manualshive.com logo in svg

LevelOne AMG-2100, User Manual

The LevelOne AMG-2100 is a high-performance networking device designed for seamless connectivity. For a comprehensive understanding of its features and functions, download the free User Manual from manualshive.com. This manual provides detailed instructions for setting up and optimizing the device for your networking needs.

Share
Download
background image

User’s  Manual

 

AMG-2100 

Gigabit  Access  and  AP  Management  Gateway/ 

AMG-2101 

Gigabit  Access  and  AP  Management  Gateway  Plus

 

 

 

 

 

 

 

AMG-2100 

Gigabit Access and AP Management Gateway 

 

AMG-2101 

Gigabit Access and AP Management Gateway Plus 

 

User’s Manual

 

V1.0

 

 

 

Summary of Contents for AMG-2100

Page 1: ...0 Gigabit Access and AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus AMG 2100 Gigabit Access and AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Pl...

Page 2: ...mic IP 18 3 2 3 PPPoE 19 3 2 4 PPTP 20 3 3 Configuring WAN2 Port optional 21 3 4 Other WAN Traffic Settings 24 3 4 1 WAN Failover 25 3 4 2 Load Balance 26 3 4 3 Internet Connection Detection 27 3 4 4...

Page 3: ...01 7 1 3 Administrator Contact Information 103 7 1 4 Walled Garden 104 7 1 5 Walled Garden AD List 105 7 1 6 Mail Message 107 7 2 After User Login 108 7 2 1 Browse which Home Page after login success...

Page 4: ...164 12 Customization of Portal Pages 166 12 1 Customizable Pages 166 12 2 Loading a Customized Login Page 167 12 3 Load a Customized Logout Page 171 13 Payment Gateways 172 13 1 Payments via Authorize...

Page 5: ...s governed by the General Public License GPL agreement Adhering to the GPL requirements the open source code and open source license for the source code are available for free download at http global...

Page 6: ...ides this document there is a Quick Installation Guide QIG which is for starting up AMG 2100 AMG 2101 quickly It is recommended to start with the QIG and then refer to this manual for further details...

Page 7: ...es AMG 2100 AMG 2101 x 1 CD ROM with User s Manual and QIG x 1 Quick Installation Guide QIG x 1 Console Cable x 1 Crossover Ethernet Cable x 1 Straight through Ethernet Cable x 1 Power Cord x 1 Rack M...

Page 8: ...eries products AMG 2100 AMG 2101 is designed to be a multi service network access controller for enterprise or campus environment it is also deployed as a hotspot subscriber gateway often It is a pre...

Page 9: ...lications and multiple equipments on their own in order to manage and secure the internet network access for both wired and wireless clients With its billing plan and payment features WISPs and hospit...

Page 10: ...s section explains the basic concepts of AMG 2100 AMG 2101 the same concepts also apply to the other AMG Series products With the understanding of these concepts the administrator will be able to do m...

Page 11: ...e to access the network from different campuses Service Zone is a logic partition of AMG 2100 AMG 2101 s LAN network The concept of Service Zone is similar to the concept of virtual LAN VLAN which can...

Page 12: ...None by default Policy is for defining rules privileges or properties for managing users Each user group is bound by a Policy within a given Service Zone The same group may or may not be bound to the...

Page 13: ...one for students and one for the guests He also uses one zone for some shared servers in the diagram The access points at a physically location like the administration building may only allow the acc...

Page 14: ...2101 via these LAN ports 10 100 1000 Base T RJ 45 5 Reset Press and hold the Reset button for about 5 seconds and status of LED on front panel will start to blink before restarting the system Press an...

Page 15: ...d AP Management Gateway Plus 10 2 3 2 Real Panel 1 Power Supply Socket Connecting the power cord to the built in open frame power supply Input 100 240 VAC 50 60 Hz 2 Power Switch Power On Power Off O...

Page 16: ...ommended that you follow the Quick Installation Guide to start up the AMG 2100 AMG 2101 in a near default state with minimum configuration changes such as WAN settings and admin password then refer to...

Page 17: ...ont panel Connect the other end of the Ethernet cable to an xDSL cable modem or a switch hub of an internal network The LED of this port should be on to indicate a proper connection 4 Connect an Ether...

Page 18: ...3 below is a simple network diagram for the initial installation and configuration Start with this simple network topology to set up AMG 2100 AMG 2101 for the first time it helps to plan a more sophi...

Page 19: ...interface connect a PC to the Mgmt port and then launch a browse Make sure you have set DHCP in TCP IP of your PC to get an IP address dynamically Next enter the gateway IP address of AMG 2100 AMG 210...

Page 20: ...ting to the Mgmt port and you can t get the Administrator s login screen the reasons may be 1 The PC is set incorrectly so that the PC can t obtain the IP address automatically from the Mgmt port 2 Th...

Page 21: ...d WAN port let you achieve the goal AMG 2100 AMG 2101 has two LAN ports There could be other network bridge devices such as Layer 2 switches or VLAN switches between AMG 2100 AMG 2101 s LAN ports and...

Page 22: ...00 AMG 2101 will manually enter the fixed IP address as AMG 2100 AMG 2101 s WAN address Static Manually specifying the IP address of the WAN Port The fields with red asterisks are required to be fille...

Page 23: ...e is a DHCP server upstream for issuing dynamic IP addresses then you as the administrator of AMG 2100 AMG 2101 can configure AMG 2100 AMG 2101 to receive an IP address dynamically as AMG 2100 AMG 210...

Page 24: ...ximum Transmission Unit of a PPPoE frame The PPPoE protocol allows an Ethernet frame s size to be up to 1492 bytes but some ISP s network equipments may support a smaller frame size of than 1492 bytes...

Page 25: ...ssue you an account with a password as well as the PPTP server address PPTP When selecting PPTP to connect to the network please specify the given PPTP Server IP Address and enter the User Name Passwo...

Page 26: ...G 2100 AMG 2101 use WAN1 as the outgoing gateway that is all user groups traffic will use WAN1 as the Internet feed Administrator can change the Routing Profile of a Policy to use WAN2 as default gate...

Page 27: ...the IP address of the WAN2 port Subnet Mask the subnet mask of the network WAN2 port connects to Default Gateway a gateway of the network WAN2 port connects to Preferred DNS Server The primary DNS ser...

Page 28: ...ort a smaller frame size of than 1492 bytes In that case you have to enter a smaller number MTU number to meet the ISP s networking requirement MSS Short for Maximum Segment Size for a TCP connection...

Page 29: ...eed that goes outage By default the system assumes there is only one feed to WAN1 All the Policies by default route all clients internet traffic via WAN1 using the Internet pipe at WAN1 When you have...

Page 30: ...vailable WAN1 s traffic will be routed to WAN2 when WAN1 connection is down On the other hand a Service Zone s policy could also use WAN2 as its interface in that case if WAN2 is down the WAN2 s traff...

Page 31: ...em When enabled the system will allocate traffic between WAN1 and WAN2 dynamically according to designed algorithms based on the weight ratio WAN1 Weight The percentage of traffic through WAN1 Range 1...

Page 32: ...if it can get responses from three target sites The administrator can specify the three target sites Go to System WAN Traffic Administrator can further specification a warning text which will be displ...

Page 33: ...traffic though the WAN interface WAN1 and WAN2 ports To configure WAN Bandwidth Limit Go to System WAN Traffic These parameters in the raw of Available Bandwidth on WAN Interface are used for matchin...

Page 34: ...h offices By associating a unique VLAN Tag and SSID with a Service Zone administrators can separate wired network and wireless network into different logical zones Users attempting to access the resou...

Page 35: ...associated with the Service Zone WLAN Encryption Data encryption method for wireless networks within the Service Zone Applied Policy The policy that is applied to the Service Zone Default Authen Optio...

Page 36: ...ple internal network such as there are just only two subnets Using Port Based model is an easy and better way In Port Based mode each LAN port can only serve traffic from one Service Zone An example o...

Page 37: ...Tag Based model will satisfy to your conditions In Tag Based mode each LAN port will only serve traffic from Default Service Zone So you need a VLAN switch or VLAN AP to take care the VLAN tags carrie...

Page 38: ...or disabled except for the default service zone Service Zone Name The name of service zone could be input here Network Interface o VLAN Tag Tag Base only The VLAN tag of this service zone o Operation...

Page 39: ...to permit the administrator to access the AMG 2100 AMG 2101 admin page after the default IP address of the network interface is changed o Preferred DNS Server The primary DNS server that is used by th...

Page 40: ...d or Tag Based but not concurrently In Port Base mode each LAN port can only serve traffic from one Service Zone as each Service Zone is identified by physical LAN ports In Tag Based mode each LAN por...

Page 41: ...mode must be a VLAN switch only Port Based When Port Based mode is selected traffic from different virtual Service Zones will be distinguished by physical LAN ports Each LAN port can be mapped to one...

Page 42: ...mode is selected traffic from different virtual Service Zones will be distinguished by VLAN tagging instead of by physical LAN ports Select Tag Based and then click Apply to activate the Tag Based VLA...

Page 43: ...AMG 2101 Server 1 to Server 4 On demand User and SIP Click the hyperlink of the respective Server Name to configure the authentication server Auth Database There are different authentication databases...

Page 44: ...g bob BostonLdap or tim TaipeiRadius when multiple options are concurrently in use One of authentication option can be assigned as default For authentication assigned as default the postfix can be omi...

Page 45: ...onfiguration Local User List It let the administrator to view add or delete local user account The Upload User button is for importing a list of user account from a text file The Download User button...

Page 46: ...Enable Local VPN column Click Apply to complete adding the user s MAC address of a networking device can be bound with a local user as well It means this user must login to system with a networking d...

Page 47: ...nt of individual user account is needed click the username of the desired user account to enter the User Profile Interface for that particular user and then modify or add any desired information such...

Page 48: ...the secondary server the secondary server is not required The fields with red asterisk are necessary information These settings will become effective immediately after clicking the Apply button Userna...

Page 49: ...ation option only can be enabled or disabled for the entire Authentication Database Click the button of Configure for further configuration The RADIUS server sets the external authentication for user...

Page 50: ...on in other authentication option only can be enabled or disabled for the entire Authentication Database Click the button Configure for further configuration Enter the information for the primary serv...

Page 51: ...p of the directory itself The search base may be something equivalent to the organization group or domain name AD of external directory Binding Type This specifies the binding type and search scope fo...

Page 52: ...ion Database Click the button Configuration for further configuration Enter the server IP address and enable disable the transparent login function These settings will become effective immediately aft...

Page 53: ...teway support 1 General Settings This is the common setting for the On demand User authentication option Currency Select the desired specified unit WLAN ESSID It will show the ESSID of Public Zone Wir...

Page 54: ...by uploading your own background image for the ticket or choose none Click Edit to select the image file and then click Upload The background image file size limit is 100 Kbytes No limit for the dime...

Page 55: ...scenario of this type is that a client goes to a cyber caf and purchases an on demand account This account will be activated and ok to use once creation quota will start to count down while creation a...

Page 56: ...account is cut off made expired by the system on that day Unit is the day periods of this Cut off billing plan Please note that the Grace Period is an additional short period of time after the accoun...

Page 57: ...sing only and will not be expired unless its quota is used up For example an on demand account is created at 2009 6 30 09 30 and must be activated before 2009 7 1 09 30 its quota is 24 hours and there...

Page 58: ...s in order to provide wireless access service to end customers who wish to pay for the service on line The options are Authorize Net PayPal SecurePay WorldPay or Disable 5 On demand Account Creation A...

Page 59: ...e setting to activate the plan The printer used by Print is a pre configured printer connected to the administrator s computer Plan The number of a specific plan Type Show one type of the plan in Usag...

Page 60: ...User s Manual AMG 2100 Gigabit Access and AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 55...

Page 61: ...ed not to over the available account limits in database Click Create button to start batch creation Next page will show Success or Failed message to indicate the batch creation status Once creation is...

Page 62: ...gin password of the account Remaining Quota The remaining time or volume or the cut off time that the account can continue to use to access the network Status The status of the account o Normal the ac...

Page 63: ...account they just need to click the Redeem button in the login success page to enter Redeem Page input the new account Username and Password and then click Submit This new account s quota will be exte...

Page 64: ...Configure Users Group go to Users Group There are multiple groups for divide users A Group which can be allowed to access a Service Zone or not and it also can be applied with a Policy within a Servi...

Page 65: ...ment Gateway Plus 60 4 2 1 Assign users to a Group Configure users to a Group go to Users Authentication This section shows how to group users how to rule each grouped user with different policy as he...

Page 66: ...icy 3 at Service Zone 1 and by Policy 8 at Service Zone 4 In each authentication option you can assign a Group with each authentication option All users login with same authentication server will belo...

Page 67: ...this Group to log into the selected Service Zones For example the above figure shows that users in Group 1 can access network services via every Service Zone as well as Remote VPN under constraints of...

Page 68: ...ndividual Group to assign it to the Service Zone listed For example the above figure shows clients in Group 1 8 can access Service Zone 1 where they are governed by the individual Policy respectively...

Page 69: ...nd AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 64 At Service Zone 1 Group 1 user is ruled by Policy 3 Group 2 is by Policy 9 and Group 3 is by Policy 11 Other Groups a...

Page 70: ...MG 2100 AMG 2101 is configured properly and network related settings are done 1 Open an Internet browser and try to connect to any website in this example we try to connect to www google com a For the...

Page 71: ...she can just click Submit next time he she wants to login Check the Remember Me box to store the username and password on the current computer in order to automatically login to the system at next lo...

Page 72: ...ing an account e g bob BostonLdap or tim TaipeiRadius when multiple options are concurrently in use One of authentication option can be assigned as default For authentication assigned as default the p...

Page 73: ...Management Gateway Plus 68 4 3 3 Disable Authentication in Service Zone Configure Authentication in Service Zone go to System Service Zones Authentication Required For the Zone When it is disabled use...

Page 74: ...icated environments combine indoor and outdoor areas For industrial usage it always combines office building and open air factory areas for campus usage it must cover classrooms lab office and many op...

Page 75: ...plate from the beginning administrators can also revise some settings for demand If copy is not desired please select NONE Input the Name and Remark if you want to change these to memorize easily If n...

Page 76: ...gabit Access and AP Management Gateway Plus 71 General Setting In this section revise the Subnet Mask and Default Gateway here if desired Configure the NTP Servers and Time Zone Besides it can enable...

Page 77: ...communication between the Access Point and roaming wireless adapters Select either Short Preamble or Long Preamble IAPP Inter Access Point Protocol is designed for the enforcement of unique associati...

Page 78: ...ng locally connected APs to its management list The administrator must know the local IP addresses of the APs he she wishes to discover Or the better way is reset the AP to default setting for discove...

Page 79: ...the specified AP MAC Address MAC address of the specific AP AP Name Mnemonic name of the specific AP Admin Password Password required for this AP Template The template which will be applied to the ad...

Page 80: ...or IP address assignment to the managed AP when the newly discovered AP is added into the service zone Under tag based service zone only default service zone will designate an IP segment for IP addres...

Page 81: ...ble When the status is Allowed only these clients whose MAC addresses are listed in this list can be allowed to connect to the AP on the other hand when the status is Denied the clients whose MAC addr...

Page 82: ...ing Open System Share Key WPA WPA2 or WPA WPA2 Mixed Encryption WEP When Authentication is Open System or Share Key WEP will be enabled WPA When Authentication is WPA WPA PSK or WPA RADIUS will be the...

Page 83: ...the APs under the management of AMG 2100 AMG 2101 will be shown in the list The AP can be edited by clicking the hyperlink of AP Name and the AP status can be got by clicking the hyperlink of Status A...

Page 84: ...General Setting Click the link to enter the General Setting interface Firmware information also can be observed here LAN Setting Click the link to enter the LAN Setting interface Input the data of LA...

Page 85: ...e Status column there are two areas of information shown AP Status Summary and AP Status Details AP Status Summary includes AP Name AP Type LAN Interface MAC address Wireless Interface MAC address Rep...

Page 86: ...and AP Management Gateway Plus 81 5 7 AP Operations from AP List Configure AP List go to Access Points List 5 7 1 Reboot Enable Disable and Delete the AP Select any AP by the check the checkbox and th...

Page 87: ...igabit Access and AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 82 5 7 2 Apply Template Select any AP by check the checkbox and then click Apply Template select one temp...

Page 88: ...e Zones will be available under this AP This AP will have two VAPs with two SSIDs according to two Service Zones for clients to associate If a user connected to one SSID for example SSID3 of this AP a...

Page 89: ...on related configuration The configuration is the same as AP Discovery When Background AP Discovery function is enabled the system will scan once every 10 minutes or according to the time set by the...

Page 90: ...centralized management AP Name Mnemonic name of the specific AP Admin Password Password required for this AP IP Address IP address of the specified AP MAC Address MAC address of the specific AP Remar...

Page 91: ...ss Points Firmware Firmware Upload displays the current version of the AP s firmware New firmware can be uploaded here to update the current firmware To upload click Browse to select the file and then...

Page 92: ...access The administrator can use the pull down menu to select the desired black list Select Black List There are multiple lists to select from for the desired black list Name Set the black list name a...

Page 93: ...abit Access and AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 88 After the Black List is setup completed You can select the Black List in each Authentication Server to l...

Page 94: ...MAC ACL With this function only the users with their MAC addresses in this list can login to AMG 2100 AMG 2101 There are maximum users allowed in this MAC address list User authentication is still re...

Page 95: ...will be available to allow the administrator to assign a Group for a RADIUS class attribute therefore a Policy applied to this Group will be mapped to a user Group of a RADIUS class attribute When the...

Page 96: ...sers The clients belonging to a Service Zone will also be bound by an applied Policy In addition a Policy can be applied at a Group basis a Group of users can be bound by a Policy The same Group can b...

Page 97: ...ocols Predefined and Custom Service Protocols There are predefined service protocols available for firewall rules editing The administrator is able to add new custom service protocols by clicking Add...

Page 98: ...ll Rule to apply these protocols o Firewall Rules Click the number of Filter Rule No to edit individual rules and click Apply to save the settings The rule status will show on the list Check Active ch...

Page 99: ...and destination IP addresses Domain Host filtering is supported but Domain name filtering is not o Source Destination Subnet Mask Select the source and destination subnet masks o Source MAC Address Th...

Page 100: ...some specific IP segment by the specified gateway o Destination IP Address The destination network address or IP address of the destination host Please note that if applicable the system will calcula...

Page 101: ...ned in each Policy except Global Policy When Specific Default Route is enabled all clients applied with this Policy will access the Internet through this default gateway o Enable Check Enable box to a...

Page 102: ...dule Profile Click Setting of Schedule Profile to enter the configuration page Select Enable to show the Permitted Login Hours list This function is used to limit the time when clients can log in Chec...

Page 103: ...ated users users on a non authenticated port privileged users and clients in DMZ zones Also this can be specified in the other policies to apply to the authenticated users When the number of a user s...

Page 104: ...link bandwidth allowed for an individual client belonging to this Group The Individual Maximum Downlink cannot exceed the value of Group Total Downlink o Individual Request Downlink Defines the guaran...

Page 105: ...l HTTPS HTTP over SSL or HTTP Secure is the use of Secure Socket Layer SSL or Transport Layer Security TLS as a sublayer under regular HTTP application layering HTTPS encrypts and decrypts user page r...

Page 106: ...Common Name value of the uploaded SSL certificate as the domain name Configure Certificate go to Users Additional Configuration Certificate Certificate A data record used for authenticating network en...

Page 107: ...eway AMG 2101 Gigabit Access and AP Management Gateway Plus 102 Click Continue to this website to access the user login page To Use Default Certificate Click Use Default Certificate to use the default...

Page 108: ...1 3 Administrator Contact Information Configure Administrator Contact Information go to System General Administrator Contact Information will appear in the user Login Fail window When the user login...

Page 109: ...tion provides certain free services for users to access the websites listed here before login and authentication Multiple addresses or domain names of the websites can be defined in this list Users wi...

Page 110: ...advertisement web pages for users to access free advertisement websites listed before login and authentication Advertisement hyperlinks are displayed on the user s login page Clients who click on it...

Page 111: ...User s Manual AMG 2100 Gigabit Access and AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 106...

Page 112: ...7 1 6 Mail Message Configure Mail Message go to System Service Zones When enabled the system will automatically send an email to users if they attempt to send receive their emails using POP3 email pro...

Page 113: ...success Configure Portal URL go to System General If enable this function enter the URL of a Web server as the homepage Once logged in successfully users will be directed to this homepage such as htt...

Page 114: ...AP Management Gateway Plus 109 7 2 2 Idle Timer Configure Idle Timer go to Users Additional Configuration If a user has idled with no network activities the system will automatically kick out the user...

Page 115: ...m different computers with the same account This function doesn t support On demand users and RADIUS authentication 7 2 4 DoS Attacker Denial Time Configure DoS Attacker Denial Time go to Users Additi...

Page 116: ...Password Privilege Configure Local Users Change Password Privilege go to Users Group Privilege Profile Change Password o Change Password Privilege When Change Password Privilege is enabled the authen...

Page 117: ...On demand Account Creation Privilege is enabled the authenticated users within this Group are allowed to create On demand account via the Login Success Page Privilege Profile On demand Billing Plans C...

Page 118: ...l AMG 2100 Gigabit Access and AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 113 Caution This function is not for On demand User On demand users can not create another On...

Page 119: ...sing Internet Proxy Server The first scenario is that a proxy server is placed outside the LAN environment or in the Internet For example the following diagram shows that a proxy server of an ISP will...

Page 120: ...ent Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 115 Step 3 Make sure that the proxy server settings match with at least one of the proxy server setting of the system for example in...

Page 121: ...proxy server setting of the clients match with the proxy server setting of the system Otherwise users will not be able to get the Login page for authentication via browsers and it will show an error...

Page 122: ...and connects to the network via the proxy server other users using the same proxy setting in their browsers will be able to access the network without any authentication Therefore to stop the risk it...

Page 123: ...and AP Management Gateway Plus 118 Caution It is required that the proxy server setting of the clients match with the proxy server setting of the system Otherwise users will not be able to get the Lo...

Page 124: ...ss of External Interface WAN1 that will change dynamically if WAN1 Interface is Dynamic When Automatic WAN IP Assignments is enabled the entered Internal IP Address of Automatic WAN IP Assignment will...

Page 125: ...at client devices outside the managed network can access these servers within the managed network Different virtual servers can be configured for different sets of physical services such as TCP and UD...

Page 126: ...ay AMG 2101 Gigabit Access and AP Management Gateway Plus 121 8 3 Privilege List Configure Privilege List go to Network Privilege Setup the Privilege IP Address List and Privilege MAC Address List The...

Page 127: ...ut authentication enter the IP addresses of these workstations in the Granted Access by IP Address The Remark field is not necessary but is useful to keep track AMG 2100 AMG 2101 allows privilege IP a...

Page 128: ...hentication can also be set in the Granted Access by MAC Address AMG 2100 AMG 2101 allows privilege MAC addresses When manually creating the list enter the MAC address the format is xx xx xx xx xx xx...

Page 129: ...re IP Plug and Play go to Network Client Mobility AMG 2100 AMG 2101 supports IP PNP function User can login and access network with any IP address setting At the user end a static IP address can be us...

Page 130: ...ic domain name allowing the administrator to easily access AMG 2100 AMG 2101 s WAN If the dynamic DHCP is activated at the WAN port it will update the IP address of the DNS server periodically These s...

Page 131: ...administrator to set the IP addresses for redirection purpose When the user attempts to connect to a destination IP address listed here the connection packet will be converted and redirected to the c...

Page 132: ...NTP NTP Network Time Protocol communication protocol can be used to synchronize the system time with remote time server Please specify the local time zone and the IP address of at least one NTP server...

Page 133: ...example 10 2 3 0 24 means that as long as an administrator is using a computer with the IP address range of 10 2 3 0 24 he or she can access the web management page Another example is 10 0 0 3 if an...

Page 134: ...go to System General Specify an IP address of the administrator s computer or a billing system to get billing history information of AMG 2100 AMG 2101 with the predefined URLs The file name format is...

Page 135: ...ent Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 130 9 4 SNMP Configure SNMP go to System General If this function is enabled the SNMP Management IP and the Community can be assigned...

Page 136: ...and passwords show as follows Admin The administrator can access all configuration pages of AMG 2100 AMG 2101 User Name admin Password admin After a successful login to AMG 2100 AMG 2101 a web managem...

Page 137: ...erator The operator can only access the configuration page of Create On demand User to create new on demand user accounts and print out the on demand user account receipts User Name operator Password...

Page 138: ...ts but without permission to change the settings of the profiles of Firewall Specific Route and Schedule User Name manager Password manager Operator The operator can only access the configuration page...

Page 139: ...the AMG 2100 AMG 2101 settings Also AMG 2100 AMG 2101 can be restored to the factory default settings here Backup System Settings Click Backup to create a db database backup file and save it on disk...

Page 140: ...arch for the firmware file and click Apply for the firmware upgrade It might take a few minutes before the upgrade process completes and the system needs to be restarted afterwards to activate the new...

Page 141: ...G 2100 AMG 2101 and the process might take approximately three minutes Click YES to restart AMG 2100 AMG 2101 click NO to go back to the previous screen If the power needs to be turned off it is highl...

Page 142: ...nd AP Management Gateway Plus 137 9 10 Network Utility Configure Network Utility go to Utilities Network Utilities System provide some network utilities to allow administrators to use the functions in...

Page 143: ...one Enter the MAC Address of the desired device and click Wake Up button 9 10 2 Ping It allows administrator to detect a device using IP address or Host domain name to see if it is alive or not 9 10 3...

Page 144: ...cally to monitor the connection status of the IP addresses on the list On each monitored item with a WEB server running administrators may add a link for the easy access by entering the IP select the...

Page 145: ...The main console is a menu driven text interface with dialog boxes Please use arrow keys on the keyboard to browse the menu and press the Enter key to make selection or confirm what you enter 3 Once...

Page 146: ...e settings Display ARP table The internal ARP table of the system is displayed Display system up time The system live time time for system being turn on is displayed Check service status Check and dis...

Page 147: ...me as for the web management interface Password can also be changed here If administrators forget the password and are unable to log in the management interface from the web or the remote end of the S...

Page 148: ...2101 Gigabit Access and AP Management Gateway Plus 143 10 System Status and Reports 10 1 View the status This section includes System Interface Hardware Routing Table Online Users User Logs and E mail...

Page 149: ...abit Access and AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 144 10 1 1 System Status View System Status go to Status System This section provides an overview of the sy...

Page 150: ...normal or abnormal Internet Connection Detection and all online users are allowed disallowed to log in the network WAN Failover Enabled Disabled stands for the function currently being used or not Loa...

Page 151: ...t Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 146 10 1 2 Interface Status View Interface Status go to Status Interface This section provides an overview of the interface for the adm...

Page 152: ...last time this Interface Status page is visited Bytes In The total accumulated bytes in through this WAN port since the gateway boots up The delta shows the difference between the numbers from last ti...

Page 153: ...t Access and AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 148 10 1 3 Hardware Information View Hardware Information go to Status Hardware It will show the current CPU a...

Page 154: ...oute rules specified by each interface Policy 1 X Shows the information of each individual Policy Global Policy Shows the information of the Global Policy System Shows the information of the system ad...

Page 155: ...s page each online user s information including Username IP Address MAC Address Pkts In Bytes In Pkts Out Bytes Out Idle Access From and Kick Out will be shown Administrators can force out a specific...

Page 156: ...st 3 days 72 full hours The system also keeps a cumulated record of the traffic data generated by each user in the latest 2 calendar months Caution Since the history is saved in the DRAM if you need t...

Page 157: ...ting of the following fields Date System Name Type Name IP MAC Pkts In Bytes In Pkts Out Bytes Out 1st Login Expiration Time Account Valid Through and Remark of user activities Roaming Out User Log As...

Page 158: ...AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 153 SIP Call Usage Log The log provides the login and logout activities of SIP clients device and soft clients such as Star...

Page 159: ...hly network usage of local user record consists of 6 fields System Name Connection Time Usage Packets In Bytes In Packets Out and Bytes Out of user activities o Username Username of the local user acc...

Page 160: ...particular e mail addresses The notification of AP Status is triggered by the event when a managed AP becomes unreachable while the other types of emails are sent periodically in given intervals such...

Page 161: ...The e mail address of the administrator in charge of the monitoring This will show up as the sender s e mail SMTP Server The IP address of the sender s SMTP server SMTP Auth Method The system provide...

Page 162: ...g server 10 2 3 FTP FTP Server Settings Session Log Log each connection created by users and tracking the source IP Port and destination IP Port Session Log will be sent to the FTP server automaticall...

Page 163: ...rk By pushing down ActiveX to the client s Windows device from the system no extra client software is required to be installed except ActiveX in which a so called clientless IPSec VPN setting is then...

Page 164: ...s no alternative way to gain network connection beyond this IPSec VPN feature supported by AMG 2100 AMG 2101 directly solves possible data security leak problem between clients and the system via eith...

Page 165: ...l of Windows XP SP2 Please UPDATE clients Windows XP SP2 with this patch The Termination of ActiveX The ActiveX component for IPSec VPN is running in parallel with the web page of Login Success To ens...

Page 166: ...r Refresh of the same Internet Explorer browser page Enter a new URL in the same Internet Explorer browser page Open a URL from the other application e g email of Outlook that occupies this existing I...

Page 167: ...32 C Clean_IPSEC bat Or C cd windir system32 C ipsec2k exe stop 2 How to remove ActiveX component in client s computer ANS Uninstall and delete ActiveX component Close all Internet Explorer windows Op...

Page 168: ...e controlled by system to access the network All settings are look like the settings in Service Zone It also can setup the SIP WAN Interface Authentication Options Group Permission Applied Policy and...

Page 169: ...N AMG 2100 AMG 2101 support Site to Site VPN for more than 2 AMG 2100 AMG 2101 create VPN tunnel to each other over the WAN network For example if there are 2 AMG 2100 AMG 2101 you can create a VPN tu...

Page 170: ...subnet for mapping to the remote site Such as 192 168 11 0 24 of AMG 2100 AMG 2101_A 192 168 111 0 24 of AMG 2100 AMG 2101_B after the tunnel is created the users within these two subnets can reach e...

Page 171: ...ges go to System Service Zones There are several users login and logout pages for each service zone that can be customized by administrators Go to System Configuration Service Zone Authentication Sett...

Page 172: ...uploading the page or downloading from a designated website After finishing the setting click Preview to see the login page Custom Pages Login Page Default Page Choose Default Page to use the default...

Page 173: ...MG 2101 Gigabit Access and AP Management Gateway Plus 168 Custom Pages Login Page Uploaded Page Choose Uploaded Page and upload a login page The user defined login page must include the following HTML...

Page 174: ...n to select the file to upload Then click Submit to complete the upload process Next enter or browse the filename of the images to upload in the Upload Images field on the Upload Images Files page and...

Page 175: ...lection and get the login page from a designated website In the External Page Setting enter the URL of the external login page and then click Apply After applying the setting the new login page can be...

Page 176: ...the Login Page please refer to the Login Page Uploaded Page instructions for more details Note The different part is the HTML code of the user defined logout interface must include the following HTML...

Page 177: ...merchant transaction key is similar to a password and is used by Authorize Net to authenticate transactions Payment Gateway URL This is the default website address to post all transaction data Verify...

Page 178: ...horize Net Payment Page o These 10 plans are the plans configured in Billing Plans page and all previously enabled plans can be further enabled or disabled here as needed o Client s Purchasing Record...

Page 179: ...yment Gateway will only accept card numbers that correspond to the listed card types o Credit Card Expiration Date Month and year expiration date of the credit card This should be entered in the forma...

Page 180: ...ormation of a given transaction o City The city is associated with either the billing address or shipping address of a transaction o State A state is associated with both the billing and shipping addr...

Page 181: ...hotspot owners should find the Identity Token of this PayPal account to continue PayPal Payment Page Configuration External Payment Gateway PayPal Payment Page Configuration Business Account The Login...

Page 182: ...ing Plan for PayPal Payment Page These 10 plans are the plans in Billing Configuration and the desired plan s can be enabled Client s Purchasing Record PayPal Payment Page Remark Content Client s Purc...

Page 183: ...MG 2101 Gigabit Access and AP Management Gateway Plus 178 PayPal Payment Page Remark Content The message content will be displayed as a special notice to end customers in the page of Rate Plan For exa...

Page 184: ...Management Gateway Plus 179 13 3 Payments via SecurePay Configure Payments via SecurePay go to Users Authentication On demand External Payment Gateway SecurePay Before setting up SecurePay it is requ...

Page 185: ...SSL Certificate This is to help protect the system from accessing a website other than Secure Pay Currency The currency to be used for the payment transactions Service Disclaimer Content View the ser...

Page 186: ...ldPay WorldPay Payment Page Configuration Installation ID The ID of being associated with the Business Account Payment Gateway URL The default website of posting all transaction data Currency The curr...

Page 187: ...unt from its official website RBS WorldPay Merchant Services Payment Processing going to rbsworldpay com support center account login STEP Log in to the Merchant Interface Login url www rbsworldpay co...

Page 188: ...AP Management Gateway Plus 183 STEP Check the Enable the Shopper Response STEP Select the Save Changes button STEP Input Installation ID and Payment Gateway URL in gateway UI Installation ID 2009test...

Page 189: ...enter the Upload User from File interface Click the Browse button to select the text file for uploading user accounts then click Upload to complete the upload process When uploading a file any format...

Page 190: ...User s Manual AMG 2100 Gigabit Access and AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 185...

Page 191: ...and Account List Backup Current Accounts Use this function to create a txt file with all current user account information and then save it on disk Restore Accounts After the current user accounts have...

Page 192: ...mat go to Users Authentication POP3 Server1 4 Configure For POP3 authentication there have an option to send the complete username with postfix or username only Username Format When Complete option is...

Page 193: ...rred to the RADIUS server for authentication On the other hand when Only ID option is checked only the username will be transferred to the external RADIUS server for authentication NAS Identifier Syst...

Page 194: ...a Group to a LDAP attribute sent from the LDAP server When the clients classified by LDAP attributes log into the system via the LDAP server each client will be mapped to its assigned Group To get an...

Page 195: ...login twice for network access right and domain resource access right So this function is use to combine these by a single user login Users only need to login once and then they will be assigned the...

Page 196: ...cation When Account Roaming Out is enabled the link of this function will be available to define the authorized device with IP address Subnet Mask and Secret Key Click the hyperlink Roaming Out 802 1x...

Page 197: ...hrough NAT with a selective but fixed WAN interface In this example client extension 301 is trying to call 303 AMG 2100 AMG 2101 asks an external trusted SIP registrar to verify both identities After...

Page 198: ...iguration Configure SIP WAN Interface go to System Configuration Service Zones The system provides SIP proxy functionality which allows SIP clients to pass through NAT When enabled all SIP traffic can...

Page 199: ...k Configuration on PC User Login Network Configuration on PC After AMG 2100 AMG 2101 is installed the following configurations must be set up on the PC Internet Connection Setup and TCP IP Network Set...

Page 200: ...Plus 195 3 Choose I want to set up my Internet connection manually or I want to connect through a local Area network LAN and then click Next 4 Choose I connect through a local area network LAN and the...

Page 201: ...ement Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 196 6 Choose No and then click Next 7 Finally click Finish to exit the Internet Connection Wizard Now the set up is completed Windo...

Page 202: ...ement Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 197 2 Choose the Connections tab and then click Setup 3 When the Welcome to the New Connection Wizard window appears click Next 4 C...

Page 203: ...Gigabit Access and AP Management Gateway Plus 198 5 Choose Set up my connection manually and then click Next 6 Choose Connect using a broadband connection that is always on and then click Next 7 Final...

Page 204: ...gn an appropriate IP address and related information for each PC If the Windows operating system is not a server version the default settings of the TCP IP will regard the PC as a DHCP client and this...

Page 205: ...ddress is obtained from AMG 2100 AMG 2101 4 Using Specific IP Address If you want to use a specific IP address acquire the following information from the network administrator the IP Address Subnet Ma...

Page 206: ...gateway address of AMG 2100 AMG 2101 in the New gateway field and click Add Then click OK 4 3 Click on DNS Configuration tab If the DNS Server field is empty select Enable DNS and enter DNS Server add...

Page 207: ...icon and select Properties 3 Select Internet Protocol TCP IP and then click Properties Now you can choose to use DHCP or a specific IP address 4 Using DHCP If you want to use DHCP choose Obtain an IP...

Page 208: ...dress of AMG 2100 AMG 2101 If your PC has been set up completely please inform the network administrator before proceeding to the following steps 5 1 Choose Use the following IP address and enter the...

Page 209: ...04 5 4 Enter the gateway address of AMG 2100 AMG 2101 in the Gateway field and then click Add After back to the IP Settings tab click OK to complete the configuration Check the TCP IP Setup of Window...

Page 210: ...s automatically and click OK This is also the default setting of Windows Then reboot the PC to make sure an IP address is obtained from AMG 2100 AMG 2101 5 Using Specific IP Address If you want to use...

Page 211: ...ing the following DNS server addresses and enter the DNS Server address Then click OK 5 2 Click Advanced to enter the Advanced TCP IP Settings window 5 3 Click on the IP Settings tab and click Add bel...

Page 212: ...roup1 and the Local Authentication is assigned to Group2 If Group1 in Service Zone1 can be applied Policy1 Then user01 login to Service Zone1 will get Policy1 This is a common case for users that can...

Page 213: ...these APs Monitor IP is a better way to monitor the AP connection status AMG 2100 AMG 2101 will send out a packet periodically to monitor the connection status of the IP addresses on the list If the m...

Page 214: ...user is reached this value gateway will stop the session of this user and send a Stop to RADIUS server 1 Description This Attribute is available to allow vendors to support their own extended Attribut...

Page 215: ...t means that whatever the downlink or uplink or total traffic exceeded the limit the user will be kicked out from system 2 VSA configuration in RADIUS server IAS Server This section will guide you thr...

Page 216: ...AMG 2100 Gigabit Access and AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 211 2 3 Step 3 Edit Profile Select the Advanced Tag Add a new attribute Add a new Vendor speci...

Page 217: ...abit Access and AP Management Gateway Plus 212 2 4 Step 4 Add a new attribute under Vendor specific Set Vendor Code 22426 Set it conforms to the RADIUS RFC Configure Attribute Set Vendor assigned attr...

Page 218: ...AP Management Gateway AMG 2101 Gigabit Access and AP Management Gateway Plus 213 2 5 Step 5 Confirm the Vendor specific Attribute has been added success 2 6 Step 6 Follow the same steps to create oth...

Page 219: ...through a VSA configuration using the operating system Fedora FreeRADIUS version 1 0 5 Before getting start open the shell of RADIUS server for example use Putty to access the Linux Host 3 1 Step 1 As...

Page 220: ...s folder 3 4 Step 4 Edit and save the content of the file dictionary none as the following Administrator also can add other attributes as the table stated in Section 2 with same format 3 5 Step 5 Edit...

Page 221: ...gabit Access and AP Management Gateway Plus 216 3 7 Step 7 Open the radius database 3 8 Step 8 Insert VSA into RADIUS respond In this example the maximum download and upload in bytes for group03 users...

Page 222: ...ndustry s rapid adoption of High Speed Internet Access HSIA for their guest rooms and public areas Beside the communication between NONE and Net Retriever it also needs the VLAN Port Room Mapping to i...

Page 223: ...ing Configure VLAN Port Mapping go to System Port Location Mapping Port Location Mapping Status Enable or Disable the Port Location Mapping clicking Configure to enter its setup After the Net Retrieve...

Page 224: ...eate the Room Mapping by a batch processing that if you want to create a contiguously VLAN Tag and Room number Port Location Mapping Setup Create Batch Default Room State The default state of the room...

Page 225: ...ce zone of these rooms If you want to create the Room Mapping is not a contiguously VLAN Tag and Room number then you can create it one by one Port Location Mapping Setup Create One Room Default State...

Page 226: ...pping If you want to check the room mapping information or you want to change any setting of the room mapping Configure Port Location Mapping List go to System Port Location Mapping Click the VLAN ID...

Page 227: ...oom Enable DHCP client in this notebook laptop Open a browser and try to access internet The browser will show the Login page user may chose a billing plan click the Confirm button Then user can acces...

Reviews:

No comments

Related manuals for AMG-2100

Pathport 6822 Manual preview
6822
Brand: Pathport Pages: 2
TANDBERG Codian GW 3201 Series Getting Started preview
Codian GW 3201 Series
Brand: TANDBERG Pages: 18
IntesisBox ME-AC-KNX-1i User Manual preview
ME-AC-KNX-1i
Brand: IntesisBox Pages: 63
Advantech EDG-4508+ User Manual preview
EDG-4508+
Brand: Advantech Pages: 82
Pepperl+Fuchs VBG-PN-K20-DMD-EV Installation Instructions Manual preview
VBG-PN-K20-DMD-EV
Brand: Pepperl+Fuchs Pages: 11
SSS Siedle SET CVSG 850-1 Commissioning preview
SET CVSG 850-1
Brand: SSS Siedle Pages: 2
QEI ePAQ-9400 User Manual preview
ePAQ-9400
Brand: QEI Pages: 43
QEI ePAQ-9410 User Manual preview
ePAQ-9410
Brand: QEI Pages: 48
QEI DIO-9110 User Manual preview
DIO-9110
Brand: QEI Pages: 45
Rintech RINT8CH Wireless Gateway Manual preview
RINT8CH Wireless Gateway
Brand: Rintech Pages: 2
3Com 3C10122 - NBX Business Telephone Installation Manual preview
3C10122 - NBX Business Telephone
Brand: 3Com Pages: 252
ENDIAN 4i Edge X Quick Starter Manual preview
4i Edge X
Brand: ENDIAN Pages: 5
YASKAWA JEPMC-GW3100-E Product Manual preview
JEPMC-GW3100-E
Brand: YASKAWA Pages: 124
Accton Technology RG230 User Manual preview
RG230
Brand: Accton Technology Pages: 88
Eaton EASY209-SE Instruction Leaflet preview
EASY209-SE
Brand: Eaton Pages: 4
IFM Electronic CR3150 Operating Instructions Manual preview
CR3150
Brand: IFM Electronic Pages: 23
Huawei B683 Product Description preview
B683
Brand: Huawei Pages: 22
XPEECH 1S1O Operation Manual preview
1S1O
Brand: XPEECH Pages: 103

Brands by name

Popular brands

Load more brands