background image

Wireless Subscriber Gateway 

 

37 

 

DHCP Server Configuration 

 

There are three methods to set the DHCP server: 

Disable DHCP Server

Enable DHCP Server

 

and 

Enable DHCP Relay

 
1. 

Disable DHCP Server: 

Disable DHCP Server function. 

 

 

 

2. 

Enable  DHCP  Server:

  Choose 

“Enable  DHCP  Sever” 

function  and  set  the  appropriate 

configuration for the DHCP server. The fields with red asterisks are required to be filled in. 

 

 

 

DHCP Scope:

 Enter the

 “Start IP Address”

 and the 

“End IP Address”

 of this DHCP block. 

These fields define the IP address range that will be assigned to the Private LAN clients.

 

Preferred DNS Server:

 The primary DNS server for the DHCP.

 

Alternate DNS Server:

 The substitute DNS server for the DHCP.

 

Domain Name: 

Enter the domain name.

 

WINS IP Address:

 Enter the IP address of WINS.

 

Lease Time:

 Choose the time to update the DHCP. 

Reserved  IP  Address  List: 

For  reserved  IP  address  settings  in  detail,  please  click  the 

hyperlink of

 Reserved IP Address

. If using the 

Reserved IP Address List 

function for IP 

address  outside  the  DHCP  range  is  desired,  click  the 

Reserved IP  Address  List

  on  the 

management interface. The setup of the Reserved IP Address List as shown in the following 
figure will appear. Enter the related Reserved IP Address, MAC, and some description (not 
mandatory). Click 

Apply 

to complete the setup. 

 
 

Summary of Contents for WSG-404

Page 1: ...Hot Spot Wireless Subscriber Gateway WSG 404 User s Manual ...

Page 2: ... this User s Manual at any time without notice If you find information in this manual that is incorrect misleading or incomplete we would appreciate your comments and suggestions FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful i...

Page 3: ...2 External Network Access 24 3 Web Interface Configuration 27 3 1 System Configuration 28 3 1 1 Configuration Wizard 28 3 1 2 System Information 29 3 1 3 WAN Configuration 31 3 1 4 LAN1 LAN2 Configuration 33 3 1 5 LAN3 LAN4 Configuration 36 3 1 6 Wireless Configuration 39 3 2 User Authentication 45 3 2 1 Authentication Configuration 45 3 2 1 1 Authentication Method Local User Setting 66 3 2 1 2 Au...

Page 4: ... Settings 112 3 4 3 Firmware Upgrade 113 3 4 4 Restart 113 3 5 Status 114 3 5 1 System Status 114 3 5 2 Interface Status 116 3 5 3 Concurrent Users 118 3 5 4 Traffic History 118 3 5 5 Notify Configuration 120 3 6 Help 121 4 Appendix A Console Interface 122 5 Appendix B Configuration on Authorize Net 125 6 Appendix C Proxy Setting for Hotspot 130 7 Appendix D Proxy Setting for Enterprise 133 8 Appe...

Page 5: ... browser to customized Web pages There s no need for end user to change any of their default network Static IP e mail SMTP Server behind firewall or browser settings HTTP Proxy or load any special software to access hotspot service It s completely Plug Play with any browser 1 1 Package Contents Please inspect your package The following items should be included in the WSG 404 packages 1x WSG 404 un...

Page 6: ... billing application Security and Firewall With built in 64 128 bit RC4 WEP Encryption VLAN Security for Wireless subscriber SSL Login Page Admin Page VPN IPSec PPTP Pass through various security features PLANET WSG 404 bring you an ease of use and most comfort safe Internet access environment Ease of Use and Management The built in web management interface in WSG 404 brings most convenience to sy...

Page 7: ...et locations Use only the original fitting AC power adapter otherwise there is a danger of severe electrical shock Avoid exposing the WSG 404 to direct sunlight or another heat source Choose a well ventilated area to position your WSG 404 1 4 Outlook Figure 1 1 WSG 404 Outlook 1 4 1 Top Panel The top panel of the WSG 404 is shown below Figure 1 2 WSG 404 Top Panel ...

Page 8: ... The LAN has a successful 10 100Mbps Ethernet connection The LAN is sending or receiving packet Note 1 Use only the bundled DC adapter for the power system other power adapter could damage the device permantly 2 During the firmware upgrade process please do not power off the device otherwise it could damage the device permantly 1 4 2 Rear Panel The rear panel of the WSG 404 is shown below 12V DC R...

Page 9: ...Internet Intranet LAN1 2 Used for Connecting to the public LAN It can be chosen to require authentication to access network resource and the Internet LAN3 4 Used for Connecting to the private LAN Authentication is not required to access the network resource from here Console Used for configuring the system via Hyper Terminal or connecting to the WSG ACG4 Ticket Printer ...

Page 10: ... EAP MD5 EAP TLS CHAP PEAP WPA PSK Wireless Antenna Type 2dBi Max Dual detachable diversity antenna with reverse SMA Wireless Operating Range Open Space 100 300m Indoors 35 100m LED Indicators 1 x POWER LED 1 x WLAN Link Activity LED 1 x WAN Link Activity LED 4 x LAN Link Activity LEDs Environmental Operating Temperature 5 45 C Relative Humidity 10 80 non condensing Storage Temperature 25 55 C Rel...

Page 11: ...lusive Printer Accounting without PC operating Web based Login Page Authentication Web based Accounting Flexible Billing Profiles and Price Plan Flexible Billing Mechanism Flexible Time Mechanism Time to Finish and Accumulation External DB25 Support WSG ACG4 RADIUS Authentication Credit Card Support Authorize net PayPal 10 Customizable Billing Profile Remaining Credit Reminder Accumulation Billing...

Page 12: ...Browser based Configuration and Management Policy based Access Control IP based MAC based Privilege List Friendly Notification E mail Backup Restore Factory Default Setting Remote Firmware Upgrade System Information Table Per user Traffic History Log Support External Syslog Server Billing Report Summary Bandwidth Control Session Idle Timer Session Account Expiration Control Secure Remote via PPTP ...

Page 13: ...apter that complied with 802 11b or 802 11g Workstations of subscribers running Windows 95 98 ME NT4 0 2000 XP MAC OS9 or later Linux UNIX or other platform compatible with TCP IP protocols Optional Account generator Model No WSG ACG4 2 1 2 ISP Requirements Verify whether your ISP use fixed or dynamic IP If it is a fixed IP be sure to get the IP from your ISP For dynamic IP which is mostly used th...

Page 14: ...ress Your PC s primary DNS IP address Note 1 The gateway s default IP address setting is LAN1 LAN2 192 168 2 254 LAN3 LAN4 192 168 1 254 2 The gateway s default subnet mask setting is 255 255 255 0 The Dynamic IP settings for the PC We recommend that you leave your IP settings as automatically assigned By default the WSG 404 is a DHCP server and it will give your PC the necessary IP settings Note ...

Page 15: ... referred to as Public LAN 3 Use Ethernet cables to connect to the LAN3 LAN4 port on the rear panel Connect the other end of the Ethernet cable to a PC Note Authentication is NOT required for the clients to access the network via LAN3 LAN4 port The LAN port with authentication function is referred to as Private LAN 4 Connect your Cable DSL Modem to the WAN port on the rear panel Use the cable supp...

Page 16: ...Admin s Password 2 Choose System s Time Zone 3 Set System Information 4 Select the Connection Type for WAN Port 5 Set Authentication Methods 6 Set Wireless Access Point Connection 7 Save and Restart PLANET WSG 404 To access the web management interface connect the PC and WSG 404 in advance via the Private Port of WSG 404 Then launch the web browser and enter the IP address of the gateway for that ...

Page 17: ...fter successfully logging into WSG 404 a web management interface with a welcome message will appear Click System Configuration to the System Configuration screen and run the Configuration Wizard to help you complete the configuration ...

Page 18: ...ing Run Wizard the Configuration Wizard will appear in a pop up browser window Click Next to begin Step 1 Change Admin s Password Enter a new password for the admin account and retype it in the verify password field Twenty characters maximum and no spaces allowed Click Next to continue ...

Page 19: ...Information Home Page Enter the URL that users should be initially directed to when successfully authenticated to the network NTP Server Enter the URL of external time server for WSG 404 time synchronization or use the default server DNS Server Enter a DNS Server provided by your ISP Contact the ISP if the DNS IP Address is unknown Click Next to continue ...

Page 20: ...N port to select from Static IP Address Dynamic IP Address and PPPoE Client Select a proper Internet connection type Click Next to continue Step 4 Cont Set Static IP Address Information Enter the IP Address Subnet Mask and Default Gateway as the examples provided by the ISP Click Next to continue ...

Page 21: ...s Please specify the policy name for this authentication method The Postfix field e g Local will be used as the postfix name e g username Local An authentication method has to be selected from one of the five options appeared in this window Local User is selected for this setup example Local User is an authentication method that uses the built in user account database supported by WSG 404 Click Ne...

Page 22: ...t to continue Step 6 Set Wireless Access Point Connection SSID Enter a SSID Up to 32 characters for the system The default is WSG 404 SSID is a unique identifier used for the wireless users devices to associate with WSG 404 Transmission Mode WSG 404 supports two transmission modes 802 11b and 802 11 b g Select the appropriate transmission mode to work with the wireless clients in the network Chann...

Page 23: ...G 404 restart a Restarting now Please wait for a moment message will appear on the screen Please do not interrupt PLANET WSG 404 until the Configuration Wizard window has disappeared This indicates that the restart process has completed Note If you wish go back to modify the setting during every steps of the wizard Please click the Back button to go back to the previous step ...

Page 24: ...e Internet browser 1 First connect a user end device to LAN1 LAN2 port of the PLANET WSG 404 and set the dynamical access network After the user end obtains the network address please open an Internet browser and the default login webpage will appear on the Internet browser Key in the username and password created in the local user account or the on demand user account in the interface and then cl...

Page 25: ...ers For users other than on demand users please click the Submit button 4 An on demand user can enter the username and password in the User Login Page and click the Remaining button to view the remaining time the account 5 When an on demand user logs in successfully the following Login Successfully screen will appear There is an extra line showing Remaining usage and a Redeem button ...

Page 26: ...er and then the user will get a new username and password After clicking the Redeem button a login screen will appear Please enter the new username and password obtained and click Redeem button The total available use time and data size after adding credit will show up Note The system will automatically reject the redeem process when the redeem amount exceeds the maximum time data volume provided ...

Page 27: ...entication Configuration Network Address Translation Change Password System Status System Information Black List Configuration Privilege List Backup Restore Settings Interface Status WAN Configuration Policy Configuration Monitor IP List Firmware Upgrade Current Users LAN1 LAN2 Configuration Guest User Configuration Walled Garden List Restart Traffic History LAN3 LAN4 Configuration Additional Conf...

Page 28: ...s Configuration 3 1 1 Configuration Wizard There are two ways to configure the system using Configuration Wizard or change the setting by demands manually The Configuration Wizard has 7 steps providing a simple and easy way to go through the basic setups of PLANET WSG 404 and is served as Quick Configuration Please refer to 2 3 1 Quick Configuration for the introduction and description of Configur...

Page 29: ...ection of the WAN port to the system this information will appear on the user s login screen Home Page Enter the website of a Web Server to be the homepage When users log in successfully they will be directed to the homepage set such as http www yahoo com Regardless of the original webpage set in the users computers they will be redirect to this page after login Access History IP Specify an IP add...

Page 30: ... 404 supports SNMPv2 If the function is enabled administrators can assign the Manager IP address and the SNMP community name used to access the management information base MIB of the system User logon SSL Enable to activate https encryption or disable to activate http non encryption login page Time PLANET WSG 404 supports NTP communication protocol to synchronize the network time Please specify th...

Page 31: ...is unavailable The fields with red asterisks are required to be filled in IP address the IP address of the WAN port Subnet mask the subnet mask of the WAN port Default gateway the gateway of the WAN port Preferred DNS Server the primary DNS Server of the WAN port Alternate DNS Server The substitute DNS Server of the WAN port This is not required Dynamic IP address It is only applicable for the net...

Page 32: ...the idle time is reached the system will automatically disconnect itself PPTP Client Select STATIC to specify the IP address of the PPTP Client manually or select DHCP to get the IP address automatically The fields with red asterisks are required to be filled in There is a Dial on demand function under PPPoE If this function is enabled a Maximum Idle Time can be set When the idle time is reached t...

Page 33: ...hentication for the two LAN ports can be enabled or disabled LAN1 LAN2 Port IP PNP Users can use static IP address to connect to the system Regardless of what the IP address at the user end is users can still be authenticated through PLANET WSG 404 and access the network ...

Page 34: ...rver Enable DHCP Server and Enable DHCP Relay 1 Disable DHCP Server Disable DHCP Server function 2 Enable DHCP Server Choose Enable DHCP Sever function and set the appropriate configuration for the DHCP server The fields with red asterisks are required to be filled in DHCP Scope Enter the Start IP Address and the End IP Address of this DHCP block These fields define the IP address range that will ...

Page 35: ...he DHCP range is desired click on the Reserved IP Address List on the management interface Then the setup of the Reserved IP Address List as shown in the following figure will appear Enter the related Reserved IP Address MAC and some description not mandatory Click Apply to complete the setup 3 Enable DHCP Relay If enabling this function is desired other DHCP Server IP address must be specified Se...

Page 36: ...ed configuration for LAN3 LAN4 port and DHCP server LAN3 LAN4 Port Operation Mode Choose one of the two modes NAT mode and Router mode by the requirements IP Address Enter the desired IP address for the LAN3 LAN4 port Subnet Mask Enter the desired subnet mask for the LAN3 LAN4 port ...

Page 37: ...e Private LAN clients Preferred DNS Server The primary DNS server for the DHCP Alternate DNS Server The substitute DNS server for the DHCP Domain Name Enter the domain name WINS IP Address Enter the IP address of WINS Lease Time Choose the time to update the DHCP Reserved IP Address List For reserved IP address settings in detail please click the hyperlink of Reserved IP Address If using the Reser...

Page 38: ...WSG 404 User Guide 38 3 Enable DHCP Relay If enabling this function is desired other DHCP Server IP address must be specified See the following figure ...

Page 39: ...Wireless Subscriber Gateway 39 3 1 6 Wireless Configuration This section is for setting related configurations for the wireless port ...

Page 40: ...nts in the wireless network must use the same channel in order to make sure correct connection Transmission Mode There are 2 modes to select from 802 11b 2 4G 1 11Mbps and 802 11 b g 2 4G 1 11Mbps and 2 4G 54Mbps SSID Broadcast Select to enable the SSID broadcast in the network When configuring the network this function may be enabled but should be disabled when configuration is finished Since whe...

Page 41: ...efault value is Auto When Auto is selected it will auto detect to authenticate by Shared Key type or Open System type Shared Key is used such that both the sender and the recipient share a WEP key for authentication Open Key is that the sender and the recipient do not share a WEP key for authentication All points on the network must use the same authentication type 2 Transmission Rates The default...

Page 42: ...e value remains in the range of 256 to 2346 7 Fragmentation Threshold The range is from 256 to 2346 and the default is OFF The value specifies the maximum size of packet allowed before data is fragmented into multiple packets It should be remained in the range of 256 to 2346 A smaller value results smaller packets but with a larger numbers of packets in transmission 8 DTIM Interval This function i...

Page 43: ...ion and set the appropriate configuration for the DHCP server The fields with red asterisks are required to be filled in DHCP Scope Enter the Start IP Address and the End IP Address of this DHCP block These fields define the IP address range that will be assigned to the Wireless LAN clients Preferred DNS Server The primary DNS server for the DHCP Alternate DNS Server The substitute DNS server for ...

Page 44: ...related Reserved IP Address MAC and some description not mandatory Click Apply to complete the setup 3 Enable DHCP Relay If enabling this function is desired other DHCP Server IP address must be specified See the following figure WDS configuration This function can extend the range of accessing the network It has to work with a repeater A repeater is a peripheral device supporting PLANET WSG 404 t...

Page 45: ...3 2 User Authentication This section includes the following functions Authentication Configuration Black List Configuration Policy Configuration Guest User Configuration and Additional Configuration 3 2 1 Authentication Configuration This function is to configure the settings for 802 1x authentication authentication server and on demand user authentication ...

Page 46: ... to set the related configurations After completing and clicking Apply to save the settings go back to the previous page to check the item box next to 802 1x Authentication Configuration to enable this function When using 802 1x authentications the RADIUS attributes such as idle timeout or session timeout have no effect 1 802 1x Enable the 802 1x authentication method The fields with red asterisks...

Page 47: ...ies to select from 2 WPA x 802 1x Enable the supported WPA Enterprise Wireless Protection Access with 802 1x Authentication Server IP The IP address or domain name of the Authentication server Authentication Port The port of the authentication server The default value is 1812 Secret Key The secret key of the authentication sever for encryption and decryption Accounting Server IP The IP address or ...

Page 48: ...ote After clicking Apply there will be a restart message You must click Restart to apply the settings Authentication Server Configuration The system provides 3 servers and one on demand server that the administrator can apply with different policy Click on the server name to set the related configurations for that particular server After completing and clicking Apply to save the settings go back t...

Page 49: ... underline _ and dot with a maximum of 40 characters all other letters are not allowed Note The Policy Name cannot contain these words MAC and IP Black List There are 5 sets of the black lists Select one of them or choose None Please refer to 4 2 2 Black List Configuration Authentication Methods There are 5 authentication methods Local POP3 RADIUS LDAP and NT Domain to configure from Select the de...

Page 50: ...Receipt Header 1 and Receipt Header 2 for the receipt s header Enter receipt header message or use the default Receipt Footer Enter receipt footer message here or use the default Printer Baud Rate Select the desired transmission baud rate The default value is 9600 Monetary Unit Select the desired monetary unit Policy Name Select a policy for the on demand user WLAN ESSID Enter the ESSID of the AP ...

Page 51: ...On demand Users List detailed information will be documented here By default the On demand user database is empty Upload User Click this to enter the Upload User interface Click the Browse button to select the text file for the user account upload Then click Submit to complete the upload process ...

Page 52: ... case Example1 For Session Length type The Type must be written as TIME Set Status must be set as 0 Set Session Length in seconds Activation Deadline must be in the format of yyyy mm dd hh mm ss Set Validity Duration as 1 and give a Plan that s already been generated and enabled from Billing Configuration page Provide a price in any monetary unit defined in On demand User Server Configuration page...

Page 53: ...e on demand user Password The login password of the on demand user Remaining Time Volume The total time Volume that the user can use currently Status The status of the account Normal indicates that the account is not in use and not overdue Online indicates that the account is in use and not overdue Expire indicates that the account is overdue and cannot be used Expiration Time The expiration time ...

Page 54: ... volume allowed is 9 999 999 Mbyte or Time the maximum days allowed is 999 days Expiration time This is the duration of time that the account has to be activated after generation of the account If the account is not activated during this duration the account will self expire Valid Duration This is the duration of time that the user can use the Internet after activation of the account After this du...

Page 55: ...On demand User Click this to enter the On demand User Generate page Pressing the Create button for the desired rule an On demand user will be created then click Printout to print a receipt that will contain this on demand user s information ...

Page 56: ... On demand users Summary report page Administrator can get a complete report or a report of a particular period Report All Click this to get a complete report including all the on demand records This report shows the total expenses and individual accounting of each plan for all plans available ...

Page 57: ...ireless Subscriber Gateway 57 Search Select a time period to get a period report The report tells the total expenses and individual accounting of each plan for all plans available for that period of time ...

Page 58: ...ccess using their credit cards Before the Credit Card and related functions can be managed appropriately PLANET WSG 404 requires the merchant owners to have a valid Authorize Net www authorize net account since Authorize Net is the on line payment gateway that PLANET WSG 404 supports now Please see Appendix B The Configuration on Authorize Net to setup an Aurthourize Net account and other necessar...

Page 59: ...t Gateway verifies the URL specified in the post string against the URLs in this field Verify SSL Certificate Secure Sockets Layer a protocol developed by Netscape for transmitting private documents via the Internet SSL uses a cryptographic system that uses two keys to encrypt data a public key known to everyone and a private or secret key known only to the recipient of the message Both Netscape N...

Page 60: ...de 60 Click Submit to send out this transaction There will be a confirm dialog box showing up Check the data again and the click OK to go on the transaction or click Cancel to revise the data or cancel this transaction ...

Page 61: ... OK there will be another dialog box showing up to confirm this transaction again Click OK to complete the process or click Cancel to revise the data or cancel this transaction Click OK to complete the transaction and a welcome screen will show up ...

Page 62: ...n responses need to be encrypted by the Payment Gateway enter and confirm a MD5 Hash Value and select a reactive mode The MD5 Hash security feature enables merchants to verify that the results of a transaction or transaction response received by their server were actually sent from the Payment Gateway ...

Page 63: ...se 10 plans are the plans in Billing Configuration and desired plan can be enabled Client s Purchasing Record Invoice Number An invoice number may be provided as additional information against a transaction This is a reference field that may contain any format of information Description Narrative text entered by a user to describe the nature of a transaction Email Header Enter the information that...

Page 64: ... be entered in the format of MMYY For example an expiration date of July 2005 should be entered as 0705 Card Type This value indicates the level of match between the Card Code entered on a transaction and the value that is on file with a customer s credit card company A code and narrative description are provided indicating the results returned by the processor Card Code The three or four digit co...

Page 65: ... State A state is associated with both the billing and shipping address of a transaction This may be entered as either a two character abbreviation or the full text name of the state Zip The ZIP code represents the five or nine digit postal code associated with the billing or shipping address of a transaction This may be entered as five digits nine digits or five digits and four digits Country The...

Page 66: ...ocal User Setting Click the hyperlink for further configuration Edit Local User List Click this to enter the Local User List screen Add User Click the hyperlink of Add User to enter the Add User interface Fill in the necessary information such as Username Password MAC optional and Remark optional Then select a desired Policy and click Apply to complete adding the user or users ...

Page 67: ...Wireless Subscriber Gateway 67 Input the users and enter the necessary information ...

Page 68: ...oad Then click Submit to complete the upload process The uploading file should be a text file and the format of each line is ID Password MAC Policy Remark without the quotes There must be no spaces between the fields and commas The MAC field could be omitted but the trailing comma must be retained When adding user accounts by uploading a file the existing accounts in the embedded database will not...

Page 69: ...s Subscriber Gateway 69 Download User Click this to enter the Users List page and the system will directly show a list of all created user accounts Click Download to create a txt file and then save it on disk ...

Page 70: ...ted Del All This will delete all the users at once Delete This will delete the users individually Edit User If editing the content of individual user account is desired click the username of the desired user account to enter the Edit User Interface for that particular user and then modify or add any desired information such as Username Password MAC optional and Remark optional Then click Apply to ...

Page 71: ...e pull down menu will become POP3 Setting Click the hyperlink for further configuration Enter the related information for the primary server and or the secondary server the secondary server is not required The blanks with red star are necessary information These settings will become effective immediately after clicking the Apply button ...

Page 72: ... Port given by the ISP The default value is 100 Enable SSL Connection If this option is enabled the POP3 protocol will perform the authentication 3 2 1 3 Authentication Method RADIUS Choose Radius in the Authentication Method field the hyperlink beside the pull down menu will become Radius Setting ...

Page 73: ...on These settings will become effective immediately after clicking the Apply button 802 1X Authentication Enable this function and the hyperlink of Radius Client List will appear Click the hyperlink to get into the Radius Client Configuration list for further configuration In the Radius Client Configuration table the clients which are using 802 1X as the authentication method shall be put into thi...

Page 74: ...thentication Port Enter the authentication port of the RADIUS server and the default value is 1812 Accounting Port Enter the accounting port of the RADIUS server and the default value is 1813 Secret Key Enter the key for encryption and decryption Accounting Service Select this to enable or disable the Accounting Service for accounting capabilities Authentication Protocol There are two methods CHAP...

Page 75: ...ome effective immediately after clicking the Apply button Server IP Enter the IP address or domain name of the LDAP server Port Enter the Port of the LDAP server and the default value is 389 Base DN Enter the distinguished name of the LDAP server Account Attribute Enter the account attribute of the LDAP server 3 2 1 5 Authentication Method NTDomain Choose NTDomain in the Authentication Method fiel...

Page 76: ...y when they log into the Windows domain 3 2 2 Black List Configuration The administrator can add delete or edit the black list for user access control Each black list can include 40 users at most If a user in the black list wants to log into the system the user s access will be denied The administrator can use the pull down menu to select the desired black list Select Black List There are 5 lists ...

Page 77: ...Wireless Subscriber Gateway 77 After entering the usernames in the Username blanks and the related information in the Remark blank not required Click Apply to add the users ...

Page 78: ...elect the user s Delete check box and then click the Delete button to remove that user from the black list 3 2 3 Policy Configuration Every Policy has three profiles Firewall Profile Specific Route Profile and Schedule Profile as well as one Bandwidth setting for that policy ...

Page 79: ... rule status will show on the list Check Active to enable that rule Rule Item This is the rule selected Rule Name The rule name can be changed here Enable this Rule After checking this function the rule will be enabled Action There are two options Block and Pass Block is to prevent packets from passing and Pass is to permit packets passing Protocol There are three protocols to select TCP UDP and I...

Page 80: ... the source and destination subnet masks Source Destination Start End Port Enter the range of source and destination ports Specific Route Profile Click the hyperlink of Setting for Specific Route Profile the Specific Route Profile list will appear Profile Name The profile name can be changed here IP Address The destination IP address of the host or the network Subnet Netmask Select a destination s...

Page 81: ...le list Select Enable to show the list This function is used to restrict the time the users can log in Please enable disable the desired time slot and click Apply to save the settings These settings will become effective immediately after clicking the Apply button Bandwidth Choose one bandwidth limit for that particular policy ...

Page 82: ...ield for that guest account Guest accounts with blank password will not be activated Policy Select one policy to apply to Session Length This restricts the connection time of the guest users The default session length is 6 hours and the available session time ranges from 1 to 12 hours or unlimited Idle Timer If a guest user has been idled with no network activities at all the system will automatic...

Page 83: ...logs into the system a small window will appear to show the user s information and there is a logout button for users to logout If enabled When the users try to close the small window there will be a new popup window to confirm the action in case the users close the login succeed page by accident Internet Connection Detection Enter a specific URL or IP address and PLANET WSG 404 will try to detect...

Page 84: ...o complete the upload process Click Use Default Certificate to use the default certificate and key 2 Login Page The administrator can use the default login page or get the customized login page by setting the template page uploading the page or downloading from the specific website After finishing the setting click Preview to see the login page a Choose Default Page to use the default login page ...

Page 85: ...Wireless Subscriber Gateway 85 b Choose Template Page to make a customized login page here Click Select to pick up a color and then fill in all of the blanks Click Preview to see the result first ...

Page 86: ...load new login page Click the Browse button to select the file for the login page upload Then click Submit to complete the upload process After the upload process is completed the new login page can be previewed by clicking Preview button at the bottom ...

Page 87: ...ter or browse the filename of the images to upload in the Upload Images field on the Upload Images Files page and then click Submit The system will show the used space and the maximum size of the image file of 512K If the administrator wishes to restore the factory default of the login page click the Use Default Page button to restore it to default After the image file is uploaded the file name wi...

Page 88: ...l server After the agreement shown on the page is read users are asked whether they agree or disagree with the disclaimer By clicking I agree users are able to log in If users choose to decline they will get a popup window saying they are unable to log in The basic design is to have the disclaimer and login function in the same page but with the login function hidden until users agree with the dis...

Page 89: ...ber Gateway 89 If user checks I agree and clicks Next then he she is prompted to fill in the login name and password If user checks I disagree and clicks Next a window will pop up to tell user that he she cannot log in ...

Page 90: ...er the website address in the External Page Setting field and then click Apply The External Page prepared to be loaded here needs to have the following code as well to let the system work properly After applying the setting the new login page can be previewed by clicking Preview button at the bottom of this page ...

Page 91: ... defined login user interface can be previewed by clicking Preview at the bottom of this page If want to restore the factory default setting of the logout interface click the Use Default Page button 4 Login Succeed Page The administrator can use the default login succeed page or get the customized login succeed page by setting the template page uploading the page or downloading from the specific w...

Page 92: ...e Click Select to pick up a color and then fill in all of the blanks Click Preview to see the result first c Choose Uploaded Page and upload the login succeed page Click the Browse button to select the file for the login succeed page upload Then click Submit to complete the upload process ...

Page 93: ...d the file name will show on the Existing Image Files field Check the file and click Delete to delete the file d Choose the External Page selection and get the login succeed page from the specific website Enter the website address in the External Page Setting field and then click Apply After applying the setting the new login succeed page can be previewed by clicking Preview button at the bottom o...

Page 94: ...age to use the default login succeed page for On Demand b Choose Template Page to make a customized login succeed page for On Demand here Click Select to pick up a color and then fill in all of the blanks Click Preview to see the result first ...

Page 95: ...ottom If the user defined login succeed page for On Demand includes an image file the image file path in the HTML code must be the image file to be uploaded Enter or browse the filename of the images to upload in the Upload Images field on the Upload Images Files page and then click Submit The system will show the used space and the maximum size of the image file of 512K If the administrator wishe...

Page 96: ...e Setting field and then click Apply After applying the setting the new login succeed page for On Demand can be previewed by clicking Preview button at the bottom of this page 6 Logout Succeed Page The administrator can use the default logout succeed page or get the customized login succeed page by setting the template page uploading the page or downloading from the specific website After finishin...

Page 97: ...out succeed page here Click Select to pick up a color and then fill in all of the blanks Click Preview to see the result first c Choose Uploaded Page and click the Browse button to select the file for the logout succeed page upload Then click Submit to complete the upload process ...

Page 98: ...sed space and the maximum size of the image file of 512K If the administrator wishes to restore the factory default of the login succeed page click the Use Default Page button to restore it to default After the image file is uploaded the file name will show on the Existing Image Files field Check the file and click Delete to delete the file d Choose the External Page selection and get the logout s...

Page 99: ...rs log into the network with their usernames and passwords the users will receive a welcome mail from PLANET WSG 404 The administrator can edit the contents Enhance User Authentication With this function only the users with their MAC addresses in this list can log into PLANET WSG 404 However user authentication is still required for these users Please enter the MAC Address to fill in these MAC add...

Page 100: ...he following functions Network Address Translation Privilege List Monitor IP List Walled Garden List Proxy Server Properties and Dynamic DNS 3 3 1 Network Address Translate There are three parts Static Assignment Public Accessible Server and Port and Redirect need to be set ...

Page 101: ...o the computer specified in the Static Assignment list if it does not otherwise have a rule for how to forward traffic on a given port There are 40 sets of static Internal IP Address and External IP Address available These static IP addresses can be set to the any host which itself needs a static IP address to access the network through WAN port These settings will become effective immediately aft...

Page 102: ...k can access the servers in the managed network Please enter the External Service Port Local Server IP Address and Local Server Port According to the different services provided the network service can use the TCP protocol or the UDP protocol In the Enable column check the desired server to enable These settings will become effective immediately after clicking the Apply button ...

Page 103: ...to a destination IP address listed here the connection packet will be converted and redirected to the corresponding destination Please enter the IP Address and Port of Destination and the IP Address and Port of Translated to Destination According to the different services provided choose the TCP protocol or the UDP protocol These settings will become effective immediately after clicking Apply ...

Page 104: ...network without authentication enter the IP addresses of these workstations in this list The Remark blank is not necessary but is useful to keep track PLANET WSG 404 allows 100 privilege IP addresses at most These settings will become effective immediately after clicking Apply Note Permitting specific IP addresses to have network access rights without going through standard authentication process ...

Page 105: ...cific MAC addresses to have network access rights without going through standard authentication process at the Public LAN LAN1 LAN2 may cause security problems 3 3 3 Monitor IP Configuration PLANET WSG 404 will send out a packet periodically to monitor the connection status of the IP addresses on the list If the monitored IP address does not respond the system will send an e mail to notify the adm...

Page 106: ...ceiver s e mail Interval The time interval to send the e mail report SMTP Server The IP address of the SMTP server Auth Method The system provides four authentication methods Plain Login CRAM MD5 and NTLMv1 or None to use none of the above Depending on which authentication method selected enter the Account Name Password and Domain Send Test Email To test the settings correct or not Monitor IP Addr...

Page 107: ...n and authentication Up to 20 addresses or domain names of the websites can be defined in this list Users without the network access right can still have a chance to experience the actual network service free of charge Please enter the website IP Address or Domain Name in the list and these settings will become effective immediately after clicking Apply ...

Page 108: ... no be able to reach the login page and thus unable to access the network If there is a match the end users will be directed to the system first for authentication After a successful authentication the end users will be redirected back to the desired proxy servers depending on various situations Internal Proxy Server PLANET WSG 404 has a built in proxy server If this function is enabled the end us...

Page 109: ...is activated at WAN port this function will also update the newest IP address regularly to the DNS server These settings will become effective immediately after clicking Apply DDNS Enabling or disabling of this function Provider Select the DNS provider Host name The IP address domain name of the WAN port Username E mail The register ID username or e mail for the DNS provider Password Key The regis...

Page 110: ...n The administrator can access all configuration pages of the PLANET WSG 404 User Name admin Password admin Manager The manager can only access the configuration pages under User Authentication to manage the user accounts but has no permission to change the settings of the profiles for Firewall Specific Route and Schedule User Name manager Password manager Operator The operator can only access the...

Page 111: ...er the current password and then enter the new password twice to verify Click Apply to activate this new password Note If the administrator s password is lost the administrator s password still can be changed through the text mode management interface on the serial port console printer port ...

Page 112: ...up Current System Setting Click Backup to create a db database backup file and save it on disk Restore System Setting Click Browse to search for a db database backup file created by PLANET WSG 404 and click Restore to restore to the same settings at the time the backup file was created Resetting to the Factory Default configuration Click Reset to load the factory default settings of PLANET WSG 404...

Page 113: ...ation before upgrading the firmware 2 Please restart the system after upgrading the firmware Do not power on off the system during the upgrade or the restart process It may damage the system and cause it to malfunction 3 4 4 Restart This function allows the administrator to safely restart PLANET WSG 404 and the process should take about three minutes Click YES to restart PLANET WSG 404 click NO to...

Page 114: ...ncludes System Status Interface Status Current Users Traffic History and Notification Configuration to provide system status information and online user status 3 5 1 System Status This section provides an overview of the system for the administrator ...

Page 115: ...connection at WAN is normal or abnormal Internet Connection Detection and all online users are allowed disallowed to log in the network Remote Management IP The IP or IPs that is allowed for accessing the management interface Management SNMP Enabled disabled stands for the current status of the SNMP management function Retained Days The maximum number of days for the system to retain the users inf...

Page 116: ...iption MAC Address The MAC address of the WAN port IP Address The IP address of the WAN port WAN Subnet Mask The Subnet Mask of the WAN port Operation Mode The mode of the wireless port MAC Address The MAC address of the wireless port IP Address The IP address of the wireless port Subnet Mask The Subnet Mask of the wireless port SSID The ESSID of the wireless port Wireless Channel The assigned Cha...

Page 117: ...us Enable disable stands for status of the DHCP server on the LAN1 LAN2 WINS IP Address The WINS server IP on DHCP server N A means that it is not configured Start IP Address The start IP address of the DHCP IP range End IP address The end IP address of the DHCP IP range LAN1 LAN2 DHCP Server Lease Time Minutes of the lease time of the IP address Mode The mode of the LAN3 LAN4 MAC Address The MAC ...

Page 118: ...to log out Click the hyperlink of Logout next to the online user s name to logout that particular user Click Refresh to renew the current users list 3 5 4 Traffic History This function is used to check the history of PLANET WSG 404 The history of each day will be saved separately in the DRAM for 3 days Note Since the history is saved in the DRAM if you need to restart the system and also keep the ...

Page 119: ... As shown in the following figure each line is a traffic history record consisting of 9 fields Date Type Name IP MAC Pkts In Bytes In Pkts Out and Bytes Out of user activities On demand User Log As shown in the following figure each line is a on demand user log record consisting of 13 fields Date System Name Type Name IP MAC Pkts In Bytes In Pkts Out Bytes Out Expiretime Validtime and Remark of us...

Page 120: ... interval to send the e mail report SMTP Server The IP address of the SMTP server Auth Method The system provides four authentication methods PLAIN LOGIN CRAM MD5 and NTLMv1 or NONE to use none of the above Depending on which authentication method selected enter the Account Name Password and Domain NTLMv1 is not currently available for general use PLAIN and CRAM MD5 are standardized authentication...

Page 121: ...e settings correct or not Syslog Server It specifies the IP and Port of the Syslog server 3 6 Help On the screen the Help button is on the upper right corner Click Help to the Online Help window and then click the hyperlink of the items to get the information ...

Page 122: ...nect to the console port of PLANET WSG 404 a console modem cable and a terminal simulation program such as the Hyper Terminal are needed 2 If a Hyper Terminal is used please set the parameters as 9600 8 n 1 Note The main console is a menu driven text interface with dialog boxes Please use arrow keys on the keyboard to browse the menu and press the Enter key to make selection or confirm what you en...

Page 123: ...ging The console interface provides several utilities to assist the Administrator to check the system conditions and to debug any problems The utilities are described as follow Ping host IP By sending ICMP echo request to a specified host and wait for the response to test the network status Trace routing path Trace and inquire the routing path to a specific target Display interface settings It dis...

Page 124: ...odem the system also supports the SSH online connection for the setup When using a null modem to connect to the system console we do not need to enter administrator s password to enter the console management interface But connecting the system by SSH we have to enter the username and password The username is admin and the default password is also admin which is the same as for the web management i...

Page 125: ...ures for configurations on Authorize Net Note A payment gateway Paypal will be supported in the future 1 Setting Up 1 1Open Accounts As shown in the above figure four elements are needed to begin an on line business Element Description E COMMERCE WEB SITE PLANET WSG 404 has built in web pages to present to end users to use credit cards INTERNET MERCHANT ACCOUNT A type of bank account that allows a...

Page 126: ...n Key To get a new key please log in Authorize Net Click Settings and Profile Go to the Security section Click Obtain Transaction Key Enter Secret Answer Click Submit Payment Gateway URL https secure authorize net gateway transact dll default payment gateway MD5 Hash To enhance the transaction security merchant owner can choose to enable this function and enter a value in the text box MD5 Hash Val...

Page 127: ...c Maintenance In order to maintain the operation merchant owners will have to manage the accounts and transactions via Authorize Net as well as PLANET WSG 404 2 1Void A Transaction and Remove the On demand Account Generate on PLANET WSG 404 Sometimes a transaction may need to be canceled as well as the related user account on PLANET WSG 404 before it has been settled with the bank a To void an uns...

Page 128: ...number Click Show Itemized Order Information in the Order Information section Username and Password can be found in the Item Description 2 4Send An Email Receipt to A Customer If a valid email address is provided PLANET WSG 404 will automatically send the customer an email receipt for each successful transaction via Authorize Net To change the information on the receipt for customer please log in ...

Page 129: ...to Client s Purchasing Record section Check the Reset box A location specific ID for example Hotspot A can be used as the first part of Invoice Number Confirm and click Apply b Please log in Authorize Net Click Search and Download Specify the transaction period or ALL Settled Unsettled in Settlement Date section Go to Transaction section Enter the first part of invoice number plus an asterisk char...

Page 130: ...chitecture and using some proxy servers provided by Internet Service Providers In Hot spots users usually enable their proxy setting of the browsers such as IE and Firefox Therefore so we need to set some proxy configuration in the Gateway need to be set Please follow the steps to complete the proxy configuration 1 Login Gateway by using admin 2 Click the Network Configuration from top menu and th...

Page 131: ... Subscriber Gateway 131 3 Click the Proxy Server Properties from left menu and the homepage of the Proxy Server Properties will appear 4 Add the ISP s proxy Server IP and Port into External Proxy Server Setting ...

Page 132: ...WSG 404 User Guide 132 5 Enable Built in Proxy Server in Internal Proxy Server Setting 6 Click Apply to save the settings ...

Page 133: ...rises network managers or MIS staff may often ask their users to enable their proxy setting of the browsers such as IE and Firefox to reduce the internet access loading Therefore some proxy configurations in the Gateway need to be set Note Some enterprises will automatically redirect packets to proxy server by using core switch or Layer 7 devices By the way the clients don t need to enable their b...

Page 134: ...figuration Gateway setting 1 Login Gateway by using admin 2 Click the Network Configuration from top menu and the homepage of the Network Configuration will appear 3 Click the Proxy Server Properties from left menu and the homepage of the Proxy Server Properties will appear ...

Page 135: ...Wireless Subscriber Gateway 135 4 Add your proxy Server IP and Port into External Proxy Server Setting 5 Disable Built in Proxy Server in Internal Proxy Server Setting ...

Page 136: ...ver is down Please make sure your proxy server is always available Client setting It is necessary for clients to add default gateway IP address into proxy exception information so the user login successful page can show up normally 1 Use command ipconfig to get Default Gateway IP Address 2 Open browser to add default gateway IP address e g 192 168 1 254 and logout page IP address 1 1 1 1 into prox...

Page 137: ...Wireless Subscriber Gateway 137 For firefox ...

Page 138: ...ase note that the blue part is for the login feature the red part is the disclaimer and the green part can be modified freely by administrators to suit the situation better Now the default is set to I disagree with the disclaimer Administrators can change the purple part to set agree as the default or set no default These codes should be saved in local storage with a name followed by html such as ...

Page 139: ...a return strRtn function DecodeCookie str var strArr var strRtn strArr str split a for var i strArr length 1 i 0 i strRtn String fromCharCode eval strArr i return strRtn function MM_swapImgRestore v3 0 var i x a document MM_sr for i 0 a i a length x a i x oSrc i x src x oSrc function MM_preloadImages v3 0 var d document if d images if d MM_p d MM_p new Array var i j d MM_p length a MM_preloadImage...

Page 140: ...Id x d getElementById n return x function MM_swapImage v3 0 var i j 0 x a MM_swapImage arguments document MM_sr new Array for i 0 i a length 2 i 3 if x MM_findObj a i null document MM_sr j x if x oSrc x oSrc x src x src a i 2 function init form id getCookie username if id id null form myusername value id disclaimer style display login style display none function Before_Submit form if form myuserna...

Page 141: ...turn false else disableButton true return true return true function reminder_onclick form Reminder myusername value form myusername value Reminder mypassword value form mypassword value Reminder submit function cancel_onclick form form reset function check_agree form if form selection 1 checked true alert You disagree with the disclaimer therefore you will NOT be able to log in return false discla...

Page 142: ... valign middle div align center class style5 Service Disclaimer div td tr tr td height 260 align center valign middle table width 370 height 260 border 0 align center tr td textarea name textarea cols 50 rows 15 align center readonly We may collect and store the following personal information E mail address physical contact information credit card numbers and transactional information based on you...

Page 143: ...s in response to a verified request relating to a criminal investigation or alleged illegal activity In such events we will disclose name city state telephone number email address User ID history and fraud complaints xxxxx participants under confidentiality agreement as we in our sole discretion believe necessary or appropriate in connection with an investigation of fraud intellectual property inf...

Page 144: ...cy we do not promise and you should not expect that your personal information or private communications will always remain private By agreeing above I hereby authorize xxxxx to process my service charge s by way of my credit card textarea td tr table td tr tr td height 40 table width 170 height 20 border 0 align center cellpadding 2 tr td align left input name selection value 1 type radio td td sp...

Page 145: ...vascript if Before_Submit Enter Enter submit onMouseOut MM_swapImgRestore onMouseOver MM_swapImage Image3 images submit0 gif 1 img src images submit gif name Image3 width 124 height 38 border 0 a a onclick cancel_onclick Enter onMouseOut MM_swapImgRestore onMouseOver MM_swapImage Image5 images clear0 gif 1 img src images clear1 gif name Image5 width 124 height 38 border 0 a a onclick javascript if...

Page 146: ...lick here to purchase by Credit Card Online a script font td tr table div form form action reminder shtml method post name Reminder input type hidden name myusername value input type hidden name mypassword value form br div align center table tr td width 100 font color 808080 size 2 script language JavaScript document write copyright script font td tr table div body html ...

Reviews: