Difference between revisions of "Template:Networking rutos manual hotspot"
From Teltonika Networks Wiki
(Created page with "{{Template:Networking_rutos_manual_fw_disclosure | fw_version = {{{series}}}_R_00.02.03.1 | series = {{{series}}} }} ==Summary== '''Hotspot''' is a service that provides...") |
Gytispieze (talk | contribs) |
||
| (35 intermediate revisions by 6 users not shown) | |||
| Line 1: | Line 1: | ||
| − | {{Template:Networking_rutos_manual_fw_disclosure | + | {{Template: Networking_rutos_manual_fw_disclosure |
| − | | fw_version = {{{series}}} | + | | fw_version ={{Template: Networking_rutos_manual_latest_fw |
| − | | | + | | series = {{{series}}} |
| + | | name = {{{name}}} | ||
| + | }} | ||
}} | }} | ||
| + | {{#ifeq: {{{series}}} | RUT9 |<br><i><b>Note</b>: <b>[[{{{name}}} Hotspot (legacy WebUI)|click here]]</b> for the old style WebUI (FW version {{Template: Networking_rutos_manual_latest_fw | series = RUT9XX}} and earlier) user manual page.</i>|}} | ||
| + | {{#ifeq: {{{series}}} | RUT2 |<br><i><b>Note</b>: <b>[[{{{name}}} Hotspot (legacy WebUI)|click here]]</b> for the old style WebUI (FW version {{Template: Networking_rutos_manual_latest_fw | series = RUT2XX}} and earlier) user manual page.</i>|}} | ||
| + | ==Summary== | ||
| − | == | + | On Teltonika Networks devices a <b>Hotspot</b> is a service that provides authentication, authorization and accounting for a network. This chapter is an overview of the Hotspot section for {{{name}}} devices. |
| + | {{#switch: {{{series}}} | ||
| + | | #default = | ||
| + | | RUT36X|RUT9|TCR1|RUT2|RUT2M|RUT9M = | ||
| + | <u><b> | ||
| − | + | Note:</b> Hotspot is additional software that can be installed from the <b>Services → [[{{{name}}} Package Manager|Package Manager]]</b> page.</u> | |
| + | }} | ||
| − | + | ==General== | |
| − | |||
| − | |||
| − | + | ===Hotspot Instances=== | |
| + | ---- | ||
| + | The <b>Hotspot Instances</b> section displays the main parameters of your Hotspot. By default, a Hotspot instance does not exist on the device. To create a new instance and begin configuration: | ||
| − | + | <ol> | |
| − | + | <li>select an 'Interface';</li> | |
| − | + | <li>click the 'Add' button;</li> | |
| + | </ol> | ||
| − | [[File: | + | [[File:Networking_rutos_manual_hotspot_hotspot_instances_add_button_edit_buton_wifi_{{{wifi}}}.png|border|class=tlt-border]] |
| − | |||
| − | + | After this, a new Hotspot configuration window will appear. | |
| − | The | + | ====General Settings==== |
| + | ---- | ||
| + | The <b>General Settings</b> window is where most of the Hotspot configuration takes place. Look to the sub-sections below for information on configuration fields found in the General Settings sections. | ||
| − | ====General==== | + | =====General===== |
---- | ---- | ||
| − | [[File: | + | [[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_general_v2.png|border|class=tlt-border]] |
<table class="nd-mantable"> | <table class="nd-mantable"> | ||
<tr> | <tr> | ||
| − | + | <th>Field</th> | |
| − | + | <th>Value</th> | |
| − | + | <th>Description</th> | |
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Configuration profile</td> | ||
| + | <td>Cloud4wi | Default | Hotspotsystems; default: <b>Default</b></td> | ||
| + | <td>Pre-configures Hotspot settings according to the selected service provider.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Enable</td> | ||
| + | <td>off | on; default: <b>on</b></td> | ||
| + | <td>Turns the Hotspot instance on or off.</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Hotspot Network</td> | |
| − | + | <td>ip/netmask; default: <b>192.168.2.0/24</b></td> | |
| − | + | <td>IP address and subnet of the Hotspot network.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>IP Address</td> | |
| − | + | <td>ip; default: '''192.168.2.254'''</td> | |
| − | + | <td>Defines the IP address of your Hotspot router in network.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Authentication mode</td> | |
| − | + | <td>Radius | Local user | {{#ifeq:{{{mobile}}}|1|SMS OTP <nowiki>|</nowiki> |}}MAC auth ; default: <b>Local users</b></td> | |
| − | + | <td>Authentication mode defines how users will connect to the Hotspot.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Allow signup</td> | |
| − | + | <td>off | <span style="color: #20C0D7;"><b>on</b></span>; default: <b>off</b></td> | |
| − | + | <td>Allows users to sign up to hotspot via landing page.</td> | |
| − | |||
| − | </ | ||
| − | |||
| − | |||
| − | |||
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td><span style="color: #20C0D7;">Expiration time</span></td> | |
| − | + | <td>integer; default: <b>0</b></td> | |
| − | + | <td>User credential expiration time. Applies to users who signed up via landing page.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td><span style="color: #20C0D7;">Users group</span></td> | |
| − | + | <td>user group; default: <b>default</b></td> | |
| − | + | <td>The user group to which users signed up via landing page should be assigned to.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Landing Page</td> | |
| − | + | <td>Internal | <span style="color: #f43b1a;">External</span>; default: <b>Internal</b></td> | |
| − | + | <td>If external Landing Page is chosen, new section, to enter website address, will appear, e.g., <i><nowiki>http://www.example.com</nowiki></i></td> | |
| + | </tr> | ||
| + | <tr> | ||
| + | <td>UAM Port</td> | ||
| + | <td>integer; default: <b>3990</b></td> | ||
| + | <td>Port to bind for authenticating clients.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td><span style="color: #f43b1a;">UAM Secret</span></td> | ||
| + | <td>string; default: <b>none</b></td> | ||
| + | <td>Shared secret between uamserver and hotspot.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Success page</td> | ||
| + | <td>Success Page | Original URL | Custom; default: <b>Success page</b></td> | ||
| + | <td>Location to return to after successful authentication.</td> | ||
</tr> | </tr> | ||
</table> | </table> | ||
| − | ====Advanced==== | + | =====Advanced===== |
---- | ---- | ||
| − | + | [[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_advanced.png|border|class=tlt-border]] | |
| − | [[File: | ||
<table class="nd-mantable"> | <table class="nd-mantable"> | ||
| − | + | <tr> | |
| − | + | <th>Field</th> | |
| − | + | <th>Value</th> | |
| − | + | <th>Description</th> | |
| − | |||
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Additional interfaces</td> | |
| − | + | <td>Available interfaces; default: '''none'''</td> | |
| − | + | <td>Shows additional interfaces that can be attached to hotspot instance.</td> | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Logout address</td> | |
| − | + | <td>ip; default: '''1.0.0.0'''</td> | |
| − | + | <td>An address that can be used by users to logout from the Hotspot session.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Protocol</td> | |
| − | + | <td>HTTP | HTTPS; default: <b>HTTP</b></td> | |
| − | + | <td>Protocol to be used for landing page.</td> | |
| − | </tr | + | </tr> |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
<tr> | <tr> | ||
| − | + | <td>Enable TOS</td> | |
| − | + | <td>off | on; default: <b>off</b></td> | |
| − | + | <td>Enables Terms of Service (ToS) requirement. Client device will be able to access the Internet only after agreeing ToS.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Trial access</td> | |
| − | + | <td>off | <span style="color: #f43b1a; font-weight: bold;">on</span>; default: <b>off</b></td> | |
| − | + | <td>Enables trial internet access for a specific group.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td><span style="color: #f43b1a;">Trial access</span>: Group</td> | |
| − | + | <td>User group; default: <b>default</b> | |
| − | + | <td>Group of trial users.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>HTTPS to landing page redirect</td> | |
| − | + | <td>off | <span style="color: #20C0D7;"><b>on</b></span>; default: <b>off</b></td> | |
| − | + | <td>Redirect initial pre-landing page HTTPS requests to hotspot landing page.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td><span style="color: #20C0D7;"><b>Certificate files from device</b></span></td> | |
| − | + | <td>off | on; default: <b>off</b></td> | |
| − | + | <td>Specified whether to upload key & certificate files from computer or to use files generated on this device via the <i>System → Administration → <b>[[{{{name}}} Administration#Certificates|Certificates]]</b></i> page.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td><span style="color: #20C0D7;">SSL key file</span></td> | |
| − | + | <td>key file; default: <b>none</b></td> | |
| − | + | <td>Upload/select SSL key.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td><span style="color: #20C0D7;">SSL certificate file</span></td> | |
| − | + | <td>certificate file; default: <b>none</b></td> | |
| − | + | <td>Upload/select SSL certificate.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>DNS server 1</td> | |
| − | + | <td>ip; default: <b>8.8.8.8</b></td> | |
| − | + | <td>Additional DNS servers that are to be used by the Hotspot.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>DNS server 2</td> | |
| − | + | <td>ip; default: <b>8.8.4.4</b></td> | |
| − | + | <td>Additional DNS servers that are to be used by the Hotspot.</td> | |
</tr> | </tr> | ||
</table> | </table> | ||
| − | ==== | + | =====Radius===== |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
---- | ---- | ||
| + | </b>Radius</b> authentication mode uses an external RADIUS server, to which you have to provide an address to, instead of using the router's Local Authentication. If you are using Local authentication, this section is not visible. | ||
| − | + | [[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_radius.png|border|class=tlt-border]] | |
| − | |||
| − | [[File: | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
<table class="nd-mantable"> | <table class="nd-mantable"> | ||
<tr> | <tr> | ||
| − | + | <th>Field</th> | |
| − | + | <th>Value</th> | |
| − | + | <th>Description</th> | |
| + | </tr> | ||
| + | <tr> | ||
| + | <td>RADIUS server #1</td> | ||
| + | <td>ip; default: <b>none</b></td> | ||
| + | <td>The IP address of the RADIUS server #1 that is to be used for Authenticating your wireless clients.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>RADIUS server #2</td> | ||
| + | <td>ip; default: <b>none</b></td> | ||
| + | <td>The IP address of the RADIUS server #2 that is to be used for Authenticating your wireless clients.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Authentication port</td> | ||
| + | <td>integer [0..65535]; default: <b>1812</b></td> | ||
| + | <td>RADIUS server authentication port.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Accounting port</td> | ||
| + | <td>integer [0..65535]; default: <b>1813</b> </td> | ||
| + | <td>RADIUS server accounting port.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>NAS identifier</td> | ||
| + | <td>string; default: <b>none</b></td> | ||
| + | <td>NAS-Identifier is one of the basic RADIUS attributes.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Radius secret key</td> | ||
| + | <td>string; default: <b>none</b></td> | ||
| + | <td>The secret key is a password used for authentication with the RADIUS server.</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Swap octets</td> | |
| − | + | <td>off | on; default: <b>off</b></td> | |
| − | + | <td>Swaps the meaning of input octets and output as it relates to RADIUS attributes.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Location name</td> | |
| − | + | <td>string; default: <b>none</b></td> | |
| − | + | <td>Custom location name for your Hotspot.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Location ID</td> | |
| − | + | <td>string; default: <b>none</b></td> | |
| − | + | <td>Custom location ID for your Hotspot.</td> | |
</tr> | </tr> | ||
</table> | </table> | ||
| − | == | + | =====Walled Garden===== |
| + | ---- | ||
| + | You can add a list of addresses that users connected to the Hotspot will be able to reach without any authentication. | ||
| + | By default this list is empty. Simply write addresses into the Address List. | ||
| − | + | Format of address is <b>website.com</b> (does not include https://www). | |
| − | [[File: | + | [[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_walled_garden.png|border|class=tlt-border]] |
| − | + | =====URL Parameters===== | |
| + | ---- | ||
| + | The <b>URL parameters</b> section becomes visible when <b>Landing page</b> is selected as <b>External</b> in [[{{{name}}}_Hotspot#General_2|General settings]] section. | ||
| − | [[File: | + | [[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_urlparams.png|border|class=tlt-border]] |
<table class="nd-mantable"> | <table class="nd-mantable"> | ||
<tr> | <tr> | ||
| − | + | <th>Field</th> | |
| − | + | <th>Value</th> | |
| − | + | <th>Description</th> | |
| + | </tr> | ||
| + | <tr> | ||
| + | <td>UAM IP</td> | ||
| + | <td>string; default: <b>none</b></td> | ||
| + | <td>The IP Address of the Captive Portal gateway.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>UAM port</td> | ||
| + | <td>string; default: <b>none</b></td> | ||
| + | <td>The port on which the Captive Portal will serve web content.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Called</td> | ||
| + | <td>string; default: <b>none</b></td> | ||
| + | <td>The MAC address of the IP Address of the Captive Portal gateway.</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>MAC</td> | |
| − | + | <td>string; default: <b>none</b></td> | |
| − | + | <td>The MAC address of the client trying to gain Internet access.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>NAS id</td> | |
| − | + | <td>string; default: <b>none</b></td> | |
| − | + | <td>An identification for the Captive Portal used in the RADIUS request.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Session id</td> | |
| − | + | <td>string; default: <b>none</b></td> | |
| − | + | <td>The unique identifer for session.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>User url</td> | |
| − | + | <td>string; default: <b>none</b></td> | |
| − | + | <td>The URL which the user tried to access before he were redirected to the Captive Portal's URL's pages.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Challenge</td> | |
| − | + | <td>string; default: <b>none</b></td> | |
| − | + | <td>A challenge that should be used together with the user's password to create an encrypted phrase used to log on.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Custom 1</td> | |
| − | + | <td>string; default: <b>none</b></td> | |
| − | + | <td>Add custom name and custom value which will be displayed in url parameters.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>-</td> | |
| − | + | <td>SSID | Hostname | FW version | --Custom--; default: <b>SSID</b></td> | |
| − | + | <td>-</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>Custom 2</td> | |
| − | + | <td>string; default: <b>none</b></td> | |
| − | + | <td>Add custom name and custom value which will be displayed in url parameters.</td> | |
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | + | <td>-</td> | |
| − | + | <td>SSID | Hostname | FW version | --Custom--; default: <b>SSID</b></td> | |
| − | + | <td>-</td> | |
</tr> | </tr> | ||
</table> | </table> | ||
| + | |||
| + | =====User Scripts===== | ||
| + | ---- | ||
| + | In this section you can add custom <b>Scripts</b> that will be executed after a session is authorized in the <b>Session up</b> section, after session has moved from authorized state to unauthorized in the <b>Session down</b> section and after a new user has been signed up in the <b>User signup</b> section. | ||
| + | |||
| + | [[File:Networking_rutos_manual_hotspot_general_hotspot_instances_general_settings_user_scripts.png|border|class=tlt-border]] | ||
| + | |||
| + | ==Local Users== | ||
| + | |||
| + | The <b>Local Users</b> section is used to create and manage users that can connect to the Hotspot. The elements comprising the Local Users page are explained in the list and figure below. | ||
| + | |||
| + | <ol> | ||
| + | <li>Entering a Username, Password and clicking the 'Add' button creates a new user.</li> | ||
| + | <li>The 'Group' dropdown menu assigns a user to another group.</li> | ||
| + | <li>The 'Edit' button lets you change a user's password or assign the user to another group.</li> | ||
| + | <li>The 'Delete[X]' button deletes a user.</li> | ||
| + | </ol> | ||
| + | |||
| + | [[File:Networking_rutos_manual_hotspot_local_users_add_button_edit_button.png|border|class=tlt-border]] | ||
==Landing Page== | ==Landing Page== | ||
| − | This section is used to define how your Hotspot's Landing Page will look like. | + | This section is used to define how your Hotspot's <b>Landing Page</b> will look like to connecting users. |
===General Settings=== | ===General Settings=== | ||
---- | ---- | ||
| − | + | <b>General Settings</b> section lets you choose the authentication protocol and theme that will be used in the Landing Page. You can download more themes using the [[{{{name}}}_Package_Manager|Package Manager]] | |
| − | [[File: | + | [[File:Networking_rutos_manual_hotspot_landing_page_general_settings.png|border|class=tlt-border]] |
===Themes=== | ===Themes=== | ||
---- | ---- | ||
| − | The <b>Themes</b> section | + | The <b>Themes</b> section displays all available Landing Page themes. In order to edit a theme, click the 'Edit' button next to it. |
| − | [[File: | + | [[File:Networking_rutos_manual_hotspot_landing_page_themes_edit_button.png|border|class=tlt-border]] |
====Images==== | ====Images==== | ||
---- | ---- | ||
| − | The <b>Images</b> section allows you to upload custom images to different objects. | + | The <b>Images</b> section allows you to upload custom images to different objects. |
| − | [[File: | + | [[File:Networking_rutos_manual_hotspot_landing_page_themes_images.png|border|class=tlt-border]] |
| − | ====Style | + | ====Style Settings==== |
---- | ---- | ||
| − | Pressing edit button [[File:Networking rutx manual edit button v1.png]] next to style settings lets you edit how your landing page will look visually using CSS syntax. | + | Pressing edit button [[File:Networking rutx manual edit button v1.png]] next to style settings lets you edit how your |
| + | landing page will look visually using CSS syntax. | ||
| − | [[File: | + | [[File:Networking_rutos_manual_hotspot_landing_page_themes_style_settings.png|border|class=tlt-border]] |
| − | ====View | + | ====View Settings==== |
---- | ---- | ||
| + | In <b>View Settings</b> you can access and modify default templates for various parts of landing page and edit their HTML code. | ||
| + | |||
| + | [[File:Networking_rutos_manual_hotspot_landing_page_themes_view_settings.png|border|class=tlt-border]] | ||
| + | |||
| + | ==User Groups== | ||
| + | |||
| + | <b>User Groups</b> provides the possibility to set different connection limits for different users. A group called 'default' is already created and does not have any limitations set by default. You can | ||
| + | |||
| + | <ol> | ||
| + | <li>create a new group by entering a custom Name and clicking 'Add'</li> | ||
| + | <li>or configure the existing rule by clicking the 'Edit' button next to it.</li> | ||
| + | </ol> | ||
| + | |||
| + | [[File:Networking_rutos_manual_hotspot_user_groups_edit_button.png|border|class=tlt-border]] | ||
| + | |||
| + | A group's settings page will look similar to this: | ||
| − | + | [[File:Networking_rutos_manual_hotspot_user_groups_group_default_settings_v2.png|border|class=tlt-border]] | |
| − | + | <table class="nd-mantable"> | |
| + | <tr> | ||
| + | <th>Field</th> | ||
| + | <th>Value</th> | ||
| + | <th>Description</th> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Idle timeout</td> | ||
| + | <td>integer; default: <b>none</b></td> | ||
| + | <td>A timeout in seconds after which idle users are automatically disconnected from the Hotspot. (0 means | ||
| + | unlimited.)</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Time limit</td> | ||
| + | <td>integer; default: <b>none</b></td> | ||
| + | <td>Disables hotspot user after time limit in sec is reached. (0, meaning unlimited)</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Download bandwidth</td> | ||
| + | <td>integer; default: <b>none</b></td> | ||
| + | <td> Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Mbit/s.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Upload bandwidth</td> | ||
| + | <td>integer; default: <b>none</b></td> | ||
| + | <td>Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Mbit/s.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Download limit</td> | ||
| + | <td>integer; default: <b>none</b></td> | ||
| + | <td>A received data limit that the users assigned to this template can reach. After the data limit is reached, | ||
| + | the user will lose data connection. Download limit is specified in MB.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Upload limit</td> | ||
| + | <td>integer; default: <b>none</b></td> | ||
| + | <td>A sent data limit that the users assigned to this template can reach. After the data limit is reached, the | ||
| + | user will lose data connection. Upload limit is specified in MB.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Warning</td> | ||
| + | <td>integer; default: <b>none</b></td> | ||
| + | <td>Send an SMS warning to hotspot user after warning value of download or upload data in MB is reached. Only works with SMS OTP authentication.</td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Period</td> | ||
| + | <td>Month | Week | Day; default: <b>Month</b></td> | ||
| + | <td>The beginning of the period during which the restriction specified in this section will apply. After the | ||
| + | period is over, all specified limits are reset. </td> | ||
| + | </tr> | ||
| + | <tr> | ||
| + | <td>Start day</td> | ||
| + | <td>integer [1..31] | Monday..Sunday | integer [1..24]; default: <b>1</b></td> | ||
| + | <td>Choices changes depending on what 'Period' was chosen. Specifies which day of the month, week or hour of the | ||
| + | day the limits will be reset.</td> | ||
| + | </tr> | ||
| + | </table> | ||
| − | ==User | + | ==User Management== |
| − | The <b>User management</b> section | + | The <b>User management</b> section displays the status and session statistics of currently logged in users. You can also "kick" (deauthenticate) a user by clicking the 'Logout' button next to it. |
| − | [[File: | + | [[File:Networking_rutos_manual_hotspot_user_management.png|border|class=tlt-border]] |
[[Category:{{{name}}} Services section]] | [[Category:{{{name}}} Services section]] | ||
Revision as of 11:53, 3 June 2022
Template:Networking rutos manual fw disclosure
Summary
On Teltonika Networks devices a Hotspot is a service that provides authentication, authorization and accounting for a network. This chapter is an overview of the Hotspot section for {{{name}}} devices.
General
Hotspot Instances
The Hotspot Instances section displays the main parameters of your Hotspot. By default, a Hotspot instance does not exist on the device. To create a new instance and begin configuration:
- select an 'Interface';
- click the 'Add' button;
[[File:Networking_rutos_manual_hotspot_hotspot_instances_add_button_edit_buton_wifi_{{{wifi}}}.png|border|class=tlt-border]]
After this, a new Hotspot configuration window will appear.
General Settings
The General Settings window is where most of the Hotspot configuration takes place. Look to the sub-sections below for information on configuration fields found in the General Settings sections.
General
| Field | Value | Description |
|---|---|---|
| Configuration profile | Cloud4wi | Default | Hotspotsystems; default: Default | Pre-configures Hotspot settings according to the selected service provider. |
| Enable | off | on; default: on | Turns the Hotspot instance on or off. |
| Hotspot Network | ip/netmask; default: 192.168.2.0/24 | IP address and subnet of the Hotspot network. |
| IP Address | ip; default: 192.168.2.254 | Defines the IP address of your Hotspot router in network. |
| Authentication mode | Radius | Local user | MAC auth ; default: Local users | Authentication mode defines how users will connect to the Hotspot. |
| Allow signup | off | on; default: off | Allows users to sign up to hotspot via landing page. |
| Expiration time | integer; default: 0 | User credential expiration time. Applies to users who signed up via landing page. |
| Users group | user group; default: default | The user group to which users signed up via landing page should be assigned to. |
| Landing Page | Internal | External; default: Internal | If external Landing Page is chosen, new section, to enter website address, will appear, e.g., http://www.example.com |
| UAM Port | integer; default: 3990 | Port to bind for authenticating clients. |
| UAM Secret | string; default: none | Shared secret between uamserver and hotspot. |
| Success page | Success Page | Original URL | Custom; default: Success page | Location to return to after successful authentication. |
Advanced
| Field | Value | Description |
|---|---|---|
| Additional interfaces | Available interfaces; default: none | Shows additional interfaces that can be attached to hotspot instance. |
| Logout address | ip; default: 1.0.0.0 | An address that can be used by users to logout from the Hotspot session. |
| Protocol | HTTP | HTTPS; default: HTTP | Protocol to be used for landing page. |
| Enable TOS | off | on; default: off | Enables Terms of Service (ToS) requirement. Client device will be able to access the Internet only after agreeing ToS. |
| Trial access | off | on; default: off | Enables trial internet access for a specific group. |
| Trial access: Group | User group; default: default | Group of trial users. |
| HTTPS to landing page redirect | off | on; default: off | Redirect initial pre-landing page HTTPS requests to hotspot landing page. |
| Certificate files from device | off | on; default: off | Specified whether to upload key & certificate files from computer or to use files generated on this device via the System → Administration → [[{{{name}}} Administration#Certificates|Certificates]] page. |
| SSL key file | key file; default: none | Upload/select SSL key. |
| SSL certificate file | certificate file; default: none | Upload/select SSL certificate. |
| DNS server 1 | ip; default: 8.8.8.8 | Additional DNS servers that are to be used by the Hotspot. |
| DNS server 2 | ip; default: 8.8.4.4 | Additional DNS servers that are to be used by the Hotspot. |
Radius
Radius authentication mode uses an external RADIUS server, to which you have to provide an address to, instead of using the router's Local Authentication. If you are using Local authentication, this section is not visible.
| Field | Value | Description |
|---|---|---|
| RADIUS server #1 | ip; default: none | The IP address of the RADIUS server #1 that is to be used for Authenticating your wireless clients. |
| RADIUS server #2 | ip; default: none | The IP address of the RADIUS server #2 that is to be used for Authenticating your wireless clients. |
| Authentication port | integer [0..65535]; default: 1812 | RADIUS server authentication port. |
| Accounting port | integer [0..65535]; default: 1813 | RADIUS server accounting port. |
| NAS identifier | string; default: none | NAS-Identifier is one of the basic RADIUS attributes. |
| Radius secret key | string; default: none | The secret key is a password used for authentication with the RADIUS server. |
| Swap octets | off | on; default: off | Swaps the meaning of input octets and output as it relates to RADIUS attributes. |
| Location name | string; default: none | Custom location name for your Hotspot. |
| Location ID | string; default: none | Custom location ID for your Hotspot. |
Walled Garden
You can add a list of addresses that users connected to the Hotspot will be able to reach without any authentication. By default this list is empty. Simply write addresses into the Address List.
Format of address is website.com (does not include https://www).
URL Parameters
The URL parameters section becomes visible when Landing page is selected as External in [[{{{name}}}_Hotspot#General_2|General settings]] section.
| Field | Value | Description |
|---|---|---|
| UAM IP | string; default: none | The IP Address of the Captive Portal gateway. |
| UAM port | string; default: none | The port on which the Captive Portal will serve web content. |
| Called | string; default: none | The MAC address of the IP Address of the Captive Portal gateway. |
| MAC | string; default: none | The MAC address of the client trying to gain Internet access. |
| NAS id | string; default: none | An identification for the Captive Portal used in the RADIUS request. |
| Session id | string; default: none | The unique identifer for session. |
| User url | string; default: none | The URL which the user tried to access before he were redirected to the Captive Portal's URL's pages. |
| Challenge | string; default: none | A challenge that should be used together with the user's password to create an encrypted phrase used to log on. |
| Custom 1 | string; default: none | Add custom name and custom value which will be displayed in url parameters. |
| - | SSID | Hostname | FW version | --Custom--; default: SSID | - |
| Custom 2 | string; default: none | Add custom name and custom value which will be displayed in url parameters. |
| - | SSID | Hostname | FW version | --Custom--; default: SSID | - |
User Scripts
In this section you can add custom Scripts that will be executed after a session is authorized in the Session up section, after session has moved from authorized state to unauthorized in the Session down section and after a new user has been signed up in the User signup section.
Local Users
The Local Users section is used to create and manage users that can connect to the Hotspot. The elements comprising the Local Users page are explained in the list and figure below.
- Entering a Username, Password and clicking the 'Add' button creates a new user.
- The 'Group' dropdown menu assigns a user to another group.
- The 'Edit' button lets you change a user's password or assign the user to another group.
- The 'Delete[X]' button deletes a user.
Landing Page
This section is used to define how your Hotspot's Landing Page will look like to connecting users.
General Settings
General Settings section lets you choose the authentication protocol and theme that will be used in the Landing Page. You can download more themes using the [[{{{name}}}_Package_Manager|Package Manager]]
Themes
The Themes section displays all available Landing Page themes. In order to edit a theme, click the 'Edit' button next to it.
Images
The Images section allows you to upload custom images to different objects.
Style Settings
Pressing edit button 
next to style settings lets you edit how your
landing page will look visually using CSS syntax.
View Settings
In View Settings you can access and modify default templates for various parts of landing page and edit their HTML code.
User Groups
User Groups provides the possibility to set different connection limits for different users. A group called 'default' is already created and does not have any limitations set by default. You can
- create a new group by entering a custom Name and clicking 'Add'
- or configure the existing rule by clicking the 'Edit' button next to it.
A group's settings page will look similar to this:
| Field | Value | Description |
|---|---|---|
| Idle timeout | integer; default: none | A timeout in seconds after which idle users are automatically disconnected from the Hotspot. (0 means unlimited.) |
| Time limit | integer; default: none | Disables hotspot user after time limit in sec is reached. (0, meaning unlimited) |
| Download bandwidth | integer; default: none | Maximum download bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Mbit/s. |
| Upload bandwidth | integer; default: none | Maximum upload bandwidth that the users assigned to this template can achieve. Bandwidth can be specified in Mbit/s. |
| Download limit | integer; default: none | A received data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Download limit is specified in MB. |
| Upload limit | integer; default: none | A sent data limit that the users assigned to this template can reach. After the data limit is reached, the user will lose data connection. Upload limit is specified in MB. |
| Warning | integer; default: none | Send an SMS warning to hotspot user after warning value of download or upload data in MB is reached. Only works with SMS OTP authentication. |
| Period | Month | Week | Day; default: Month | The beginning of the period during which the restriction specified in this section will apply. After the period is over, all specified limits are reset. |
| Start day | integer [1..31] | Monday..Sunday | integer [1..24]; default: 1 | Choices changes depending on what 'Period' was chosen. Specifies which day of the month, week or hour of the day the limits will be reset. |
User Management
The User management section displays the status and session statistics of currently logged in users. You can also "kick" (deauthenticate) a user by clicking the 'Logout' button next to it.
[[Category:{{{name}}} Services section]]
