | Enables the use of an external landing page
+
      <td>External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; default: '''Without radius'''</td>
|-
+
      <td>Authentication mode defines how users will connect to the Hotspot</td>
! style="text-align: left; vertical-align: top;" | Protocol
+
    </tr>
| style="text-align: left; vertical-align: top;" | HTTP {{!}} HTTPS; Default: '''HTTP'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | Connection protocol of your Hotspot
+
      <td>Terms of service</td>
|-
+
      <td>yes | no; default: '''no'''</td>
! style="text-align: left; vertical-align: top;" | HTTPS redirect
+
      <td>If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the '''Landing Page''' section</td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Redirects HTTP pages to landing page
+
    <tr>
|-
+
    <td>External landing page</td>
! style="text-align: left; vertical-align: top;" | SSL key file
+
        <td>yes | no; default: '''no'''</td>
| style="text-align: left; vertical-align: top;" | .key file; Default: " "
+
        <td>Enables the use of an external landing page</td>
| style="text-align: left; vertical-align: top;" | SSL key file used for authentication. This field becomes visible only if '''HTTPS redirect''' is enabled
+
    </tr>
|-
+
   
! style="text-align: left; vertical-align: top;" | SSL certificate file
+
    <tr>
| style="text-align: left; vertical-align: top;" | .crt file; Default: " "
+
    <td>Landing page address</td>
| style="text-align: left; vertical-align: top;" | SSL certificate file used for authentication. This field becomes visible only if '''HTTPS redirect''' is enabled
+
        <td>string; default: <b>none</b></td>
|-
+
        <td>A custom Hotspot's external landing page</td>
! style="text-align: left; vertical-align: top;" | Use custom DNS
+
    </tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | Enables the use of custom DNS servers instead of your regular DNS
+
    <td>Success URL</td>
|-
+
        <td>string; default: <b>none</b></td>
! style="text-align: left; vertical-align: top;" | DNS server 1 {{!}} DNS server 2
+
        <td>A custom redirect URL after successful Hotspot login</td>
| style="text-align: left; vertical-align: top;" | ip; Default: " "
+
    </tr>
| style="text-align: left; vertical-align: top;" | Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled
+
    <tr>
|-
+
    <td>Protocol</td>
|}
+
        <td>HTTP | HTTPS; default: '''HTTP'''</td>
 +
        <td>Connection protocol of your Hotspot</td>
 +
    </tr>
 +
    <tr>
 +
      <td>HTTPS to landing page redirect</td>
 +
      <td>yes | no; default: '''no'''</td>
 +
      <td>Redirects HTTP pages to landing page</td>
 +
    </tr>
 +
    <tr>
 +
      <td>SSL key file</td>
 +
      <td>.key file; default: <b>none</b></td>
 +
      <td>SSL key file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
 +
    </tr>
 +
    <tr>
 +
    <td>SSL certificate file</td>
 +
        <td>.crt file; default: <b>none</b></td>
 +
        <td>SSL certificate file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Use custom DNS</td>
 +
        <td>yes | no; default: '''no'''</td>
 +
        <td>Enables the use of custom DNS servers instead of your regular DNS</td>
 +
    </tr>
 +
    <tr>
 +
    <td>DNS server 1 | DNS server 2</td>
 +
        <td>ip; default: <b>none</b></td>
 +
        <td> Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled</td>
 +
    </tr>
 +
</table>
  
 
====Users Configuration====
 
====Users Configuration====
Line 243: Line 334:
 
The '''Users Configuration''' tab is used to create new, unique users that can connect to the Hotspot.
 
The '''Users Configuration''' tab is used to create new, unique users that can connect to the Hotspot.
  
[[Image:Services hotspot configuration user.PNG]]
+
[[File:Services hotspot configuration user.PNG]]
  
{| class="wikitable"
+
<table class="nd-mantable">
|+
+
    <tr>
! style="width: 250px; background: black; color: white;"  | Field name
+
        <th>Field</th>
! style="width: 250px; background: black; color: white;"  | Value
+
      <th>Value</th>
! style="width: 1200px; background: black; color: white;" | Description
+
      <th>Description</th>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Username
+
    <tr>
| style="text-align: left; vertical-align: top;" | string; Default: " "
+
      <td>Username</td>
| style="text-align: left; vertical-align: top;" | A custom user name used to authenticate clients connecting to the Hotspot
+
      <td>string; default: <b>none</b></td>
|-
+
      <td>A custom user name used to authenticate clients connecting to the Hotspot</td>
! style="text-align: left; vertical-align: top;" | Password
+
    </tr>
| style="text-align: left; vertical-align: top;" | string; Default: " "
+
    <tr>
| style="text-align: left; vertical-align: top;" | A custom password for the specified user name
+
      <td>Password</td>
|-
+
      <td>string; default: <b>none</b></td>
! style="text-align: left; vertical-align: top;" | Session Template
+
      <td>A custom password for the specified user name</td>
| style="text-align: left; vertical-align: top;" | string; Default: '''unlimited'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Session templates define session settings for different users. The '''unlimited''' Session Template is a default template with no restrictions. More on Session Template in the next section
+
    <tr>
|-
+
    <td>Session Template</td>
|}
+
        <td>string; default: '''unlimited'''</td>
 +
        <td>Session templates define session settings for different users. The '''unlimited''' Session Template is a default template with no restrictions. More on Session Template in the next section</td>
 +
    </tr>
 +
</table>
  
 
====Session Templates====
 
====Session Templates====
Line 269: Line 363:
 
A '''Session Template''' is a set of rules that can be prescribed to a Hotspot user. A default template named '''unlimited''' is present in the router, but it has no configured restrictions. You can edit the default template or you can create a custom template and configure it.
 
A '''Session Template''' is a set of rules that can be prescribed to a Hotspot user. A default template named '''unlimited''' is present in the router, but it has no configured restrictions. You can edit the default template or you can create a custom template and configure it.
  
[[Image:Services hotspot configuration session template.PNG]]
+
[[File:Services hotspot configuration session template.PNG| border |class=tlt-border]]
  
{| class="wikitable"
+
<table class="nd-mantable">
|+
+
    <tr>
! style="width: 250px; background: black; color: white;"  | Field name
+
        <th>Field</th>
! style="width: 250px; background: black; color: white;"  | Value
+
      <th>Value</th>
! style="width: 1200px; background: black; color: white;" | Description
+
      <th>Description</th>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Idle timeout
+
    <tr>
| style="text-align: left; vertical-align: top;" | integer; Default: " "
+
      <td>Idle timeout</td>
| style="text-align: left; vertical-align: top;" | A timeout in seconds after which idle users are automatically disconnected from the Hotspot. 0 means unlimited
+
      <td>integer; default: <b>none</b></td>
|-
+
      <td>A timeout in seconds after which idle users are automatically disconnected from the Hotspot. 0 means unlimited</td>
! style="text-align: left; vertical-align: top;" | Session timeout
+
    </tr>
| style="text-align: left; vertical-align: top;" | integer; Default: " "
+
    <tr>
| style="text-align: left; vertical-align: top;" | A timeout in seconds after users are automatically disconnected from the Hotspot. The timeout countdown begins when a user is authenticated to the Hotspot and, after an amount of time specified in this field, the user gets disconnected from the Hotspot. 0 means unlimited
+
      <td>Session timeout</td>
|-
+
      <td>integer; default: <b>none</b></td>
! style="text-align: left; vertical-align: top;" | Download bandwidth
+
      <td>A timeout in seconds after users are automatically disconnected from the Hotspot. The timeout countdown begins when a user is authenticated to the Hotspot and, after an amount of time specified in this field, the user gets disconnected from the Hotspot. 0 means unlimited</td>
| style="text-align: left; vertical-align: top;" | integer; Default: " "
+
    </tr>
| style="text-align: left; vertical-align: top;" | Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s or Mbit/s
+
    <tr>
|-
+
    <td>Download bandwidth</td>
! style="text-align: left; vertical-align: top;" | Upload bandwidth
+
        <td>integer; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | integer; Default: " "
+
        <td> Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s, Mbit/s, Gbit/s</td>
| style="text-align: left; vertical-align: top;" | Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s or Mbit/s
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | Download limit
+
    <td>Upload bandwidth</td>
| style="text-align: left; vertical-align: top;" | integer; Default: " "
+
        <td>integer; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | A received data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Download limit is specified in MB
+
        <td>Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s, Mbit/s or Gbit/s</td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Upload limit
+
    <tr>
| style="text-align: left; vertical-align: top;" | integer; Default: " "
+
      <td>Download limit</td>
| style="text-align: left; vertical-align: top;" | A sent data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Upload limit is specified in MB
+
      <td>integer; default: <b>none</b></td>
|-
+
      <td>A received data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Download limit is specified in MB</td>
! style="text-align: left; vertical-align: top;" | Period
+
    </tr>
| style="text-align: left; vertical-align: top;" | Month {{!}} Week {{!}} Day; Default: '''Month'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | The beginning of the period during which the restriction specified in this section will apply. After the period is over, all specified limits are reset  
+
      <td>Upload limit</td>
|-
+
      <td>integer; default: <b>none</b></td>
! style="text-align: left; vertical-align: top;" | Start day {{!}} Start hour
+
      <td>A sent data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Upload limit is specified in MB</td>
| style="text-align: left; vertical-align: top;" | integer [1..31] {{!}} Monday..Sunday {{!}} integer [1..24]; Default: '''day 1'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Specifies which day of the month, week or hour of the day the limits will be reset
+
    <tr>
|-
+
    <td>Period</td>
|}
+
        <td>Month | Week | Day; default: '''Month'''</td>
 +
        <td>The beginning of the period during which the restriction specified in this section will apply. After the period is over, all specified limits are reset </td>
 +
    </tr>
 +
    <tr>
 +
    <td>Start day | Start hour</td>
 +
        <td>integer [1..31] | Monday..Sunday | integer [1..24]; default: '''day 1'''</td>
 +
        <td>Specifies which day of the month, week or hour of the day the limits will be reset</td>
 +
    </tr>
 +
</table>
  
 
===Advertisement===
 
===Advertisement===
Line 315: Line 417:
 
The '''Advertisement''' Authentication mode doesn't use any kind of actual authentication. Instead when a user connects to the Hotspot he first gets redirected to a specified advertisement page. After that the user is free to use the Hotspot.  
 
The '''Advertisement''' Authentication mode doesn't use any kind of actual authentication. Instead when a user connects to the Hotspot he first gets redirected to a specified advertisement page. After that the user is free to use the Hotspot.  
  
[[Image:Services hotspot configuration advertisement.PNG]]
+
[[File:Services_hotspot_configuration_advertisement_v3.PNG|border|class=tlt-border]]
  
{| class="wikitable"
+
<table class="nd-mantable">
|+
+
    <tr>
! style="width: 250px; background: black; color: white;"  | Field name
+
        <th>Field</th>
! style="width: 250px; background: black; color: white;"  | Value
+
      <th>Value</th>
! style="width: 1200px; background: black; color: white;" | Description
+
      <th>Description</th>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Enable
+
    <tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
      <td>Configuration profile</td>
| style="text-align: left; vertical-align: top;" | Toggles Wi-Fi Hotspot ON or OFF
+
      <td>Custom | Cloud4wi | Hotspotsystem; default: '''Custom'''</td>
|-
+
      <td>If not set to '''Custom''', Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the '''Walled Garden''' section. Used only with '''External radius''' Authentication mode.</td>
! style="text-align: left; vertical-align: top;" | AP IP
+
    </tr>
| style="text-align: left; vertical-align: top;" | ip; Default: '''192.168.2.254/24'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | Access Point IP address defines the IP address of your Hotspot's network
+
      <td>Enable</td>
|-
+
      <td>yes | no; default: '''no'''</td>
! style="text-align: left; vertical-align: top;" | Authentication mode
+
      <td>Toggles Wi-Fi Hotspot ON or OFF</td>
| style="text-align: left; vertical-align: top;" | External radius {{!}} Internal radius {{!}} Without radius {{!}} Advertisement {{!}} MAC auth {{!}} SMS OTP; Default: '''Without radius'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Authentication mode defines how users will connect to the Hotspot
+
    <tr>
|-
+
    <td>AP IP</td>
! style="text-align: left; vertical-align: top;" | Advertisement address
+
        <td>ip; default: '''192.168.2.254/24'''</td>
| style="text-align: left; vertical-align: top;" | host {{!}} ip; Default: " "
+
        <td>Access Point IP address defines the IP address of your Hotspot's network</td>
| style="text-align: left; vertical-align: top;" | The address of the advertisement page that newly connected users will be redirected to
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | HTTPS redirect
+
    <td>Authentication mode</td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
        <td>External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; default: '''Without radius'''</td>
| style="text-align: left; vertical-align: top;" | Redirects HTTP pages to landing page
+
        <td>Authentication mode defines how users will connect to the Hotspot</td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | SSL key file
+
    <tr>
| style="text-align: left; vertical-align: top;" | .key file; Default: " "
+
      <td>Advertisement address</td>
| style="text-align: left; vertical-align: top;" | SSL key file used for authentication. This field becomes visible only if '''HTTPS redirect''' is enabled
+
      <td>host | ip; default: <b>none</b></td>
|-
+
      <td>The address of the advertisement page that newly connected users will be redirected to</td>
! style="text-align: left; vertical-align: top;" | SSL certificate file
+
    </tr>
| style="text-align: left; vertical-align: top;" | .crt file; Default: " "
+
    <tr>
| style="text-align: left; vertical-align: top;" | SSL certificate file used for authentication. This field becomes visible only if '''HTTPS redirect''' is enabled
+
      <td>HTTPS to landing page redirect</td>
|-
+
      <td>yes | no; default: '''no'''</td>
! style="text-align: left; vertical-align: top;" | Use custom DNS
+
      <td>Redirects HTTP pages to landing page</td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Enables the use of custom DNS servers instead of your regular DNS
+
    <tr>
|-
+
    <td>SSL key file</td>
! style="text-align: left; vertical-align: top;" | DNS server 1 {{!}} DNS server 2
+
        <td>.key file; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | ip; Default: " "
+
        <td>SSL key file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled </td>
| style="text-align: left; vertical-align: top;" | Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled
+
    </tr>
|-
+
    <tr>
|}
+
    <td>SSL certificate file</td>
 +
        <td>.crt file; default: <b>none</b></td>
 +
        <td>SSL certificate file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Use custom DNS</td>
 +
        <td>yes | no; default: '''no'''</td>
 +
        <td>Enables the use of custom DNS servers instead of your regular DNS</td>
 +
    </tr>
 +
    <tr>
 +
    <td>DNS server 1 | DNS server 2</td>
 +
        <td>ip; default: <b>none</b></td>
 +
        <td>Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled</td>
 +
    </tr>
 +
</table>
  
 
===MAC auth===
 
===MAC auth===
 
----
 
----
'''MAC auth''' Authentication mode authenticates users by their MAC address. A list of accepted or unaccepted MAC addresses can be configured in the router's WebUI's Wireless section under Interface Configuration->[[Wireless#MAC_Filter|MAC Filter]]
+
'''MAC auth''' Authentication mode authenticates users by their MAC address. A list of accepted or unaccepted MAC addresses can be configured in the router's WebUI's Wireless section under Interface Configuration->[[RUT850_Wireless#MAC_Filter|MAC Filter]]
  
[[Image:Services hotspot configuration mac.PNG]]
+
[[File:Services hotspot configuration mac v 2.PNG| border | class=tlt-border]]
  
{| class="wikitable"
+
<table class="nd-mantable">
|+
+
    <tr>
! style="width: 250px; background: black; color: white;"  | Field name
+
        <th>Field</th>
! style="width: 250px; background: black; color: white;"  | Value
+
      <th>Value</th>
! style="width: 1200px; background: black; color: white;" | Description
+
      <th>Description</th>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Enable
+
    <tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
      <td>Configuration profile</td>
| style="text-align: left; vertical-align: top;" | Toggles Wi-Fi Hotspot ON or OFF
+
      <td>Custom | Cloud4wi | Hotspotsystem; default: '''Custom'''</td>
|-
+
      <td>If not set to '''Custom''', Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the '''Walled Garden''' section. Used only with '''External radius''' Authentication mode.</td>
! style="text-align: left; vertical-align: top;" | AP IP
+
    </tr>
| style="text-align: left; vertical-align: top;" | ip; Default: '''192.168.2.254/24'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | Access Point IP address defines the IP address of your Hotspot's network
+
      <td>Enable</td>
|-
+
      <td>yes | no; default: '''no'''</td>
! style="text-align: left; vertical-align: top;" | Logout address
+
      <td>Toggles Wi-Fi Hotspot ON or OFF</td>
| style="text-align: left; vertical-align: top;" | host {{!}} ip; Default: '''1.1.1.1'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | An address that can be used by users to logout from the Hotspot session
+
    <tr>
|-
+
    <td>AP IP</td>
! style="text-align: left; vertical-align: top;" | Authentication mode
+
        <td>ip; default: '''192.168.2.254/24'''</td>
| style="text-align: left; vertical-align: top;" | External radius {{!}} Internal radius {{!}} Without radius {{!}} Advertisement {{!}} MAC auth {{!}} SMS OTP; Default: '''Without radius'''
+
        <td>Access Point IP address defines the IP address of your Hotspot's network</td>
| style="text-align: left; vertical-align: top;" | Authentication mode defines how users will connect to the Hotspot
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | Terms of service
+
    <td>Logout address</td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
        <td>host | ip; default: '''1.1.1.1'''</td>
| style="text-align: left; vertical-align: top;" | If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the '''Landing Page''' section
+
        <td>An address that can be used by users to logout from the Hotspot session</td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Password protection
+
    <tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
      <td>Authentication mode</td>
| style="text-align: left; vertical-align: top;" | Enables Hotspot password protection
+
      <td>External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; default: '''Without radius'''</td>
|-
+
      <td>Authentication mode defines how users will connect to the Hotspot</td>
! style="text-align: left; vertical-align: top;" | Password
+
    </tr>
| style="text-align: left; vertical-align: top;" | string; Default: " "
+
    <tr>
| style="text-align: left; vertical-align: top;" | A password used to authenticate connecting clients to the Hotspot
+
      <td>Terms of service</td>
|-
+
      <td>yes | no; default: '''no'''</td>
! style="text-align: left; vertical-align: top;" | Website access link
+
      <td>If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the '''Landing Page''' section</td>
| style="text-align: left; vertical-align: top;" | Link {{!}} Auto redirect {{!}} Custom address; Default: '''no'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Requested website access mode
+
    <tr>
|-
+
    <td>Password protection</td>
! style="text-align: left; vertical-align: top;" | Protocol
+
        <td>yes | no; default: '''no'''</td>
| style="text-align: left; vertical-align: top;" | HTTP {{!}} HTTPS; Default: '''HTTP'''
+
        <td>Enables Hotspot password protection</td>
| style="text-align: left; vertical-align: top;" | Connection protocol of your Hotspot
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | HTTPS redirect
+
    <td>Password</td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
        <td>string; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | Redirects HTTP pages to landing page
+
        <td>A password used to authenticate connecting clients to the Hotspot</td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | SSL key file
+
    <tr>
| style="text-align: left; vertical-align: top;" | .key file; Default: " "
+
      <td>Website access link</td>
| style="text-align: left; vertical-align: top;" | SSL key file used for authentication. This field becomes visible only if '''HTTPS redirect''' is enabled
+
      <td>Link | Auto redirect | Custom address; default: '''Link'''</td>
|-
+
      <td>Requested website access mode</td>
! style="text-align: left; vertical-align: top;" | SSL certificate file
+
    </tr>
| style="text-align: left; vertical-align: top;" | .crt file; Default: " "
+
    <tr>
| style="text-align: left; vertical-align: top;" | SSL certificate file used for authentication. This field becomes visible only if '''HTTPS redirect''' is enabled
+
      <td>Protocol</td>
|-
+
      <td>HTTP | HTTPS; default: '''HTTP'''</td>
! style="text-align: left; vertical-align: top;" | Use custom DNS
+
      <td>Connection protocol of your Hotspot</td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Enables the use of custom DNS servers instead of your regular DNS
+
    <tr>
|-
+
    <td>HTTPS to landing page redirect</td>
! style="text-align: left; vertical-align: top;" | DNS server 1 {{!}} DNS server 2
+
        <td>yes | no; default: '''no'''</td>
| style="text-align: left; vertical-align: top;" | ip; Default: " "
+
        <td>Redirects HTTP pages to landing page</td>
| style="text-align: left; vertical-align: top;" | Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled
+
    </tr>
|-
+
    <tr>
|}
+
    <td>SSL key file</td>
 +
        <td>.key file; default: <b>none</b></td>
 +
        <td>SSL key file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
 +
    </tr>
 +
    <tr>
 +
      <td>SSL certificate file</td>
 +
      <td>.crt file; default: <b>none</b></td>
 +
      <td>SSL certificate file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Use custom DNS</td>
 +
        <td>yes | no; default: '''no'''</td>
 +
        <td>Enables the use of custom DNS servers instead of your regular DNS</td>
 +
    </tr>
 +
    <tr>
 +
    <td>DNS server 1 | DNS server 2</td>
 +
        <td>ip; default: <b>none</b></td>
 +
        <td>Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled</td>
 +
    </tr>
 +
</table>
  
 
===SMS OTP===
 
===SMS OTP===
Line 435: Line 570:
 
With '''SMS OTP''' Authentication mode connecting users are prompted to enter their phone number. After that, the router sends and SMS message containing a code to the specified number. Users then authenticate themselves to the Hotspot using this code.
 
With '''SMS OTP''' Authentication mode connecting users are prompted to enter their phone number. After that, the router sends and SMS message containing a code to the specified number. Users then authenticate themselves to the Hotspot using this code.
  
[[Image:Services hotspot configuration sms.PNG]]
+
[[File:Services hotspot configuration sms v 2.PNG |border| class=tlt-border]]
  
{| class="wikitable"
+
<table class="nd-mantable">
|+
+
    <tr>
! style="width: 250px; background: black; color: white;"  | Field name
+
        <th>Field</th>
! style="width: 250px; background: black; color: white;"  | Value
+
      <th>Value</th>
! style="width: 1200px; background: black; color: white;" | Description
+
      <th>Description</th>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Enable
+
    <tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
      <td>Configuration profile</td>
| style="text-align: left; vertical-align: top;" | Toggles Wi-Fi Hotspot ON or OFF
+
      <td>Custom | Cloud4wi | Hotspotsystem; default: '''Custom'''</td>
|-
+
      <td>If not set to '''Custom''', Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the '''Walled Garden''' section. Used only with '''External radius''' Authentication mode.</td>
! style="text-align: left; vertical-align: top;" | AP IP
+
    </tr>
| style="text-align: left; vertical-align: top;" | ip; Default: '''192.168.2.254/24'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | Access Point IP address defines the IP address of your Hotspot's network
+
      <td>Enable</td>
|-
+
      <td>yes | no; default: '''no'''</td>
! style="text-align: left; vertical-align: top;" | Authentication mode
+
      <td>Toggles Wi-Fi Hotspot ON or OFF</td>
| style="text-align: left; vertical-align: top;" | External radius {{!}} Internal radius {{!}} Without radius {{!}} Advertisement {{!}} MAC auth {{!}} SMS OTP; Default: '''Without radius'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Authentication mode defines how users will connect to the Hotspot
+
    <tr>
|-
+
    <td>AP IP</td>
! style="text-align: left; vertical-align: top;" | Protocol
+
        <td>ip; default: '''192.168.2.254/24'''</td>
| style="text-align: left; vertical-align: top;" | HTTP {{!}} HTTPS; Default: '''HTTP'''
+
        <td>Access Point IP address defines the IP address of your Hotspot's network</td>
| style="text-align: left; vertical-align: top;" | Connection protocol of your Hotspot
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | HTTPS redirect
+
    <td>Authentication mode</td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
        <td>External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; default: '''Without radius'''</td>
| style="text-align: left; vertical-align: top;" | Redirects HTTP pages to landing page
+
        <td>Authentication mode defines how users will connect to the Hotspot</td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | SSL key file
+
    <tr>
| style="text-align: left; vertical-align: top;" | .key file; Default: " "
+
      <td>Protocol</td>
| style="text-align: left; vertical-align: top;" | SSL key file used for authentication. This field becomes visible only if '''HTTPS redirect''' is enabled
+
      <td>HTTP | HTTPS; default: '''HTTP'''</td>
|-
+
      <td>Connection protocol of your Hotspot</td>
! style="text-align: left; vertical-align: top;" | SSL certificate file
+
    </tr>
| style="text-align: left; vertical-align: top;" | .crt file; Default: " "
+
    <tr>
| style="text-align: left; vertical-align: top;" | SSL certificate file used for authentication. This field becomes visible only if '''HTTPS redirect''' is enabled
+
      <td>HTTPS to landing page redirect</td>
|-
+
      <td>yes | no; default: '''no'''</td>
! style="text-align: left; vertical-align: top;" | Use custom DNS
+
      <td>Redirects HTTP pages to landing page</td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Enables the use of custom DNS servers instead of your regular DNS
+
    <tr>
|-
+
    <td>SSL key file</td>
! style="text-align: left; vertical-align: top;" | DNS server 1 {{!}} DNS server 2
+
        <td>.key file; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | ip; Default: " "
+
        <td>SSL key file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
| style="text-align: left; vertical-align: top;" | Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled
+
    </tr>
|-
+
    <tr>
|}
+
    <td>SSL certificate file</td>
 +
        <td>.crt file; default: <b>none</b></td>
 +
        <td>SSL certificate file used for authentication. This field becomes visible only if '''HTTPS to landing page redirect''' is enabled</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Use custom DNS</td>
 +
        <td>yes | no; default: '''no'''</td>
 +
        <td>Enables the use of custom DNS servers instead of your regular DNS</td>
 +
    </tr>
 +
    <tr>
 +
    <td>DNS server 1 | DNS server 2</td>
 +
        <td>ip; default: <b>none</b></td>
 +
        <td>Additional DNS servers that are to be used by the Hotspot. These fields become visible only if '''Use custom DNS''' is enabled</td>
 +
    </tr>
 +
</table>
  
===List Of Addresses The Client Can Access Without First Authenticating===
+
===Walled Garden===
 
----
 
----
 
You can configure a list of addresses that users connected to the Hotspot will be able to reach without any authentication. By default this list is empty. Click the '''Add''' button to add a new address.
 
You can configure a list of addresses that users connected to the Hotspot will be able to reach without any authentication. By default this list is empty. Click the '''Add''' button to add a new address.
  
[[Image:Services hotspot configuration address list.PNG]]
+
[[File:Services hotspot configuration walled garden.png| border| class=tlt-border]]
  
{| class="wikitable"
+
<table class="nd-mantable">
|+
+
    <tr>
! style="width: 250px; background: black; color: white;"  | Field name
+
        <th>Field</th>
! style="width: 250px; background: black; color: white;"  | Value
+
      <th>Value</th>
! style="width: 1200px; background: black; color: white;" | Description
+
      <th>Description</th>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Enable
+
    <tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
      <td>Enable</td>
| style="text-align: left; vertical-align: top;" | Enables or disables an entry of the list
+
      <td>yes | no; default: '''yes'''</td>
|-
+
      <td>Enables or disables an entry of the list</td>
! style="text-align: left; vertical-align: top;" | Address
+
    </tr>
| style="text-align: left; vertical-align: top;" | host {{!}} ip; Default: " "
+
    <tr>
| style="text-align: left; vertical-align: top;" | An address that users connected to the Hotspot can reach without authentication
+
      <td>Address</td>
|-
+
      <td>host | ip; default: <b>none</b></td>
! style="text-align: left; vertical-align: top;" | Port
+
      <td>An address that users connected to the Hotspot can reach without authentication</td>
| style="text-align: left; vertical-align: top;" | integer [0..65535]; Default: " "
+
    </tr>
| style="text-align: left; vertical-align: top;" | Specifies the port through which the user can connect to the provided address. This field becomes visible only if '''Allow subdomains''' is disabled
+
    <tr>
|-
+
    <td>Port</td>
! style="text-align: left; vertical-align: top;" | Allow subdomains
+
        <td>integer [0..65535]; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
        <td>Specifies the port through which the user can connect to the provided address. This field becomes visible only if '''Allow subdomains''' is disabled</td>
| style="text-align: left; vertical-align: top;" | If checked, users can connect to the specified address and all of its subdomains
+
    </tr>
|-
+
    <tr>
|}
+
    <td>Allow subdomains</td>
 +
        <td>yes | no; default: '''no'''</td>
 +
        <td>If checked, users can connect to the specified address and all of its subdomains</td>
 +
    </tr>
 +
</table>
  
 
==Restricted Internet Access==
 
==Restricted Internet Access==
Line 515: Line 668:
 
The '''Restricted Internet Access''' page provides you with the possibility to restrict internet access on Hotspot on specified hours. Blue squares represent restricted access, white squares - allowed access. Bellow is an example of a configuration that restricts internet access outside of working hours.
 
The '''Restricted Internet Access''' page provides you with the possibility to restrict internet access on Hotspot on specified hours. Blue squares represent restricted access, white squares - allowed access. Bellow is an example of a configuration that restricts internet access outside of working hours.
  
[[Image:Services hotspot restricted list.PNG]]
+
[[File:Services hotspot restricted list.PNG|border|class=tlt-border]]
  
 
==Logging==
 
==Logging==
 +
The Hotspot '''Logging''' section is used to send Hotspot or Wireless information to an FTP or Syslog server.
 +
[[File:Services hotspot logging configuration logging.PNG|border| class=tlt-border]]
 +
<table class="nd-mantable">
 +
    <tr>
 +
        <th>Field</th>
 +
      <th>Value</th>
 +
      <th>Description</th>
 +
    </tr>
 +
    <tr>
 +
      <td>Enable</td>
 +
      <td>yes | no; default: '''no'''</td>
 +
      <td> Enables or disables whole logging section's fuctionality  </td>
 +
    </tr>
 +
</table>
 +
[[File:Services hotspot logging configuration syslog.PNG|border| class=tlt-border]]
  
The Hotspot '''Logging''' section is used to periodically send Hotspot information to an FTP server.
+
<table class="nd-mantable">
 +
    <tr>
 +
        <th>Field</th>
 +
      <th>Value</th>
 +
      <th>Description</th>
 +
    </tr>
 +
    <tr>
 +
      <td>Enable</td>
 +
      <td>yes | no; default: '''no'''</td>
 +
      <td>Toggles logging to Syslog ON or OFF  </td>
 +
    </tr>
 +
    <tr>
 +
      <td>Server address</td>
 +
      <td>host | ip; default: '''" "'''</td>
 +
      <td>Syslog server address</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Port</td>
 +
        <td>integer [0..65535]; default: '''" "'''</td>
 +
        <td>Syslog server port</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Protocol</td>
 +
        <td>UDP|TCP default: '''TCP'''</td>
 +
        <td>Protocol of the syslog server</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Prefix text</td>
 +
        <td>string; default: '''" "''' </td>
 +
        <td>Prefix custom text to streamed messages</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Protocol filter</td>
 +
        <td>UDP|TCP|Any; default: '''Any'''</td>
 +
        <td>Filter log messages depending on protocol</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Port filter </td>
 +
        <td>integer [0..65535]; default: '''" "'''</td>
 +
        <td>Filter log messages depending on port of port range</td>
 +
    </tr>
 +
</table>
  
[[Image:Services hotspot logging configuration ftp.PNG]]
 
  
{| class="wikitable"
+
[[File:Services hotspot logging configuration ftp.PNG|border| class=tlt-border]]
|+
+
 
! style="width: 250px; background: black; color: white;" | Field name
+
<table class="nd-mantable">
! style="width: 250px; background: black; color: white;"  | Value
+
    <tr>
! style="width: 1200px; background: black; color: white;" | Description
+
        <th>Field</th>
|-
+
      <th>Value</th>
! style="text-align: left; vertical-align: top;" | Enable
+
      <th>Description</th>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Toggles logging to FTP ON or OFF
+
    <tr>
|-
+
      <td>Enable</td>
! style="text-align: left; vertical-align: top;" | Server address
+
      <td>yes | no; default: '''no'''</td>
| style="text-align: left; vertical-align: top;" | host {{!}} ip; Default: '''your.ftp.server'''
+
      <td>Toggles logging to FTP ON or OFF</td>
| style="text-align: left; vertical-align: top;" | FTP server address.
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | User name
+
      <td>Server address</td>
| style="text-align: left; vertical-align: top;" | string; Default: '''username'''
+
      <td>host | ip; default: '''your.ftp.server'''</td>
| style="text-align: left; vertical-align: top;" | User name used for authentication when logging into an FTP server
+
      <td>FTP server address.</td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Password
+
    <tr>
| style="text-align: left; vertical-align: top;" | string; Default: " "
+
    <td>User name</td>
| style="text-align: left; vertical-align: top;" | Password used for authentication when logging into an FTP server
+
        <td>string; default: '''username'''</td>
|-
+
        <td>User name used for authentication when logging into an FTP server</td>
! style="text-align: left; vertical-align: top;" | Port
+
    </tr>
| style="text-align: left; vertical-align: top;" | integer [0..65535]; Default: '''21'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | FTP server port
+
    <td>Password</td>
|-
+
        <td>string; default: '''password'''</td>
! style="text-align: left; vertical-align: top;" | File name extras
+
        <td>Password used for authentication when logging into an FTP server</td>
| style="text-align: left; vertical-align: top;" | No extra information {{!}} MAC address {{!}} Serial number {{!}} Custom string; Default: '''No extra information'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Extra information to be added to the log filename
+
    <tr>
|-
+
    <td>Port</td>
|}
+
        <td>integer [0..65535]; default: '''21''' </td>
 +
        <td>FTP server port</td>
 +
    </tr>
 +
    <tr>
 +
    <td>File name extras</td>
 +
        <td>No extra information | MAC address | Serial number | Custom string; default: '''No extra information'''</td>
 +
        <td>Extra information to be added to the log filename</td>
 +
    </tr>
 +
</table>
  
 
===FTP Upload Settings===
 
===FTP Upload Settings===
Line 559: Line 775:
 
Here you can configure your timing settings for the log upload via FTP feature.
 
Here you can configure your timing settings for the log upload via FTP feature.
  
[[Image:Services hotspot logging configuration ftp set.PNG]]
+
[[File:Services hotspot logging configuration ftp set.PNG|border|class=tlt-border]]
  
{| class="wikitable"
+
<table class="nd-mantable">
|+
+
    <tr>
! style="width: 250px; background: black; color: white;"  | Field name
+
        <th>Field</th>
! style="width: 250px; background: black; color: white;"  | Value
+
      <th>Value</th>
! style="width: 1200px; background: black; color: white;" | Description
+
      <th>Description</th>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Mode
+
    <tr>
| style="text-align: left; vertical-align: top;" | Fixed {{!}} Interval; Default: '''Fixed'''
+
      <td>Mode</td>
| style="text-align: left; vertical-align: top;" | The scheduling mode to be used for uploading to FTP server
+
      <td>Fixed | Interval; default: '''Fixed'''</td>
|-
+
      <td>The scheduling mode to be used for uploading to FTP server</td>
! style="text-align: left; vertical-align: top;" | Hours {{!}} Minutes {{!}} Days
+
    </tr>
| style="text-align: left; vertical-align: top;" | time; Default: '''8 hours 15 minutes'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | Time interval when the uploads will take place
+
      <td>Hours</td>
|-
+
      <td>time; default: '''8 hours'''</td>
|}
+
      <td>Time interval when the uploads will take place</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Minutes</td>
 +
    <td>time;default: '''15 minutes'''</td>
 +
    <td>Time interval when the uploads will take place</td>
 +
    </tr>
 +
    <td>Days</td>
 +
    <td>time;default: '''Monday, Tuesday, Wednesday, Thursday, Friday'''</td>
 +
    <td>On which day upload will take place</td>
 +
    <tr>
 +
 
 +
    </tr>
 +
</table>
  
 
===Wifi Log/SMS OTP Log===
 
===Wifi Log/SMS OTP Log===
 
----
 
----
 
WiFi and SMS OTP logs show information about connections to your WiFi Hotspot. FTP logging has to be enabled.
 
WiFi and SMS OTP logs show information about connections to your WiFi Hotspot. FTP logging has to be enabled.
 +
[[File:Services hotspot logging configuration Wifi log.PNG|border|class=tlt-border]]
 +
[[File:Services hotspot logging configuration SMS OTP log.PNG|border|class=tlt-border]]
  
 
==Landing Page==
 
==Landing Page==
Line 585: Line 816:
 
This section is used to define how your Hotspot's Landing Page will look like.  
 
This section is used to define how your Hotspot's Landing Page will look like.  
  
[[Image:Services hotspot landing page general.PNG]]
+
[[File:Services hotspot landing page general.PNG|border|class=tlt-border]]
  
 
===Template===
 
===Template===
Line 591: Line 822:
 
This is a template based on the default landing page. You can edit its HTML code to make it look however you want!
 
This is a template based on the default landing page. You can edit its HTML code to make it look however you want!
  
[[Image:Services hotspot landing page template.PNG]]
+
[[File:Services hotspot landing page template.PNG|border|class=tlt-border]]
 +
 
 +
===Custom Landing Page===
 +
----
  
 
==Radius Server==
 
==Radius Server==
Line 597: Line 831:
 
This section is used to configure your '''Radius Server''' for use with '''[[#Internal_Radius|Internal radius]]''' Authentication mode
 
This section is used to configure your '''Radius Server''' for use with '''[[#Internal_Radius|Internal radius]]''' Authentication mode
  
[[Image:Services hotspot radius server.PNG]]
+
[[File:Services hotspot radius server.PNG|border|class=tlt-border]]
 +
 
 +
<table class="nd-mantable">
 +
    <tr>
 +
        <th>Field</th>
 +
      <th>Value</th>
 +
      <th>Description</th>
 +
    </tr>
 +
    <tr>
 +
      <td>Enable</td>
 +
      <td>yes | no; default: '''no'''</td>
 +
      <td>Toggles Radius Server ON or OFF</td>
 +
    </tr>
 +
    <tr>
 +
      <td>Remote access</td>
 +
      <td>yes | no; default: '''no'''</td>
 +
      <td>Toggles remote access to the Radius Server ON or OFF.</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Accounting port</td>
 +
        <td>integer [0..65535]; default: '''1813'''</td>
 +
        <td>Radius server accounting port </td>
 +
    </tr>
 +
    <tr>
 +
    <td>Authentication port</td>
 +
        <td>integer [0..65535]; default: '''1812'''</td>
 +
        <td>Radius server authentication port</td>
 +
    </tr>
 +
</table>
  
{| class="wikitable"
 
|+
 
! style="width: 250px; background: black; color: white;"  | Field name
 
! style="width: 250px; background: black; color: white;"  | Value
 
! style="width: 1200px; background: black; color: white;" | Description
 
|-
 
! style="text-align: left; vertical-align: top;" | Enable
 
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
 
| style="text-align: left; vertical-align: top;" | Toggles Radius Server ON or OFF
 
|-
 
! style="text-align: left; vertical-align: top;" | Remote access
 
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
 
| style="text-align: left; vertical-align: top;" | Toggles remote access to the Radius Server ON or OFF.
 
|-
 
! style="text-align: left; vertical-align: top;" | Authentication port
 
| style="text-align: left; vertical-align: top;" | integer [0..65535]; Default: '''1812'''
 
| style="text-align: left; vertical-align: top;" | Radius server authentication port
 
|-
 
! style="text-align: left; vertical-align: top;" | Accounting port
 
| style="text-align: left; vertical-align: top;" | integer [0..65535]; Default: '''1813'''
 
| style="text-align: left; vertical-align: top;" | Radius server accounting port
 
|-
 
|}
 
  
 
===Session Settings===
 
===Session Settings===
Line 627: Line 866:
 
A '''Session Template''' is a set of rules that can be prescribed to a Hotspot user. A default template named '''unlimited''' is present in the router, but it has no configured restriction. You can edit the default template or you can create a custom template and configure it.
 
A '''Session Template''' is a set of rules that can be prescribed to a Hotspot user. A default template named '''unlimited''' is present in the router, but it has no configured restriction. You can edit the default template or you can create a custom template and configure it.
  
[[Image:Services hotspot configuration session template.PNG]]
+
[[File:Services hotspot configuration session template.PNG|border|class=tlt-border]]
  
{| class="wikitable"
+
<table class="nd-mantable">
|+
+
    <tr>
! style="width: 250px; background: black; color: white;"  | Field name
+
        <th>Field</th>
! style="width: 250px; background: black; color: white;"  | Value
+
      <th>Value</th>
! style="width: 1200px; background: black; color: white;" | Description
+
      <th>Description</th>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Idle timeout
+
    <tr>
| style="text-align: left; vertical-align: top;" | integer; Default: " "
+
      <td>Idle timeout</td>
| style="text-align: left; vertical-align: top;" | A timeout in seconds after which idle users are automatically disconnected from the Hotspot. 0 means unlimited
+
      <td>integer; default: <b>none</b></td>
|-
+
      <td>A timeout in seconds after which idle users are automatically disconnected from the Hotspot. 0 means unlimited</td>
! style="text-align: left; vertical-align: top;" | Session timeout
+
    </tr>
| style="text-align: left; vertical-align: top;" | integer; Default: " "
+
    <tr>
| style="text-align: left; vertical-align: top;" | A timeout in seconds after users are automatically disconnected from the Hotspot. The timeout countdown begins when a user is authenticated to the Hotspot and, after an amount of time specified in this field, the user gets disconnected from the Hotspot. 0 means unlimited
+
      <td>Session timeout</td>
|-
+
      <td>integer; default: <b>none</b></td>
! style="text-align: left; vertical-align: top;" | Download bandwidth
+
      <td>A timeout in seconds after users are automatically disconnected from the Hotspot. The timeout countdown begins when a user is authenticated to the Hotspot and, after an amount of time specified in this field, the user gets disconnected from the Hotspot. 0 means unlimited</td>
| style="text-align: left; vertical-align: top;" | integer; Default: " "
+
    </tr>
| style="text-align: left; vertical-align: top;" | Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s or Mbit/s
+
    <tr>
|-
+
    <td>Download bandwidth</td>
! style="text-align: left; vertical-align: top;" | Upload bandwidth
+
        <td>integer; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | integer; Default: " "
+
        <td>Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s, Mbit/s or Gbit/s</td>
| style="text-align: left; vertical-align: top;" | Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s or Mbit/s
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | Download limit
+
    <td>Upload bandwidth</td>
| style="text-align: left; vertical-align: top;" | integer; Default: " "
+
        <td>integer; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | A received data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Download limit is specified in MB
+
        <td>Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s, Mbit/s or Gbit/s</td>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Upload limit
+
    <tr>
| style="text-align: left; vertical-align: top;" | integer; Default: " "
+
      <td>Download limit</td>
| style="text-align: left; vertical-align: top;" | A sent data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Upload limit is specified in MB
+
      <td>integer; default: <b>none</b></td>
|-
+
      <td>A received data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Download limit is specified in MB</td>
! style="text-align: left; vertical-align: top;" | Period
+
    </tr>
| style="text-align: left; vertical-align: top;" | Month {{!}} Week {{!}} Day; Default: '''Month'''
+
    <tr>
| style="text-align: left; vertical-align: top;" | The beginning of the period during which the restriction specified in this section will apply. After the period is over, all specified limits are reset  
+
      <td>Upload limit</td>
|-
+
      <td>integer; default: <b>none</b></td>
! style="text-align: left; vertical-align: top;" | Start day {{!}} Start hour
+
      <td>A sent data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Upload limit is specified in MB</td>
| style="text-align: left; vertical-align: top;" | integer [1..31] {{!}} Monday..Sunday {{!}} integer [1..24]; Default: '''day 1'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Specifies which day of the month, week or hour of the day the limits will be reset
+
    <tr>
|-
+
    <td>Period</td>
|}
+
        <td>Month | Week | Day; default: '''Month'''</td>
 +
        <td>The beginning of the period during which the restriction specified in this section will apply. After the period is over, all specified limits are reset </td>
 +
    </tr>
 +
    <tr>
 +
    <td>Start day | Start hour</td>
 +
        <td>integer [1..31] | Monday..Sunday | integer [1..24]; default: '''day 1'''</td>
 +
        <td>Specifies which day of the month, week or hour of the day the limits will be reset</td>
 +
    </tr>
 +
</table>
  
 
===Users Configuration Settings===
 
===Users Configuration Settings===
Line 673: Line 920:
 
The '''Users Configuration''' tab is used to create new, unique users that can connect to the Hotspot.
 
The '''Users Configuration''' tab is used to create new, unique users that can connect to the Hotspot.
  
[[Image:Services hotspot configuration user.PNG]]
+
[[File:Services hotspot configuration user.PNG]]
  
{| class="wikitable"
+
<table class="nd-mantable">
|+
+
    <tr>
! style="width: 250px; background: black; color: white;"  | Field name
+
        <th>Field</th>
! style="width: 250px; background: black; color: white;"  | Value
+
      <th>Value</th>
! style="width: 1200px; background: black; color: white;" | Description
+
      <th>Description</th>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Username
+
    <tr>
| style="text-align: left; vertical-align: top;" | string; Default: " "
+
      <td>Username</td>
| style="text-align: left; vertical-align: top;" | A custom user name used to authenticate clients connecting to the Hotspot
+
      <td>string; default: <b>none</b></td>
|-
+
      <td>A custom user name used to authenticate clients connecting to the Hotspot</td>
! style="text-align: left; vertical-align: top;" | Password
+
    </tr>
| style="text-align: left; vertical-align: top;" | string; Default: " "
+
    <tr>
| style="text-align: left; vertical-align: top;" | A custom password for the specified user name
+
      <td>Password</td>
|-
+
      <td>string; default: <b>none</b> </td>
! style="text-align: left; vertical-align: top;" | Session Template
+
      <td>A custom password for the specified user name</td>
| style="text-align: left; vertical-align: top;" | string; Default: '''unlimited'''
+
    </tr>
| style="text-align: left; vertical-align: top;" | Session templates define session settings for different users. The '''unlimited''' Session Template is a default template with no restrictions. More on Session Template in the next section
+
    <tr>
|-
+
    <td>Session Template</td>
|}
+
        <td>string; default: '''unlimited'''</td>
 +
        <td>Session templates define session settings for different users. The '''unlimited''' Session Template is a default template with no restrictions. More on Session Template in the next section</td>
 +
    </tr>
 +
</table>
  
 
===Clients Configuration Settings===
 
===Clients Configuration Settings===
 
----
 
----
[[Image:Services hotspot radius server clients.PNG]]
+
[[File:Services hotspot radius server clients.PNG|border|class=tlt-border]]
  
{| class="wikitable"
+
<table class="nd-mantable">
|+
+
    <tr>
! style="width: 250px; background: black; color: white;"  | Field name
+
        <th>Field</th>
! style="width: 250px; background: black; color: white;"  | Value
+
      <th>Value</th>
! style="width: 1200px; background: black; color: white;" | Description
+
      <th>Description</th>
|-
+
    </tr>
! style="text-align: left; vertical-align: top;" | Enable
+
    <tr>
| style="text-align: left; vertical-align: top;" | yes {{!}} no; Default: '''no'''
+
      <td>Enable</td>
| style="text-align: left; vertical-align: top;" | Toggles Clients Configuration ON or OFF
+
      <td>yes | no; default: '''yes'''</td>
|-
+
      <td>Toggles Clients Configuration ON or OFF</td>
! style="text-align: left; vertical-align: top;" | Client name
+
    </tr>
| style="text-align: left; vertical-align: top;" | string; Default: " "
+
    <tr>
| style="text-align: left; vertical-align: top;" | A custom user name used to authenticate clients connecting to the Hotspot
+
      <td>Client name</td>
|-
+
      <td>string; default: <b>none</b></td>
! style="text-align: left; vertical-align: top;" | IP address
+
      <td>A custom user name used to authenticate clients connecting to the Hotspot</td>
| style="text-align: left; vertical-align: top;" | ip; Default: " "
+
    </tr>
| style="text-align: left; vertical-align: top;" | The IP address of the client
+
    <tr>
|-
+
    <td>IP address</td>
! style="text-align: left; vertical-align: top;" | Netmask
+
        <td>ip; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | integer [0..32]; Default: " "
+
        <td>The IP address of the client </td>
| style="text-align: left; vertical-align: top;" | The netmask of the client
+
    </tr>
|-
+
    <tr>
! style="text-align: left; vertical-align: top;" | Radius shared secret
+
    <td>Netmask</td>
| style="text-align: left; vertical-align: top;" | string; Default: " "
+
        <td>integer [0..32]; default: <b>none</b></td>
| style="text-align: left; vertical-align: top;" | Radius  shared  secret  used  for  communication  between the client/NAS and the radius server
+
        <td>The netmask of the client</td>
|-
+
    </tr>
|}
+
    <tr>
 +
    <td>Radius shared secret</td>
 +
        <td>string; default: <b>none</b></td>
 +
        <td>Radius  shared  secret  used  for  communication  between the client/NAS and the radius server</td>
 +
    </tr>
 +
</table>
  
 
==Statistics==
 
==Statistics==
  
The '''Statistics''' page shows statistics about connections to the hotspot.
+
The '''Statistics''' page shows statistics about connections to the hotspot. '''Reminder: Statistics page becomes visible only when device is connected to the hotspot.'''
 
 
[[Image:Services hotspot stats.PNG]]
 
  
==URL Parameters==
+
[[File:Services hotspot stats.PNG|border|class=tlt-border]]
 
 
Here you can set custom Captive Portal URL identification names.
 
 
 
[[Image:Services hotspot URL parameters rut850.PNG]]
 
 
 
{| class="wikitable"
 
|+
 
! style="width: 250px; background: black; color: white;"  | Field name
 
! style="width: 250px; background: black; color: white;"  | Value
 
! style="width: 1200px; background: black; color: white;" | Description
 
|-
 
! style="text-align: left; vertical-align: top;" | UAMip
 
| style="text-align: left; vertical-align: top;" | ip; Default: " "
 
| style="text-align: left; vertical-align: top;" | The IP Address of the Captive Portal gateway
 
|-
 
! style="text-align: left; vertical-align: top;" | UAMport
 
| style="text-align: left; vertical-align: top;" | integer [0..65535]; Default: " "
 
| style="text-align: left; vertical-align: top;" | The port on which the Captive Portal will serve web content
 
|-
 
! style="text-align: left; vertical-align: top;" | Called
 
| style="text-align: left; vertical-align: top;" | mac; Default: " "
 
| style="text-align: left; vertical-align: top;" | The MAC address of the IP Address of the Captive Portal gateway
 
|-
 
! style="text-align: left; vertical-align: top;" | MAC
 
| style="text-align: left; vertical-align: top;" | mac; Default: " "
 
| style="text-align: left; vertical-align: top;" | The MAC address of the client trying to gain Internet access
 
|-
 
! style="text-align: left; vertical-align: top;" | IP
 
| style="text-align: left; vertical-align: top;" | ip; Default: " "
 
| style="text-align: left; vertical-align: top;" | The IP Address of the client trying to gain Internet access
 
|-
 
! style="text-align: left; vertical-align: top;" | NASid
 
| style="text-align: left; vertical-align: top;" | string; Default: " "
 
| style="text-align: left; vertical-align: top;" | An identification for the Captive Portal used in the RADIUS request
 
|-
 
! style="text-align: left; vertical-align: top;" | Sessionid
 
| style="text-align: left; vertical-align: top;" | string; Default: " "
 
| style="text-align: left; vertical-align: top;" | The unique identifier for the session
 
|-
 
! style="text-align: left; vertical-align: top;" | Userurl
 
| style="text-align: left; vertical-align: top;" | url; Default: " "
 
| style="text-align: left; vertical-align: top;" | The URL which the user tried to access before he was redirected to the Captive Portal's URL's pages
 
|-
 
! style="text-align: left; vertical-align: top;" | Challenge
 
| style="text-align: left; vertical-align: top;" | string; Default: " "
 
| style="text-align: left; vertical-align: top;" | A challenge that should be used together with the user's password to create an encrypted phrase used to log on
 
|-
 
! style="text-align: left; vertical-align: top;" | Custom No. 1
 
| style="text-align: left; vertical-align: top;" | string; Default: " "
 
| style="text-align: left; vertical-align: top;" | Adds a custom name and a custom value which will be displayed in url parameters
 
|-
 
! style="text-align: left; vertical-align: top;" | Custom No. 2
 
| style="text-align: left; vertical-align: top;" | string; Default: " "
 
| style="text-align: left; vertical-align: top;" | Adds a custom name and a custom value which will be displayed in url parameters
 
|-
 
|}
 
  
 
==Manage==
 
==Manage==
Line 795: Line 992:
 
With the help of the '''Manage''' page you manage the users that are connected to your Hotspot. To reach the '''Manage''' window, go to Services->Hotspot. The '''Manage''' button will be located next to your Hotspot instance.
 
With the help of the '''Manage''' page you manage the users that are connected to your Hotspot. To reach the '''Manage''' window, go to Services->Hotspot. The '''Manage''' button will be located next to your Hotspot instance.
  
[[Image:Services hotspot manage reach.PNG]]
+
[[File:Services hotspot manage reach.PNG|border|class=tlt-border]]
 +
 
 +
[[File:Services hotspot manage.PNG|border|class=tlt-border]]
  
[[Image:Services hotspot manage.PNG]]
+
[[Category:RUT850 Services section]]

Latest revision as of 09:21, 10 December 2020

Main Page > RUT Routers > RUT850 > RUT850 Manual > RUT850 WebUI > RUT850 Services section > RUT850 Hotspot

The information in this page is updated in accordance with the RUT850_R_00.01.04 firmware version.

Summary

Wireless Hotspots are essentially Wireless Access Points - they provide network and/or internet access to other WiFi devices. The difference is that Hotspots are a lot more versatile when it comes to managing, monitoring and authenticating the wireless network's users. For example, while Wireless APs can be password protected, with Hotspots you can configure different users with different names, passwords, even data limits and data speeds and more. This chapter is an overview of the Wireless Hotspot function in RUT routers.

General

The General tab is where most of the Hotspot configurations take place. This section will be divided into six sub-sections - one for each Authentication mode, since the chosen Authentication mode will define how the Hotspot will be configured in general.

External Radius


External Radius authentication mode uses an external Radius server, to which you have to provide an address to, instead of using the router's internal Radius server.

Services hotspot configuration external v 2.PNG

Field Value Description
Configuration profile Custom | Cloud4wi | Hotspotsystem; default: Custom If not set to Custom, Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the Walled Garden section. Used only with External radius Authentication mode.
Enable yes | no; default: no Toggles Wi-Fi Hotspot ON or OFF
AP IP ip; default: 192.168.2.254/24 Access Point IP address defines the IP address of your Hotspot's network
Logout address host | ip; default: 1.1.1.1 An address that can be used by users to logout from the Hotspot session
Authentication mode External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; default: Without radius Authentication mode defines how users will connect to the Hotspot
Authentication protocol PAP | CHAP; default: PAP Authentication protocol used to authenticate new connections on the Hotspot
Terms of service yes | no; default: no If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the Landing Page section
RADIUS server #1 | RADIUS server #2 ip; default: none The IP address of the RADIUS server that is to be used for Authenticating your wireless clients
Authentication port integer [0..65535]; default: 1812 RADIUS server authentication port
Accounting port integer [0..65535]; default: 1813 RADIUS server accounting port
Radius secret key string; default: none The secret key is a password used for authentication with the RADIUS server
UAM port integer [0..65535]; default: 3990 Port to bind for authenticating clients
UAM UI port integer [0..65535]; default: 4990 UAM User Interface port
UAM secret string; default: none Shared secret between the UAM server and the Hotspot
NAS identifier string; default: none NAS-Identifier is one of the basic RADIUS attributes
Swap octets yes | no; default: no Swaps the meaning of input octets and output as it relates to RADIUS attributes
Location name string; default: none Custom location name for your Hotspot
External landing page yes | no; default: no Enables the use of an external landing page
Landing page address string; default: none A custom Hotspot's external landing page
Success URL string; default: none A custom redirect URL after successful Hotspot login
Protocol HTTP | HTTPS; default: HTTP Connection protocol of your Hotspot
HTTPS to landing page redirect yes | no; default: no Redirects HTTP pages to landing page
SSL key file .key file; default: none SSL key file used for authentication. This field becomes visible only if HTTPS to landing page redirect is enabled
SSL certificate file .crt file; default: none SSL certificate file used for authentication. This field becomes visible only if HTTPS to landing page redirect is enabled
Use custom DNS yes | no; default: no Enables the use of custom DNS servers instead of your regular DNS
DNS server 1 | DNS server 2 ip; default: none Additional DNS servers that are to be used by the Hotspot. These fields become visible only if Use custom DNS is enabled

Internal Radius


Internal Radius is Authentication mode that uses the router's internal RADIUS server for authentication. Teltonika routers' RADIUS server has RFC 2866 RADIUS Accounting and RFC 2869 RADIUS Extensions implemented.

Services hotspot configuration internal v 2.PNG

Field Value Description
Configuration profile Custom | Cloud4wi | Hotspotsystem; default: Custom If not set to Custom, Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the Walled Garden section. Used only with External radius Authentication mode.
Enable yes | no; default: no Toggles Wi-Fi Hotspot ON or OFF
AP IP ip; default: 192.168.2.254/24 Access Point IP address defines the IP address of your Hotspot's network
Logout address host | ip; default: 1.1.1.1 An address that can be used by users to logout from the Hotspot session
Authentication mode External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; default: Without radius Authentication mode defines how users will connect to the Hotspot
Terms of service yes | no; default: no If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the Landing Page section
External landing page yes | no; default: no Enables the use of an external landing page
Landing page address string; default: none A custom Hotspot's external landing page
Success URL string; default: none A custom redirect URL after successful Hotspot login
HTTPS to landing page redirect yes | no; default: no Redirects HTTP pages to landing page
SSL key file .key file; default: none SSL key file used for authentication. This field becomes visible only if HTTPS to landing page redirect is enabled
SSL certificate file .crt file; default: none SSL certificate file used for authentication. This field becomes visible only if HTTPS to landing page redirect is enabled
Use custom DNS yes | no; default: no Enables the use of custom DNS servers instead of your regular DNS
DNS server 1 | DNS server 2 ip; default: none Additional DNS servers that are to be used by the Hotspot. These fields become visible only if Use custom DNS is enabled

Information on how to configure Internal radius server can be found here.

Without Radius


Without Radius Authentication doesn't use a Radius server to authenticate users connecting to the Hotspot, instead it gives you the possibility to configure different users with different password and session parameters.

Services hotspot configuration without v 2.PNG

Field Value Description
Configuration profile Custom | Cloud4wi | Hotspotsystem; default: Custom If not set to Custom, Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the Walled Garden section. Used only with External radius Authentication mode.
Enable yes | no; default: no Toggles Wi-Fi Hotspot ON or OFF
AP IP ip; default: 192.168.2.254/24 Access Point IP address defines the IP address of your Hotspot's network
Logout address host | ip; default: 1.1.1.1 An address that can be used by users to logout from the Hotspot session
Authentication mode External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; default: Without radius Authentication mode defines how users will connect to the Hotspot
Terms of service yes | no; default: no If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the Landing Page section
External landing page yes | no; default: no Enables the use of an external landing page
Landing page address string; default: none A custom Hotspot's external landing page
Success URL string; default: none A custom redirect URL after successful Hotspot login
Protocol HTTP | HTTPS; default: HTTP Connection protocol of your Hotspot
HTTPS to landing page redirect yes | no; default: no Redirects HTTP pages to landing page
SSL key file .key file; default: none SSL key file used for authentication. This field becomes visible only if HTTPS to landing page redirect is enabled
SSL certificate file .crt file; default: none SSL certificate file used for authentication. This field becomes visible only if HTTPS to landing page redirect is enabled
Use custom DNS yes | no; default: no Enables the use of custom DNS servers instead of your regular DNS
DNS server 1 | DNS server 2 ip; default: none Additional DNS servers that are to be used by the Hotspot. These fields become visible only if Use custom DNS is enabled

Users Configuration


The Users Configuration tab is used to create new, unique users that can connect to the Hotspot.

Services hotspot configuration user.PNG

Field Value Description
Username string; default: none A custom user name used to authenticate clients connecting to the Hotspot
Password string; default: none A custom password for the specified user name
Session Template string; default: unlimited Session templates define session settings for different users. The unlimited Session Template is a default template with no restrictions. More on Session Template in the next section

Session Templates


A Session Template is a set of rules that can be prescribed to a Hotspot user. A default template named unlimited is present in the router, but it has no configured restrictions. You can edit the default template or you can create a custom template and configure it.

Services hotspot configuration session template.PNG

Field Value Description
Idle timeout integer; default: none A timeout in seconds after which idle users are automatically disconnected from the Hotspot. 0 means unlimited
Session timeout integer; default: none A timeout in seconds after users are automatically disconnected from the Hotspot. The timeout countdown begins when a user is authenticated to the Hotspot and, after an amount of time specified in this field, the user gets disconnected from the Hotspot. 0 means unlimited
Download bandwidth integer; default: none Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s, Mbit/s, Gbit/s
Upload bandwidth integer; default: none Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s, Mbit/s or Gbit/s
Download limit integer; default: none A received data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Download limit is specified in MB
Upload limit integer; default: none A sent data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Upload limit is specified in MB
Period Month | Week | Day; default: Month The beginning of the period during which the restriction specified in this section will apply. After the period is over, all specified limits are reset
Start day | Start hour integer [1..31] | Monday..Sunday | integer [1..24]; default: day 1 Specifies which day of the month, week or hour of the day the limits will be reset


The Advertisement Authentication mode doesn't use any kind of actual authentication. Instead when a user connects to the Hotspot he first gets redirected to a specified advertisement page. After that the user is free to use the Hotspot.

Services hotspot configuration advertisement v3.PNG

Field Value Description
Configuration profile Custom | Cloud4wi | Hotspotsystem; default: Custom If not set to Custom, Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the Walled Garden section. Used only with External radius Authentication mode.
Enable yes | no; default: no Toggles Wi-Fi Hotspot ON or OFF
AP IP ip; default: 192.168.2.254/24 Access Point IP address defines the IP address of your Hotspot's network
Authentication mode External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; default: Without radius Authentication mode defines how users will connect to the Hotspot
Advertisement address host | ip; default: none The address of the advertisement page that newly connected users will be redirected to
HTTPS to landing page redirect yes | no; default: no Redirects HTTP pages to landing page
SSL key file .key file; default: none SSL key file used for authentication. This field becomes visible only if HTTPS to landing page redirect is enabled
SSL certificate file .crt file; default: none SSL certificate file used for authentication. This field becomes visible only if HTTPS to landing page redirect is enabled
Use custom DNS yes | no; default: no Enables the use of custom DNS servers instead of your regular DNS
DNS server 1 | DNS server 2 ip; default: none Additional DNS servers that are to be used by the Hotspot. These fields become visible only if Use custom DNS is enabled

MAC auth


MAC auth Authentication mode authenticates users by their MAC address. A list of accepted or unaccepted MAC addresses can be configured in the router's WebUI's Wireless section under Interface Configuration->MAC Filter

Services hotspot configuration mac v 2.PNG

Field Value Description
Configuration profile Custom | Cloud4wi | Hotspotsystem; default: Custom If not set to Custom, Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the Walled Garden section. Used only with External radius Authentication mode.
Enable yes | no; default: no Toggles Wi-Fi Hotspot ON or OFF
AP IP ip; default: 192.168.2.254/24 Access Point IP address defines the IP address of your Hotspot's network
Logout address host | ip; default: 1.1.1.1 An address that can be used by users to logout from the Hotspot session
Authentication mode External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; default: Without radius Authentication mode defines how users will connect to the Hotspot
Terms of service yes | no; default: no If enabled, users have to agree to the Terms of service before logging in. Custom Terms of service can be defined in the Landing Page section
Password protection yes | no; default: no Enables Hotspot password protection
Password string; default: none A password used to authenticate connecting clients to the Hotspot
Website access link Link | Auto redirect | Custom address; default: Link Requested website access mode
Protocol HTTP | HTTPS; default: HTTP Connection protocol of your Hotspot
HTTPS to landing page redirect yes | no; default: no Redirects HTTP pages to landing page
SSL key file .key file; default: none SSL key file used for authentication. This field becomes visible only if HTTPS to landing page redirect is enabled
SSL certificate file .crt file; default: none SSL certificate file used for authentication. This field becomes visible only if HTTPS to landing page redirect is enabled
Use custom DNS yes | no; default: no Enables the use of custom DNS servers instead of your regular DNS
DNS server 1 | DNS server 2 ip; default: none Additional DNS servers that are to be used by the Hotspot. These fields become visible only if Use custom DNS is enabled

SMS OTP


With SMS OTP Authentication mode connecting users are prompted to enter their phone number. After that, the router sends and SMS message containing a code to the specified number. Users then authenticate themselves to the Hotspot using this code.

Services hotspot configuration sms v 2.PNG

Field Value Description
Configuration profile Custom | Cloud4wi | Hotspotsystem; default: Custom If not set to Custom, Configuration profile selections will automatically fill all the fields in accordance with the chosen profile. It also automatically adds an exception for the chosen service in the Walled Garden section. Used only with External radius Authentication mode.
Enable yes | no; default: no Toggles Wi-Fi Hotspot ON or OFF
AP IP ip; default: 192.168.2.254/24 Access Point IP address defines the IP address of your Hotspot's network
Authentication mode External radius | Internal radius | Without radius | Advertisement | MAC auth | SMS OTP; default: Without radius Authentication mode defines how users will connect to the Hotspot
Protocol HTTP | HTTPS; default: HTTP Connection protocol of your Hotspot
HTTPS to landing page redirect yes | no; default: no Redirects HTTP pages to landing page
SSL key file .key file; default: none SSL key file used for authentication. This field becomes visible only if HTTPS to landing page redirect is enabled
SSL certificate file .crt file; default: none SSL certificate file used for authentication. This field becomes visible only if HTTPS to landing page redirect is enabled
Use custom DNS yes | no; default: no Enables the use of custom DNS servers instead of your regular DNS
DNS server 1 | DNS server 2 ip; default: none Additional DNS servers that are to be used by the Hotspot. These fields become visible only if Use custom DNS is enabled

Walled Garden


You can configure a list of addresses that users connected to the Hotspot will be able to reach without any authentication. By default this list is empty. Click the Add button to add a new address.

Services hotspot configuration walled garden.png

Field Value Description
Enable yes | no; default: yes Enables or disables an entry of the list
Address host | ip; default: none An address that users connected to the Hotspot can reach without authentication
Port integer [0..65535]; default: none Specifies the port through which the user can connect to the provided address. This field becomes visible only if Allow subdomains is disabled
Allow subdomains yes | no; default: no If checked, users can connect to the specified address and all of its subdomains

Restricted Internet Access

The Restricted Internet Access page provides you with the possibility to restrict internet access on Hotspot on specified hours. Blue squares represent restricted access, white squares - allowed access. Bellow is an example of a configuration that restricts internet access outside of working hours.

Services hotspot restricted list.PNG

Logging

The Hotspot Logging section is used to send Hotspot or Wireless information to an FTP or Syslog server. Services hotspot logging configuration logging.PNG

Field Value Description
Enable yes | no; default: no Enables or disables whole logging section's fuctionality

Services hotspot logging configuration syslog.PNG

Field Value Description
Enable yes | no; default: no Toggles logging to Syslog ON or OFF
Server address host | ip; default: " " Syslog server address
Port integer [0..65535]; default: " " Syslog server port
Protocol UDP|TCP default: TCP Protocol of the syslog server
Prefix text string; default: " " Prefix custom text to streamed messages
Protocol filter UDP|TCP|Any; default: Any Filter log messages depending on protocol
Port filter integer [0..65535]; default: " " Filter log messages depending on port of port range


Services hotspot logging configuration ftp.PNG

Field Value Description
Enable yes | no; default: no Toggles logging to FTP ON or OFF
Server address host | ip; default: your.ftp.server FTP server address.
User name string; default: username User name used for authentication when logging into an FTP server
Password string; default: password Password used for authentication when logging into an FTP server
Port integer [0..65535]; default: 21 FTP server port
File name extras No extra information | MAC address | Serial number | Custom string; default: No extra information Extra information to be added to the log filename

FTP Upload Settings


Here you can configure your timing settings for the log upload via FTP feature.

Services hotspot logging configuration ftp set.PNG

Field Value Description
Mode Fixed | Interval; default: Fixed The scheduling mode to be used for uploading to FTP server
Hours time; default: 8 hours Time interval when the uploads will take place
Minutes time;default: 15 minutes Time interval when the uploads will take place
Days time;default: Monday, Tuesday, Wednesday, Thursday, Friday On which day upload will take place

Wifi Log/SMS OTP Log


WiFi and SMS OTP logs show information about connections to your WiFi Hotspot. FTP logging has to be enabled. Services hotspot logging configuration Wifi log.PNG Services hotspot logging configuration SMS OTP log.PNG

Landing Page

This section is used to define how your Hotspot's Landing Page will look like.

Services hotspot landing page general.PNG

Template


This is a template based on the default landing page. You can edit its HTML code to make it look however you want!

Services hotspot landing page template.PNG

Custom Landing Page


Radius Server

This section is used to configure your Radius Server for use with Internal radius Authentication mode

Services hotspot radius server.PNG

Field Value Description
Enable yes | no; default: no Toggles Radius Server ON or OFF
Remote access yes | no; default: no Toggles remote access to the Radius Server ON or OFF.
Accounting port integer [0..65535]; default: 1813 Radius server accounting port
Authentication port integer [0..65535]; default: 1812 Radius server authentication port


Session Settings


A Session Template is a set of rules that can be prescribed to a Hotspot user. A default template named unlimited is present in the router, but it has no configured restriction. You can edit the default template or you can create a custom template and configure it.

Services hotspot configuration session template.PNG

Field Value Description
Idle timeout integer; default: none A timeout in seconds after which idle users are automatically disconnected from the Hotspot. 0 means unlimited
Session timeout integer; default: none A timeout in seconds after users are automatically disconnected from the Hotspot. The timeout countdown begins when a user is authenticated to the Hotspot and, after an amount of time specified in this field, the user gets disconnected from the Hotspot. 0 means unlimited
Download bandwidth integer; default: none Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s, Mbit/s or Gbit/s
Upload bandwidth integer; default: none Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Kbit/s, Mbit/s or Gbit/s
Download limit integer; default: none A received data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Download limit is specified in MB
Upload limit integer; default: none A sent data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Upload limit is specified in MB
Period Month | Week | Day; default: Month The beginning of the period during which the restriction specified in this section will apply. After the period is over, all specified limits are reset
Start day | Start hour integer [1..31] | Monday..Sunday | integer [1..24]; default: day 1 Specifies which day of the month, week or hour of the day the limits will be reset

Users Configuration Settings


The Users Configuration tab is used to create new, unique users that can connect to the Hotspot.

Services hotspot configuration user.PNG

Field Value Description
Username string; default: none A custom user name used to authenticate clients connecting to the Hotspot
Password string; default: none A custom password for the specified user name
Session Template string; default: unlimited Session templates define session settings for different users. The unlimited Session Template is a default template with no restrictions. More on Session Template in the next section

Clients Configuration Settings


Services hotspot radius server clients.PNG

Field Value Description
Enable yes | no; default: yes Toggles Clients Configuration ON or OFF
Client name string; default: none A custom user name used to authenticate clients connecting to the Hotspot
IP address ip; default: none The IP address of the client
Netmask integer [0..32]; default: none The netmask of the client
Radius shared secret string; default: none Radius shared secret used for communication between the client/NAS and the radius server

Statistics

The Statistics page shows statistics about connections to the hotspot. Reminder: Statistics page becomes visible only when device is connected to the hotspot.

Services hotspot stats.PNG

Manage

With the help of the Manage page you manage the users that are connected to your Hotspot. To reach the Manage window, go to Services->Hotspot. The Manage button will be located next to your Hotspot instance.

Services hotspot manage reach.PNG

Services hotspot manage.PNG