Browan BW1330 User Manual Download

Page: 23 / 70

User’s Guide

Version 1.0

Figure 15 – RADIUS Settings

On the second page:

network interface | RADIUS | servers

you can specify up to 32 different

RADIUS

servers for authentication and accounting (see

Figure 16 – RADIUS Servers

). One of the

RADIUS server entries can be specified as the default server. Thus, if a user cannot be associated to
any specific service provider by his login name, the Access Controller will send authentication and
accounting messages to the default

RADIUS

server.

Figure 16 – RADIUS Servers

Make sure that the

RADIUS

server is up and running and is able to receive authentication requests

from the Access Controller.

Step 5. Welcome/Login/Start pages

The most popular authentication method for public users is the

UAM

(Universal Access Method).

UAM

can be enabled using the

system | access | AAA

menu. With UAM users can log-on to the

Access Controller using their web browser. As an operator of a wireless access service you can
provide a custom set of web pages to your subscribers.

welcome

page (default = Internal

，

Enabled) - the first page that is presented when users

start their web browser.

login

page (default = Internal) – the page containing the log-on fields for user name and

password. This page is presented as default when the welcome page is disabled.

logout

page (default = Internal) - the page that pops up after successful authentication. It

includes information about the online session such as online time and transferred data.

help

page (default = Internal) - the page with online help information for log-on.

unauthorized

page (default = Internal) - the page which appears if web login method is

disabled.

The default user login page looks like the picture below:

BROWAN Page

Summary of Contents for BW1330

Page 2: ......

Page 3: ...ations Trademarks The product described in this book is a licensed product of Browan Communications Microsoft Windows 95 Windows 98 Windows Millennium Windows NT Windows 2000 Windows XP and MS DOS are registered trademarks of the Microsoft Corporation Novell is a registered trademark of Novell Inc MacOS is a registered trademark of Apple Computer Inc Java is a trademark of Sun Microsystems Inc Wi ...

Page 4: ...be installed and operated with minimum distance 20cm between the radiator and your body This transmitter must not be co located or operating in conjunction with any other antenna or transmitter CE Mark Warning This is a Class A product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures R TTE Compliance Statement This...

Page 5: ...2 INSTALLATION 10 The Product Package 10 Hardware Introduction 11 General Overview 11 Back Panel 12 LEDs 12 Connectors 13 Stand 14 Wall Mount 14 Connecting the Access Controller 15 Initialization 16 Access Your BW1330 16 Software Introduction KickStart 17 Step by Step Setup 20 CHAPTER 3 UNIVERSAL ADDRESS TRANSLATION 23 What is UAT 23 UAT Principle 23 UAT Limitation 23 CHAPTER 4 USER PAGES BASED ON...

Page 6: ...nterface Configuration Bridge 60 Network Interface Configuration VLAN 62 Network Interface Configuration Route 63 Network Interface Configuration Port Forwarding 64 Network Interface Configuration DHCP Relay 65 Network Interface Configuration User ACL 65 Network Interface Configuration Management Subnet 66 Network Interface DNS 67 Network Interface DHCP 68 Network Interface POP3 70 Network Interfa...

Page 7: ...cess Web Auth 109 System Access Mac List 110 System Access HTTPC 110 System Status 110 System Reset 112 System Update 113 Connection 115 Connection Users 115 Connection E mail Redirection 117 Connection Station Supervision 117 Built In AAA 118 Built in AAA E Billing 118 Built in AAA E Billing User Control 118 Built in AAA E Billing Band Class 121 Built in AAA E Billing Bill setting 121 Built in AA...

Page 8: ...annels 130 C CLI Commands and Parameters 131 Network Commands 131 User Commands 135 System Commands 137 Status Commands 140 Connection Commands 140 D Location ID and ISO Country Codes 141 E User Pages Templates Syntax 145 GLOSSARY 150 BROWAN Page 6 ...

Page 9: ...ons and troubleshooting knowledge Conventions Used in this Document The following typographic conventions and symbols are used throughout this document Very important information Failure to observe this may result in damage Important information that should be observed Additional information that may be helpful but which is not required Menu commands buttons and input fields are displayed in bold ...

Page 10: ...ed and personalized services Inter Provider roaming and multi OSS support is guaranteed by the persistent usage of standardized protocols and interfaces like RADIUS HTTPS and XML As all BW1330 are compliant with the recommendations of the Wi Fi Alliance WISP roaming group Remote Control The BW1330 is placed at the edge of a broadband access network and allows operators to provide cost effective pu...

Page 11: ...mote user login logout session status control via https XML AAA proxy server for simultaneous EAP and UAM Per user bandwidth management Web proxy support IP Router and IP address management Static IP routing table NAT NAPT IP masquerading Port forwarding 802 1q VLAN support Transparent VPN client pass through PPTP IPsec ESP Selective source routing PPPoE client GRE Tunnel DHCP server relay gateway...

Page 12: ...r comes with the following High Performance Hopspot Access Point model BW1330 Detachable Antennas Dipole Antenna with R TNC plug connector 2 units External power supply Input 100 240VAC 50 60Hz Output 12VDC 1 unit Ethernet Patch Cable STP 1 5 m length 1 unit Installation CD containing BW1330 User Guide in PDF format KickStart Utility Product Firmware Release Notes Adobe Acrobat Readers Printed War...

Page 13: ...working and connection operations The reverse panel of the Access Controller contains Connectors which enable you to make different network connections for the controller Reset button enables you to reboot or reset the device configuration to the factory defaults Press the Reset button for less than 3 seconds to reboot the controller Press the Reset button for more than 10 seconds to set the contr...

Page 14: ...t model BW1330 MAC address of the device The label item 2 in figure above shows the LAN interface MAC address of the device You can determine the WAN and WLAN Up to 16 MBSSID interfaces MAC addresses by a simple calculation WAN interface MAC LAN MAC 1 Hex WLAN MBSSID interface MAC LAN MAC 1 Hex by sequence up to 16 MAC LEDs The Access Controller has several LEDs located on the front panel Figure 3...

Page 15: ...linking Data transmitting On WLAN active working 5 WLAN Green Blinking Data transmitting Connectors The Access Controller has several connectors on the rear panel Figure 4 Connectors Descriptions of the connectors are given in the following table BROWAN Page 13 Item Connector Description Power For power supply 1 2 Reset Reboot or reset to factory defaults Press the reset button for less than 3 sec...

Page 16: ...the direction of red arrow to release and insert the stand at the back of BW1330 figure 5 release stand figure 6 insert stand Wall Mount BW1330 is also designed for wall mounting Refer to the step 1 and step 2 to fix the stand on the wall and lock the BW1330 on it figure 7 wall mount BROWAN Page 14 ...

Page 17: ...nect one Ethernet patch cable to the LAN port of the Access Controller and to a free hub port on your local network Step 3 Connect the WAN port of the Access Controller to an Ethernet port of a broadband Internet modem or router Step 4 Connect the power adapter to the Access Controller Step 5 Wait 30 seconds until the boot process is finished and check to ensure that at least the following LEDs ar...

Page 18: ...cess your BW1330 using the Web browser Step 1 Access your device via LAN connected by RJ 45 cat 5 cable or wirelessly connect to BW1330 by default SSID BW1330 without any encryption Waitting for DHCP server to give an IP address 192 168 3 x to your client PC Open the Web browser and type the IP address of the BW1330 https 192 168 3 1 a rg Configure your PC with a static IP address on the 192 168 2...

Page 19: ...nected APs ACs Quick access to your AC via HTTPS telnet SSH Setting new IP address of your AC Reset to factory default settings Default access in case of lost administrator password Firmware updates To install the KickStart utility insert the Installation CD into your CD ROM drive Find and install the utility from the product CD into the computer If the Installation CD does not start automatically...

Page 20: ...n 1 0 figure 10 kick start utility Step 2 Select your controller and right click Select Open WEB item to launch the web management interface through the secure https connection figure 11 kick start utility BROWAN Page 18 ...

Page 21: ...he controller web interface The controller system statistics page is displayed by default figure 12 administrator page If you cannot connect to the device via your web browser because of TCP IP mis configuration you can reset the product to the factory default Press the reset button for more than 10 seconds Now you are enabled to perform the initial controller configuration Follow the next section...

Page 22: ...al domain name server or enter the DNS server provided by your ISP Internet Service Provider Figure 14 DNS Redirection DNS is set automatically if provided by the ISP dynamically via DHCP PPPoE Step 3 IP Address Management For automatic IP assignments to client stations set the DHCP settings in the network interface DHCP menu according to your TCP IP configuration from step 1 Only use address rang...

Page 23: ...ersal Access Method UAM can be enabled using the system access AAA menu With UAM users can log on to the Access Controller using their web browser As an operator of a wireless access service you can provide a custom set of web pages to your subscribers welcome page default Internal Enabled the first page that is presented when users start their web browser login page default Internal the page cont...

Page 24: ...inistrator password in the user interface administrator menu Step 7 E mail Redirection If you have a SMTP mail server available for your subscribers enter its IP address and SMTP port number in the connection menu under the item e mail redirection All outgoing e mail passing through the Access Controller will be redirected to this server Step 8 Save Configuration and Restart Make sure you have sav...

Page 25: ...le BW1330 acts as an ARP proxy to each client who has a fixed IP which not belong to the subnet of LAN interface As below figure descript BW1330 will automatic reply a client s ARP Request if its IP doesn t belong to its LAN subnet to pretend as if BW1330 is its Gateway then inside BW1330 a unicast router will be added for UAT client Figure 18 UAT Principle UAT Limitation When using UAT operators ...

Page 26: ...User s Guide Version 1 0 figure 19 UAT Limitation BROWAN Page 24 Figure 20 another subnet under BW1330 ...

Page 27: ...n web login or EAP login methods are disabled on the Access Controller for subscribers All further presented user pages are factory default The Hotspot operator can upload new templates for all user pages User Pages Overview Welcome Page Welcome page is the first page a Hotspot subscriber receives when he starts his web browser and enters any URL By default it s a very simple page and provides onl...

Page 28: ... User Pages Logout Page Make sure the JavaScript is enabled on your Web browser otherwise you will not receive the logout page The Logout page contains the detailed subscriber s session information and provides function for logging out of the network Figure 23 Logout Page Detailed AC subscriber s session information includes Logout button click the button to logout from the network The log out pop...

Page 29: ...lick the button to refresh the subscriber session information The Hotspot operator can change the logout page interface according to its needs See more details in section Changing User Pages All session details are further accessible via the operator XML interface Help Page Click on the get help link in the login page for help tips related to network registration A page appears similar to the foll...

Page 30: ... pages HTML Hypertext Markup Language for help unauthorized pages The welcome Login and logout pages must be in XSL format The following image formats are supported for new templates Other formats are not accepted PNG GIF JPG The following examples demonstrate the use of internal and external user pages User Pages templates samples can be found in the Installation CD delivered to you with the prod...

Page 31: ... other than supported formats Such uploaded pages will not be displayed properly Step 5 Save entered changes with the apply changes button figure 29 configure external pages Step 6 Check for new uploaded user page e g login figure 30 new login page If at anytime you wish to restore factory default user pages click the reset button under the system reset menu BROWAN Page 29 ...

Page 32: ...interface configuration upload menu click the upload button to upload new prepared user pages Figure 32 upload page The memory space in the AC for internal user pages is limited to 1 MB Step 3 Specify the location Examples directory if you use the Installation CD of new user page templates by clicking the browse button or enter the location manually Specify the location for the additional files of...

Page 33: ...es until all necessary images are uploaded Step 5 Check for the newly uploaded user pages and images to ensure that everything is uploaded and displayed correctly Go to the link https device IP address to get to the new user welcome page figure 34 customize welcome page Click the here link or enter the link directly https device IP address login user to get to the new user login page BROWAN Page 3...

Page 34: ...User s Guide Version 1 0 figure 35 customize login page If at anytime you wish to restore the factory default user pages click the reset button under the system reset menu BROWAN Page 32 ...

Page 35: ...directs the client to the welcome or login URL on AC In order to render the custom login screen HTML page the AC must be configured to 2 fetch XSL script from a remote server which in this case is a Web Application Server WAS or have custom XSL uploaded on the AC There is the ability to enable caching of XSL scripts see User Interface Configuration Pages thus avoiding fetching of the same document...

Page 36: ...AS RADIUS Server 1 Initial Request 2 Replay with HTTP redirect 3 Direct client communication with WAS 4 Client sends his her login and password 8 WAS reports client status authenticated or not 5 WAS tries to authenticate client 6 AC sends request to RADIUS 7 RADIUS replay authenticated or not Figure 37 Client Remote Authentication Scheme 2 The initial client request 1 can be redirected to the spec...

Page 37: ...t Optional The IP address of the LAN interface the user is connected to Can be changed or specified under the network interface configuration interface configuration menu Lanip In order to logon log off or get user status WAS submits POST request to the following URLs 1 Remote user logon Script name pplogon user Parameters secret shared secret to protect page from accidental use ip IP address of u...

Page 38: ...tect page from accidental use ip IP address of user to be logged off username Username of the user to be logged off mac AC address of the user to be logged off All parameters are required except the IP and MAC At least one of IP and MAC addresses should be supplied If supplied only IP user is checked and logged off by username and IP If IP and MAC addresses are supplied then user is checked and lo...

Page 39: ...Secret username UserName ip user _IP_address Script produces XML output XML output when some error occurs ppstatus status No user by IP status error 122 error description User with supplied IP address not found description ppstatus Response statuses and error codes status error description OK 0 User status is ok Not checked 100 Status information not checked No IP 101 No user IP address supplied N...

Page 40: ... entry entry id 12 unlimited entry entry id 13 32 Mbps entry entry id 14 32 Mbps entry entry id 15 04 59 55 entry entry id 16 EAP entry ppstatus Status detailed information by ID BROWAN Page 38 id description 1 User name 2 User IP address 3 User MAC address 4 Session time 5 Session ID 6 User idle time 7 Output bytes 8 Input bytes 9 User WISP name 10 Remaining bytes 11 Remaining output bytes 12 Rem...

Page 41: ...330 User may use any HTML editing tools to modify the template contents to create a new personalized login logout page Configure Authentication Free Access Policy Login BW13330 as super administrator and go to system access Web auth menu From the diagram below edit the ip web auth method status and set to enabled Figure 38 configure IP authentication Once the status of the ip web auth method is se...

Page 42: ...on After clicking the upload button an Update Custom UAM Files screen will appear See diagram below Figure 41 upload files Enter the physical path and filename of the coffee template files or click the browse button to search the BW1330 CD where coffee template files are located The first two items are for login html and logout html files Additional files are for CSS and image files such as jpg gi...

Page 43: ...button to start the uploading files to BW1330 Only ten Additional files can be uploaded at one time To upload more additional file repeat the same upload process in step 2 4 but please be aware of the first two items are only for login html and logout html files Image files can only be uploaded to Additional file fields BROWAN Page 41 ...

Page 44: ...ersion 1 0 Figure 44 upload other files Once all files are uploaded successfully a list of Uploaded File List will show Figure 45 files have been uploaded Verify if all files are uploaded successfully BROWAN Page 42 ...

Page 45: ...ize and height size setting of logout page and press the Save button E g the coffee bar template the suggested size of logout page is 1024 x 768 Figure 47 set the pixels of logout window Step3 Everything is ready Now any users that access the internet via the BW1330 will see the new personalized login and logout pages Let s look at the new appearance of login and logout page based on the coffee ba...

Page 46: ...User s Guide Version 1 0 Figure 48 example of coffee bar login page Figure 49 example of coffee bar logout page BROWAN Page 44 ...

Page 47: ...ameborder 0 iframe td These set of code uses an embedded window to show the session data in logout window Comment them with HTML comments language and will hide the session data in logout window 3 Question If I don t want the logout window to pop up to users how could I do Answer Please login BW1330 and go to user interface configuration Custom UAM to disable pop logout page 4 Question If I happen...

Page 48: ...N Scroll through the history of commands Get Connection to CLI There are three different ways to get a connection to the CLI of the Access Controller via the Telnet SSH client Terminal Telnet Connection Make sure that default access status is allowed and telnet function is enabled on the AC before trying to connect via telnet Otherwise no telnet connection will be available Connect the Access Cont...

Page 49: ...port RS 232 on the BW1330 enables a connection to PC or terminal directly 1 Connect one of the connectors of the RS 232 cable directly to the console port on the BW1330 2 Connect the other end of the cable to the COM port of the PC or the terminal running the communication software The connection operates at 9600 baud 8 data bits 1 stop bit and no parity Login Enter the administrator login setting...

Page 50: ...ures controller interface settings DNS DHCP UAT and RADIUS settings A full list of all available network commands subcommands and its parameters is available in the Appendix section C CLI Commands and Parameters The network commands themselves contain several subcommands and the subcommands again contain several parameters In general network command usage is as follows network command subcommand1 ...

Page 51: ...accounting All available parameters on entered subcommand are displayed Figure 56 Configure Network 3 To configure the desired controller interface setting type all required parameters with values and subcommands network command subcommand1 subcommand2 parameter value e g network radius servers accounting 1 a 127 0 0 2 p 1814 s testing111 where parameters are as follows a RADIUS server IP address ...

Page 52: ... In some cases entered commands without parameters display current controller configuration or settings network command subcommad1 subcommad2 e g radius servers accounting displays available RADIUS servers and its settings list in this case the RADIUS accounting server which is already updated Figure 58 Configure Network 5 BROWAN Page 50 ...

Page 53: ... commands type user Figure 59 User Commands List To get a list of all available subcommands for a specific command type user command e g user walled_garden All available subcommands for walled garden free sites are displayed Figure 60 Configure User Interface 1 To configure selected user interface settings type User command subcommand1 subcommand2 parameter value e g user walled_garden url A u www...

Page 54: ...le status commands subcommands and their parameters is available in the Appendix section C CLI Commands and Parameters In general the status command usage is as follows Status command To get the full list of the status commands type status Figure 62 System Status Commands List To get the general device status information type status device Figure 63 Device Status Here you can find the current firm...

Page 55: ...tem Commands List Telnet To make a telnet connection type the telnet command in the command line telnet The telnet client is activated and ready for a telnet session Figure 65 Telnet Session Quit the telnet to return to CLI interface Reboot To stop the controller and reboot the device type the reboot command in the command line No configuration changes are done The last saved configuration is appl...

Page 56: ...the Simple Network Management Protocol A Full Internet Standard defined in RFC 1157 RFC 1157 replaces the earlier versions that were published as RFC 1067 and RFC 1098 Security is based on community strings SNMPv2c the community string based Administrative Framework for SNMPv2 SNMPv2c the C stands for community is an Experimental Internet Protocol defined in RFC 1901 RFC 1905 and RFC 1906 SNMPv2c ...

Page 57: ...community strings authenticate access to MIB objects and function as embedded passwords In order for the SNMP manager to access the controller the community string must match one of the two community string definitions on the controller A community string can be as follows Read only gives read access to authorized management stations to all objects in the MIB except the community strings but does ...

Page 58: ...ndard MIBs The Private MIB identifies manageable objects and their properties that are specific to the managed device MIBs let you manage device not only by using WEB or Command Line Interface but also using SNMP protocol The descriptions and brief explanations of managed objects are available in the MIB file The MIB file is a specially formatted text file It is using the so called ASN 1 standard ...

Page 59: ...Interface configuration network interfaces configuration Bridge bridge configuration VLAN define VLAN on your controller Route define new static route on the controller interface Port forwarding port forwarding rules DHCP Relay DHCP relay server configuration User ACL define packet filter rules Management subnet access points APs management DNS define DNS server settings DHCP Dynamic Host Configur...

Page 60: ...entication Status AC system status Reset reset configuration to factory defaults values and or reboot Update find out current software version and update with new firmware Connection Users connected users statistics list and log out user function E Mail Redirection outgoing mail SMTP redirection settings Station Supervision monitor station availability with ARP pings settings Built in AAA E Billin...

Page 61: ...iguration Settings part 1 Interface standard interface name This name cannot be edited and is assigned by the operating system during startup Interface name cannot be changed because the hardware drivers define it Status select the status of interface enabled disabled Do not disable the interface through which you are connected to the BW1330 Disabling such interface will lose your connection to th...

Page 62: ...o restart the server and apply the changes Network Interface Configuration Bridge A bridge transparently relays traffic between multiple network interfaces This means that a bridge connects two or more physical LAN interfaces together to form one bigger logical network interface There are some restrictions for bridge management that shall be taken into account There is special bridge br1 in BW1330...

Page 63: ...al between hello packets in seconds 0 65535 Hello packets are used to communicate information about the topology throughout the entire Bridged LAN Default value is 0 Max Age specify the maximum bridge message age in seconds 0 65535 If the last received hello packet is more than this value the bridge in question will initiate the Root Bridge election procedure Default value is 0 Click continue butt...

Page 64: ... non editable by default is disabled ID assign ID for your VLAN network 1 to 4094 Client devices that associate using the ID are grouped into this VLAN You can not create VLANs which interface includes in bridge such as ixp0 If you want to create VLANs on the interface ixp0 you must separate ixp0 from bridge br1 interface via network interface configuration Bridge menu Refer to Chapter 8 Network I...

Page 65: ...ew VLAN Network Interface Configuration Route Under the network interface configuration route menu static routes for the Ethernet interfaces can be set By default no static routes are defined on the system Figure 83 Route A routing rule is defined by the target subnet target IP address and subnet mask interface and or gateway where to route the target traffic A data packet that is directed to the ...

Page 66: ...forwards TCP or UDP traffic trough the BW1330 controller s local port to the specified remote port Use the network interface configuration port forwarding menu to specify such a port forwarding rule By default no port forwards are defined on the controller Figure 86 Port Forwarding Rules Click the new button to add a port forwarding rule Figure 87 Add Port Forwarding Rule Status select status enab...

Page 67: ...utton Figure 90 Create a new rule first step First step select the rule policy drop accept masquerade to deal with packet and the packet type all TCP UDP ICMP Then decide the incoming and outgoing interfaces any br1 ixp1 Figure 91 Create a new rule second step Second step select the type of source IP and destination IP special IP any IP Figure 92 Create a new rule third step Third step choose the ...

Page 68: ...are in the management subnet s remote administrator s network This is because the management subnet allows connecting to the client computer without using port forwarding The administrator can enable or disable management subnet for each interface By default no management subnet is enabled on the controller Figure 96 Management Subnet To specify new subnet management click the edit button on the s...

Page 69: ... x they are not routed in the Internet so the administrator should setup routers in a path between the BW1330 and the administrator s computer to recognize 10 x x x addresses and route them correctly This is not comfortable and sometimes it is impossible There is a solution the administrator can use GRE tunnel see Network Interface Tunnels to setup a tunnel between the administrator s computer and...

Page 70: ... workstations Other settings such as the default gateway and DNS server address are configured automatically according to the interface settings To see the complete DHCP service configuration click the details button in the action column Figure 101 DHCP Settings Details To edit the DHCP service configuration DHCP server DHCP relay click the edit button in the action column Figure 102 Edit DHCP Con...

Search results

Summary of Contents for BW1330

Reviews:

Related manuals for BW1330

Brands by name

Popular brands

Browan BW1330, User Manual

Search results

Summary of Contents for BW1330

Reviews:

Related manuals for BW1330

Brands by name

Popular brands