background image

 

 

195 

 

 

Configure operator Group profile

 

Group allowed SZ and Map can be configured here. 

 

In this configuration page, administrator can specify which Service Zone and Map are allowed to be accessed by the 

operator that belongs to this Group. This feature allows the administrator to create multi-level privilege accounts with 

flexibility to meet the deployment and management needs. 

 

When an operator logs into the system with a created account, he will only be able to access the Service Zone 

profiles checked in the Group profile he belongs to and he can only see the Map and only the APs marked on the 

checked Maps in the managed AP list. 

 

 

 

 

 

 

 

Содержание WHG-311

Страница 1: ...LevelOne Secure WLAN Controller WHG 311 315 401 505 515 707 User Manual...

Страница 2: ...rademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners About 4ipnet The LevelOne Secure WLAN Controller series is powered by...

Страница 3: ...wing measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the r...

Страница 4: ...Accessing Web Management Interface 29 4 2 Home Page 31 4 2 1 Setup Wizard 32 4 2 2 Quick Links 33 4 2 3 System Overview 34 4 2 4 Main Menu 35 4 2 5 Online Help 36 5 Initial Network Setup 37 5 1 Networ...

Страница 5: ...Template 128 9 3 AP Discovery 131 9 3 1 AP Background Discovery 133 9 4 Manually add AP 134 9 5 AP with Service Zone 135 9 6 AP Security 137 9 7 Change managed AP settings 138 9 8 AP Operations from...

Страница 6: ...ogin Users 208 13 1 7 Session List 209 13 1 8 User Logs 210 13 1 9 Local User Monthly Network Usage 212 13 1 10 Logs 213 13 1 11 DHCP Lease 214 13 2 Notification 215 13 2 1 SMTP Settings 216 13 2 2 SY...

Страница 7: ...ateway Roaming 267 Appendix A Certificate Settings for IE6 and IE7 269 Appendix B Network Configuration on PC User Login 278 Appendix C Policy Priority 291 Appendix D RADIUS Accounting 292 Appendix E...

Страница 8: ...ler quickly It is recommended to start with the QIG and then refer to this manual for further details Some special topics are addressed separately in the Appendixes 1 2 Document Conventions Indicates...

Страница 9: ...000 6000 10000 15000 On demand Accounts 3000 4000 5000 6000 10000 15000 Managed AP Capacity Local Wide Combined 30 50 150 200 250 500 LevelOne AP Model EAP 110 EAP 200 EAP 300 EAP 110 EAP 200 EAP 300...

Страница 10: ...en when power supply is on Status Status LED is Blue Blinking indicates that system OS is booting up when lit up constantly indicates that the system is ready for operation Quick Restore This is used...

Страница 11: ...ion reserved for future release 3 LED Displays Power Power LED lights up as constant green when power supply is on Status Status LED is Blue Blinking indicates that system OS is booting up when lit up...

Страница 12: ...LED on front panel will start to blink before restarting the system Press and hold the Reset button for more than 10 seconds and status of LED on the front panel will start to speed up blinking befor...

Страница 13: ...f LED on front panel will start to blink before restarting the system Press and hold the Reset button for more than 10 seconds and status of LED on the front panel will start to speed up blinking befo...

Страница 14: ...The system can be configured via a serial console port The administrator can use a terminal emulation program such as Microsoft s Hyper Terminal to login to the configuration console interface to cha...

Страница 15: ...use 7 Console The system can be configured via a serial console port The administrator can use a terminal emulation program such as Microsoft s Hyper Terminal to login to the configuration console in...

Страница 16: ...ration changes such as WAN settings and admin password then refer to this manual later when you want to configure the system for specific application needs The recommended general steps for the config...

Страница 17: ...e other end of the Ethernet cable to an xDSL cable modem or a switch hub of an internal network The LED of this port should be on to indicate a proper connection Connect an Ethernet cable to a LAN Por...

Страница 18: ...roper connection 2 4 3 WHG 401 Package Installation Package Checklist The standard package of WHG 401 includes WHG 401 x 1 CD ROM with User s Manual and QIG x 1 Quick Installation Guide QIG x 1 RS 232...

Страница 19: ...ld be on to indicate a proper connection 3 Connect an Ethernet cable to the WAN1 Port on the front panel Connect the other end of the Ethernet cable to an xDSL cable modem or a switch hub of an intern...

Страница 20: ...t the other end of the Ethernet cable to an AP for extending wireless coverage a switch for connecting more wired clients or directly to a client PC The LED of port should be on to indicate a proper c...

Страница 21: ...for extending wireless coverage a switch for connecting more wired clients or a client PC The LED of this port should be on to indicate a proper connection Start with this simple network topology to...

Страница 22: ...etwork planning and to manipulate the configurations of WHG Controller to suit his own specific application It is sufficient for most of administrators to use the default configuration with minor WAN...

Страница 23: ...rvice Zone is uniquely defined by a VLAN tag id under Tag Based and an associated SSID attribute When a managed access point MAP is added to a Service Zone through WHG Controller s AP Management featu...

Страница 24: ...ple relationship of Service Zone Group and Policy The following Figure depicts an example using WHG Controller in managing network internet access in an academic campus environment Imagine the network...

Страница 25: ...25 WHG Controller in a Business Headquarter WHG Controller in a Hotel Capable of integrating with DSLAM and PMS...

Страница 26: ...s control profile of the Service Zone such as authentication security feature wireless encryption method traffic control and etc There are nine Service Zone profiles in total Default Service Zone and...

Страница 27: ...Based mode each LAN port will serve traffics from different Service Zones a VLAN switch or VLAN AP is required to take care of the VLAN tags carried within the message frames An example of network ap...

Страница 28: ...ng on model For overlay AP deployment WHG Controllers establish a secure tunnel between the managed AP and Controller Certain AP models with additional Ethernet ports can also provide wired network se...

Страница 29: ...168 1 254 If you are connected to a Mgmt port WHG 401 WHG 505 WHG 515 please enter the mgmt port IP address 172 30 0 1 Step4 Enter the default administrator account and password admin to login Once lo...

Страница 30: ...irst time if WHG Controller is not using a trusted SSL certificate there will be a Certificate Error because the browser treats WHG Controller as an illegal website Please press Continue to this websi...

Страница 31: ...31 4 2 Home Page Home page lists four buttons Setup Wizard Quick Links System Overview and Main Menu respectively Each button will be described in detail in the following section...

Страница 32: ...change the system admin password select time zone configure WAN1 interface and create local user account optional Upon completing the Setup Wizard procedures the system needs to be restarted to have t...

Страница 33: ...tors to directly access frequently used functions of the web management interface The eight functional links are System Status Local User Management Policy Management AP Management Online User List On...

Страница 34: ...system related information that the administrator might need to be aware of at a glance which includes General System settings Network Interface and Online Users etc A drop down menu is available for...

Страница 35: ...on the Web Management Interface allowing you to set various networking parameters enable and customize network services manage user accounts and monitor user status Administration functions are separa...

Страница 36: ...ne Help The Help button is at the upper right corner of the WHG Controller display screen Click Help for the Online Help window and then click the hyperlink of the relevant information required Online...

Страница 37: ...which are normally linked up to different routers or modems leading to ISP A gateway needs one WAN port only but if you want dual homing or dual uplink to add reliability and throughput the second WAN...

Страница 38: ...The substitute DNS server used by the system This is an optional field Dynamic It is only applicable for the network environment where the DHCP server is available on the upstream network Click the Re...

Страница 39: ...Select Static to specify the IP address of the PPTP Client manually or select DHCP to get the IP address automatically PPTP Server IP Address Specify your ISP s PPTP server IP address Username The use...

Страница 40: ...TCP connection over PPPoE will consume additional overhead out of each packet At least 40 bytes are used for the address Hence MSS must be smaller than MTU by at least 40 Dial on demand function unde...

Страница 41: ...1 until WAN1 link is up again and vice versa This feature is not available to be used concurrently with Load Balancing WAN Connection Detection The system will periodically check to see if the Interne...

Страница 42: ...determined by the number of LAN ports on the Controller Trusted Port When a LAN port is selected clients under this port will not require authentication regardless of the settings in the correspondin...

Страница 43: ...tion When enabled network traffic will be isolated by VLAN tag which means that inter VLAN devices are segregated from each other Please note that this check option is not available for WHG 311 and WH...

Страница 44: ...sources within the Service Zone will be controlled based on the access control profile of the Service Zone such as authentication security feature wireless encryption method traffic control and etc Th...

Страница 45: ...interface and to some degree provide protection from possible attacks from LAN clients DHCP Pool Displays the DHCP pool range configured for this service zone VLAN Tag Tag Base only The VLAN tag numb...

Страница 46: ...HG Controller in Port Based mode must be Layer 2 switches only Multi subnet network environment On the other hand if the internal network is a Multi subnets network environment Tag Based model will sa...

Страница 47: ...rt Base Only Select Enable Auth Required or Disable When the option is Enabled clients under different LAN ports cannot ping each other When the option is Disabled clients under different LAN ports ca...

Страница 48: ...address and select the preferred Subnet Mask Operation mode check the Enable box and click Apply button to activate the settings DHCP Server From the drop down menu DHCP server for this particular se...

Страница 49: ...at if WINS server is applicable to this service zone Lease Time This is the time period that the IP addresses issued from the DHCP server are valid and available Ignore Client Name When enabled the sy...

Страница 50: ...tection When Enabled whenever the Service Zone s built in DHCP server receives a DHCP request it will automatically bind the MAC address with an IP address permanently This means that once all the IP...

Страница 51: ...t from a WISPr agent iPass WiFi Skype Boingo and etc to access your internet Make sure to Enable the HTTPS Protected Login field under System General in order for roaming software on the client s devi...

Страница 52: ...External Interface Select the external interface of the device that will be configured with an IPv6 address Type Choose the desired way of your IPv6 connection Static Manually enter all the related I...

Страница 53: ...mask Default Router The default router that routes packets from IPv6 to IPv4 network Preferred DNS Server The primary DNS server used for this connection Alternate DNS Server The substitute DNS serve...

Страница 54: ...ccounts for instance employee accounts while On demand database is ideal for generating temporary accounts for guest usage External User Database System supports 4 types of external user databases POP...

Страница 55: ...tim TaipeiRadius when multiple options are concurrently in use One of authentication option can be assigned as default For authentication assigned as default the postfix can be omitted For example if...

Страница 56: ...postfix for on demand users Currency Select the desired monetary unit or specify other unit in the input field Group Name Select the desired group for on demand user WLAN ESSID The administrator can...

Страница 57: ...ount expires it will remain on the ondemand account list for a certain amount of time The number of days to retain an expired ondemand account can be specified here Delete All Expired Accounts A click...

Страница 58: ...l information that will appear at the bottom of the receipt Preview Click Preview button the ticket will be shown including the information of username and password with the selected background Print...

Страница 59: ...a given time period by logging in for the first time Ideal for short term usage For example in coffee shops airport terminals etc Only deducts quota while using however the count down to Expiration T...

Страница 60: ...ota depleted Quota is the total period of time xx days yy hrs zz mins during which On demand users are allowed to access the network The total maximum quota is 364Days 23hrs 59mins 59secs even after r...

Страница 61: ...61...

Страница 62: ...ample Unit 2 days Cut off Time 13 00 then account will expire on 13 00 two days later Grace Period is an additional short period of time after the account is cut off that allows user to continue to us...

Страница 63: ...Mbytes 1 1000000 during which On demand users are allowed to access the network Account Activation is the time period for which the user must execute a first login Failure to do so in the time period...

Страница 64: ...g internet service immediately after account creation throughout a specific period of time Begin Time is the time that the account will be activated for use It is set to account creation time Elapsed...

Страница 65: ...te ticket set to be Cut off on 23 00 If an account of this kind is created after the Cut off Time the account will automatically expire Begin Time is the time that the account will be activated for us...

Страница 66: ...h as Computex where each registered participant will get an internet account valid from 8 00 AM Jun 1 to 5 00 PM Jun 5 created in batch like coupons Begin Time is the time that the account will be act...

Страница 67: ...67...

Страница 68: ...for merchants to set up an external payment gateway to accept payments in order to provide wireless access service to end customers who wish to pay for the service on line The four options are Author...

Страница 69: ...y the setting to activate the plan The printer used by Print is a pre configured printer connected to the administrator s computer Plan The number of the specific plan Account Type The account type ch...

Страница 70: ...ed and related information is also provided Search Enter a keyword of a username or reference to be searched in the text filed and click this button to perform the search All usernames or reference ma...

Страница 71: ...lid any more even there is remaining quota to be used o Out of Quota the account has exceeded the quota limit o Redeemed the account has been applied for account renewal Delete All This will delete al...

Страница 72: ...f account Time account must redeem with Time account Volume account must redeem with Volume account only When the remaining quota is insufficient the user can add up the quota by purchasing an additio...

Страница 73: ...d and applied here it tells the Controller that the accounts on the selected black list should be denied authentication Group The Group profile that will govern the users authenticated via this authen...

Страница 74: ...74 Item Description External RADIUS Server Related Settings 802 1X Authentication Enable Disable 802 1X authentications for users authenticating through this...

Страница 75: ...external RADIUS server if the external RADIUS server needs this Accounting Delay Time This attribute indicates how many seconds the client has been trying to send this record for and can be subtracted...

Страница 76: ...tributes associated with a session This is possible through RADIUS DM CoA messages Administrator can specify the white list of devices that the Controller deem as authentic message source Devices conf...

Страница 77: ...t if not present the following attributes will be required Redirection URL URL of Start page Billing Class Of Service Text string used to indicate service used for the visitor access Session Terminate...

Страница 78: ...Name Configurable text string designated as the mnemonic name of this authentication option Postfix Is the text string entered as a postfix in the account field for notifying the Controller which aut...

Страница 79: ...ord MAC Address optional Applied Group optional Enable Local VPN optional and Remark optional Click Apply to complete the modification Add User Click this button to enter into the Adding User s to the...

Страница 80: ...database that will be used for account validation when an authentication request is received Click the button Configure for further configuration Enter the information for the primary server and or th...

Страница 81: ...the text string entered as a postfix in the account field for notifying the Controller which authentication database this account belongs to Black List System has built in black list profiles where sp...

Страница 82: ...e of this authentication option Postfix Is the text string entered as a postfix in the account field for notifying the Controller which authentication database this account belongs to Black List Syste...

Страница 83: ...ransparent login mode however it requires support from Windows Server need to install additional logon script on Windows Server 6 1 7 Configuring SIP SIP Session Initiation Protocol is a protocol for...

Страница 84: ...gure Dynamic Domain Name Service go to Users Authentication SIP SIP SIP authentication supports 4 Trusted SIP Registrar IP Address The IP address of the Trusted SIP Registrar Remark The administrator...

Страница 85: ...eed for authentication for that Service Zone Go to Main Menu System Service Zones Disabling the need to authenticate means that all users accessing the network via this Service Zone will not need to b...

Страница 86: ...users of this service zone will be disconnected and request to re authenticate Once you have enabled the need to authenticate for a Service Zone which types of authentication servers allowed can be co...

Страница 87: ...users belonging to a certain Group profile may be allowed to access many Service Zones and be govern by different policies under different Service Zone depending on how the network administrator setup...

Страница 88: ...figure Group settings go to Users Group This section shows how to group users how to rule each grouped user with different policy as he moves to different service zone The following examples will help...

Страница 89: ...each authentication option you can assign a Group with each authentication option All users login with same authentication server will belong to same Group But there are some exceptions In Local Auth...

Страница 90: ...le the above figure shows that users in Group 1 can access network services via every Service Zone as well as Remote VPN under constraints of Policy 1 Policy Select a Policy that the Group will be app...

Страница 91: ...91 At Service Zone 1 Group 1 user is ruled by Policy 3 Group 2 is by Policy 9 and Group 3 is by Policy 11 Other Groups are not enabled to access Service Zone 1...

Страница 92: ...led of each individual Group to assign it to the Service Zone listed o Policy Select a Policy that the Group will be applied with when accessing this Service Zone o To Zone Permission Configuration Cl...

Страница 93: ...nging to this Group The Individual Maximum Downlink cannot exceed the value of Group Total Downlink o Individual Request Downlink Defines the guaranteed minimum downlink bandwidth allowed for an indiv...

Страница 94: ...ror because the browser treats WHG Controller as an illegal website b Please press Continue to this website to continue c The default user login page will appear in the browser 2 Enter the username an...

Страница 95: ...ing quota 3 Successful The Login Successful page appearing means you are connected to the network and Internet now Note When On demand accounts are used the system will display more information as sho...

Страница 96: ...adius when multiple options are concurrently in use One of authentication option can be assigned as default For authentication assigned as default the postfix can be omitted For example if BostonLdap...

Страница 97: ...hentication database is LDAP the Attribute Group Mapping function will be available to allow the administrator to assign a Group for LDAP attribute therefore a Policy applied to this Group will be map...

Страница 98: ...rofile Specific Route Profile Schedule Profile and Maximum Concurrent Sessions Firewall Profile Each Policy has a firewall service list and a set of firewall profile consisting of firewall rules Speci...

Страница 99: ...affics from the internal network passing WAN ports DoS Protection allows the administrator to select which type of attack to block by clicking the Enable checkbox Firewall Profile Policy 1 Policy 2 an...

Страница 100: ...or just use the Predefined Service Protocols you will need to enable the Firewall Rule to apply these protocols o Firewall Rules Click the number of Filter Rule No to edit individual rules and click...

Страница 101: ...rted but Domain name filtering is not o Source Destination Subnet Mask Select the source and destination subnet masks o Source MAC Address The MAC Address of the source IP address This is for specific...

Страница 102: ...ules Output Global Policy Only This configuration page is for administrators to configure firewall rules which will be enforced from the systems perspective to filter outgoing traffics passing through...

Страница 103: ...103...

Страница 104: ...ed and applied o Destination Subnet Netmask The subnet mask of the destination network Select 255 255 255 255 32 if the destination is a single host o Gateway IP Address The IP address of the gateway...

Страница 105: ...configuration page Select Enable to show the Permitted Login Hours list This function is used to limit the time when clients can log in Check the desired time slots checkbox and click Apply to save t...

Страница 106: ...ted port privileged users and clients in DMZ zones Also this can be specified in the other policies to apply to the authenticated users When the number of a user s sessions reaches the session limit t...

Страница 107: ...ly the MAC addresses listed are allowed to access this service zone wirelessly Denied means that the MAC addresses listed are not allowed to access this service zone wirelessly Each MAC entry can also...

Страница 108: ...server Click Add User s button to fill in usernames postfix not required When enforced on an authentication server accounts in the black list will be denied authentication and network access Privileg...

Страница 109: ...nting privileges to just IP addresses administrator could also specify IP and MAC address sets in this Privilege IP Address List It is more secure to specify both the IP and MAC address of a privilege...

Страница 110: ...s Controller allows specific privilege MAC addresses at most When manually creating the list enter the MAC address the format is xx xx xx xx xx xx as well as the remark not necessary These settings wi...

Страница 111: ...peration Session Log The system can record connection details of each user accessing the Internet called session log The log data can be sent out to a specified SYSLOG Server Email Box or FTP Server b...

Страница 112: ...MAC 00 09 6b cd 83 8c SIP 10 1 1 37 SPort 1628 DIP 203 125 164 142 DPort 80 Jul 20 12 35 06 2009 New user1 local TCP MAC 00 09 6b cd 83 8c SIP 10 1 1 37 SPort 1629 DIP 203 125 164 142 DPort 80 Jul 20...

Страница 113: ...HTTP Secure by means of Secure Socket Layer SSL or Transport Layer Security TLS encrypts and decrypts user page requests as well as the pages that are returned by the Web server This function will pr...

Страница 114: ...domain name Configure Certificate go to Users Additional Control Certificate Upload Certificate A data record used for authenticating network entities such as a server or a client A certificate conta...

Страница 115: ...115 Click Continue to this website to access the user login page To Use Default Certificate Click Use Default Certificate to use the default certificate and key Click restart to validate the changes...

Страница 116: ...websites listed here before login and authentication Specific addresses or domain names of the websites can be defined in this list Users without the network access right can still have a chance to e...

Страница 117: ...ent websites listed before login and authentication Advertisement hyperlinks are displayed on the user s login page Clients who click on it will be redirected to the listed advertisement websites Edit...

Страница 118: ...118...

Страница 119: ...ce Zones When enabled the system will automatically send an email to users if they attempt to send receive their emails using POP3 email program for example Microsoft Outlook before they are authentic...

Страница 120: ...user logged in successfully user s web browser will be redirected to the specified URL as set in the test box such as http www google com regardless of the original homepage set in their computers Wh...

Страница 121: ...e Idle Timer go to Users Additional Control If a user has idled with no network activities the system will automatically kick out the user The logout timer can be set between 1 1440 minutes and the de...

Страница 122: ...tiple Login Configure Idle Timer go to Users Additional Control When enabled a user can log in from different computers with the same account This function doesn t support On demand users and RADIUS a...

Страница 123: ...lege go to Users Group Privilege Privilege Profile o Change Password Privilege When Change Password Privilege is enabled the authenticated users within this Group are allowed to change their password...

Страница 124: ...ection presents basic examples for configuring the proxy server settings of WHG CONTROLLER Using Internet Proxy Server The first scenario is that a proxy server is placed outside the LAN environment o...

Страница 125: ...g diagram shows that a proxy server of an organization in the DMZ will be used Follow the following steps to complete the proxy configuration Step 1 Log in the system by using the admin account Step 2...

Страница 126: ...126 9 Local Area AP Management All of the supported APs under management of the system will be shown in this table and listed by different AP type...

Страница 127: ...eeds more than one AP to service a lot of clients places like franchised hotspots multiple offices school campuses etc where in many of these environments it is required to cover both indoor and outdo...

Страница 128: ...igured AP to the template Select the desired AP from Copy Setting s From list and click apply to copy the selected AP s configuration to the template If copy is not desired please select NONE then cli...

Страница 129: ...are editing there are different modes to select 802 11a 802 11b 802 11g 802 11a 802 11n 802 11b 802 11g and 802 11g 802 11n Data Rate The default is set to Auto Available range is from 1 to 54Mbps Th...

Страница 130: ...essed with higher priority Fragment Threshold Breaking a packet into smaller units when transmitting over a network medium that cannot support the original size of the packet Set the maximum packet si...

Страница 131: ...dresses of the APs he she wishes to discover Or the alternative is to reset the AP to default setting for discovery To discover AP AP Type Choose the type of AP you wish to discover Interface Select w...

Страница 132: ...AP Name Mnemonic name of the specific AP configurable Admin Password Password required for this AP configurable Template Administrator can select a template profile which will be applied to the added...

Страница 133: ...covery When Background AP Discovery function is enabled the system will scan once every 10 minutes or according to the time set by the administrator If any AP is discovered and Auto Adding AP to the L...

Страница 134: ...of the AP and select a Template After clicking Add the AP will be added to the managed list AP Type The model type of the AP for adding to the List AP Name Mnemonic name of the specific AP Admin Pass...

Страница 135: ...ly discovered AP is added into the service zone Under tag based service zone only default service zone will designate an IP segment for IP address assignment to the managed AP when the newly discovere...

Страница 136: ...listed in this list can be allowed to connect to the AP on the other hand when the status is Denied the clients whose MAC addresses are listed in the list will be denied to connect to the AP When Disa...

Страница 137: ...tion WEP When Authentication is Open System or Share Key WEP will be enabled WPA When Authentication is WPA WPA PSK or WPA RADIUS will be the options of WPA For WPA PSK it also can select Passphrase o...

Страница 138: ...shown in the list The AP can be edited by clicking the hyperlink of AP Name and the AP status can be reviewed by clicking the hyperlink of Status AP Name Click AP Name and enter the interface about r...

Страница 139: ...nk to enter the LAN Setting interface Administrator can revise the AP s LAN IP settings including IP address Subnet Mask and Default Gateway of AP Wireless LAN Click the link to enter the Wireless int...

Страница 140: ...ame AP Type LAN Interface MAC address Wireless Interface MAC address Report Time SSID and Number of Associated Clients AP Status Details include System Status LAN Status Wireless LAN Status Associated...

Страница 141: ...Points Enter Local Area AP Management List 9 8 1 Reboot Enable Disable and Delete the AP Select any AP by checking the checkbox and then click the button below to Reboot Enable Disable Delete Apply Te...

Страница 142: ...142 9 8 2 Apply Template Select any AP by check the checkbox and then click Apply Template select one template to apply to the AP...

Страница 143: ...will have two VAPs with two SSIDs according to two Service Zones for clients to associate If a user connected to one SSID for example SSID3 of this AP and wishing to access the Internet then this use...

Страница 144: ...k Browse to select the file and then click Upload Configure Firmware upgrade go to Access Points Enter Local Area AP Management Upgrade List The uploaded firmware will be listed here File Name The nam...

Страница 145: ...associated WDS Tree WDS Update Update the WDS connection with the following operations Add Add a new WDS connection with a Child AP not in the WDS and a Parent AP from the AP List A new WDS Tree will...

Страница 146: ...el Encryption and found time 1 Setup the Detection Interval Configure Detection Interval go to Access Points Rogue AP Detection General Configuration Input a Detection Interval if you input 0 it will...

Страница 147: ...managed AP to the Trust List Configure Trust AP List go to Access Points Rogue AP Detection Trusted AP Configuration After the AP detection is finished All of the non managed AP will show in the List...

Страница 148: ...ances other APs in the same group are still below the threshold the balancing function will be activated to decrease the overloading APs transmit power and increase other available APs transmit power...

Страница 149: ...ancing function 2 Configure the Loading of Threshold of each Group Configure Group Configuration go to Access Points AP Load Balancing Group Configuration You can choose the Loading Threshold of each...

Страница 150: ...o any of the Load Balancing Group so the Device List will list all of the managed AP Select the APs chose a Group and click Apply The APs will join into this group If the overloading is happened you c...

Страница 151: ...s at various physical locations and keeping track of these devices Under Wide Area AP management you can choose to simply monitor AP s status via SNMP or logically incorporate LevelOne APs into the WH...

Страница 152: ...specified range will not be listed after discovery Login ID Password Fill in the Login ID and Password of the target AP s management interface this will allow the administrator to remotely configure t...

Страница 153: ...s Point to the management list Simply configure the devices IP address name and login credentials set a SNMP community string and click the Add button Device Type The device type of Wide Area APs Devi...

Страница 154: ...t this AP is only being monitored via SNMP If you wish to create a tunnel between this AP and the WHG Controller click the Edit button to proceed with necessary configurations In the AP s tunnel confi...

Страница 155: ...ministrator can click Edit and re enter the Tunnel Status page to assign a Service Zone to this tunnel managed AP VAP status will display all the enabled VAP on the remote EAP 200 with their respectiv...

Страница 156: ...lists to List icon Check and Manage List of third Party AP go to Access Points Enter Wide Area AP Management List Manage this third party AP from the Type Lists Edit its AP Attribute and Administrati...

Страница 157: ...then these APs can be tagged or marked on the Google Map API to show its geographical location as shown below Procedure to create a Map Step 1 Get a Public IP Address from your ISP and configure this...

Страница 158: ...get a key from Google Go to http code google com intl en apis maps documentation javascript v2 or search for Google Map API to enter the Google code page Click on Sign up for a Google Maps API key Cli...

Страница 159: ...ll open for configuration please fill in a Map Name for this map and its geographical location as defined by Longitude and Latitude remember to also fill in the Key issued by Google Finally choose the...

Страница 160: ...is particular AP Link 1 Link 3 is for configuring a http link that will show up in the dialogue box on the map for referencing additional information related to this AP for instance the IP address of...

Страница 161: ...e physical coordinates configured as shown below You can click on the AP icon to see the dialogue box for additional information or links that you have configured Click the more info link for informat...

Страница 162: ...162 AP status Client List and WDS List information listed are collected from the remote AP via SNMP...

Страница 163: ...ve Modification This function is for saving the changes made to the map and overwriting the maps profile attributes For instance if you have altered or panned the original map clicking this button wil...

Страница 164: ...e related links and customize marker or icon images that will be displayed on the map Edit Tunnel Status Only applicable to EAP 200 APs Click this button to setup a secure tunnel between the WHG Contr...

Страница 165: ...ministrator PC or in the WHG Controller s memory Upgrade Clicking this button will open a popup window where administrator can upgrade the chosen AP s firmware using a firmware file store locally in a...

Страница 166: ...ea AP Management go to Access Points Enter Wide Area AP Management WDS List The WDS link if established between APs listed in List will be listed here with related information such as the Band and Cha...

Страница 167: ...ea AP Management Backup Config Backed up Config files can be used to restore an AP s settings in List When administrator backups an AP s configuration settings all the backup files are listed at the B...

Страница 168: ...nt Firmware The WHG Controller can store AP s firmware in its built in memory Under the Firmware tab page administrator can upload new AP firmware to the WHG Controller s memory allowing for easy remo...

Страница 169: ...file selected here Template This configuration item allows the administrator to specify which of the VAP profiles on the AP are allowed DTF Distributed Traffic Forwarding once it is discovered and man...

Страница 170: ...if WAN1 Interface is Dynamic When Automatic WAN IP Assignments is enabled the entered Internal IP Address of Automatic WAN IP Assignment will be bound with WAN1 interface Each Static Assignment could...

Страница 171: ...ese servers within the managed network Different virtual servers can be configured for different sets of physical services such as TCP and UDP services in general Enter the External Service Port Local...

Страница 172: ...be performed through WHG CONTROLLER IP PNP When IP PNP is enabled a PC with a static IP address can still access the network even the system enables built in DHCP server No TCP IP reconfiguration is n...

Страница 173: ...Network DNS Cache The administrator could statically assign Domain Name to IP mappings for all clients connected to the WHG Controller s LAN network This feature can be used to redirect clients to pr...

Страница 174: ...WHG Controller s WAN If the dynamic DHCP is activated at the WAN port it will update the IP address of the DNS server periodically These settings will become effective immediately after clicking Apply...

Страница 175: ...irection purpose When the user attempts to connect to a destination IP address listed here the connection packet will be converted and redirected to the corresponding destination Please enter the IP A...

Страница 176: ...kets both uses broadcast and multicast AUTH AUTH Allows the authenticating of RIP neighbors The authentication method none means that no authentication is used for RIP and it is the default method The...

Страница 177: ...been administratively grouped together Area 0 known as the backbone area resides at the top level of the hierarchy and provides connectivity to the non backbone areas numbered 1 2 Stub Area Are areas...

Страница 178: ...ntity Title NET The NET is used just like an IP address to uniquely identify a router on the inter network Circuit Type Level 1 systems route within an area when the destination is outside an area the...

Страница 179: ...neral 12 1 1 NTP NTP Network Time Protocol communication protocol can be used to synchronize the system time with remote time server Please specify the local time zone and the IP address of at least o...

Страница 180: ...180 12 1 2 Manual Settings The time can also be manually configured by selecting Manually set up and then entering the date and time in these fields...

Страница 181: ...r is using a computer with the IP address range of 10 2 3 0 24 he or she can access the web management page Another example is 10 0 0 3 if an administrator is using a computer with the IP address of 1...

Страница 182: ...rator s computer or a billing system to get billing history information of WHG CONTROLLER with the predefined URLs The file name format is yyyy mm dd An example is provided as follows Traffic History...

Страница 183: ...183 12 4 SNMP Configure SNMP go to System General If this function is enabled the SNMP Management IP and the Community can be assigned to access the SNMP Configuration List of the system...

Страница 184: ...profiles of Firewall Specific Route and Schedule User Name manager Password manager Operator The operator can only access the configuration page of Create On demand User to create new on demand user a...

Страница 185: ...tem Settings Click Backup to create a db database backup file and save it on disk Restore System Settings Click Browse to search for a db database backup file created by WHG CONTROLLER and click Resto...

Страница 186: ...wards to activate the new firmware FTP firmware upgrade is also an option enter the FTP server IP address FTP server port and the FTP account name and password and lastly specify the complete firmware...

Страница 187: ...ely three minutes Click YES to restart WHG CONTROLLER click NO to go back to the previous screen If the power needs to be turned off it is highly recommended to restart WHG CONTROLLER first and then t...

Страница 188: ...188 12 9 Network Utility Configure Network Utility go to Utilities Network Utilities The system provides some network utilities to help administrators manage the network easily...

Страница 189: ...ng It allows administrator to detect a device using IPv6 address or Host domain name to see if it is alive or not Trace Route 6 It allows administrator to find out the real path of packets from the ga...

Страница 190: ...hat it manages in its private network Administrator can sign certificates issues by the system s root CA and load these certificates to managed APs These APs will be used in verifying the identity and...

Страница 191: ...ertificates generated by the system The created root CA will be displayed in the table below Signing Certificates with System Root CA When a root CA has been created the Create Root CA option in the d...

Страница 192: ...cate or Trusted CA Apart from self signed certificate and system s root CA administrators can also upload other certificates signed by other CA entities or Trusted CAs into the system Select Upload Ce...

Страница 193: ...r account it does not have the permission to change the settings of the profiles of Firewall Specific Route and Schedule User Name manager Password manager Operator The operator can only access the co...

Страница 194: ...pplied to this operator account each Group profile can specify which SZ this account can access and the Maps that this operator can access Administrator can enter the desired user account name and pas...

Страница 195: ...longs to this Group This feature allows the administrator to create multi level privilege accounts with flexibility to meet the deployment and management needs When an operator logs into the system wi...

Страница 196: ...the setting Monitoring 3 rd Party AP go to Network Monitor IP If you are using 3 rd party AP you can use Monitor IP function to monitor the AP connection status Because WHG CONTROLLER can not manage...

Страница 197: ...oxes Please use arrow keys on the keyboard to browse the menu and press the Enter key to make selection or confirm what you enter 3 Once the console port of WHG CONTROLLER is connected properly the co...

Страница 198: ...administrator is unable to use Web Management Interface via browser for the system failed inexplicitly The administrator can choose this utility and set it into safe mode which enables him to manage t...

Страница 199: ...nsole management interface and set the administrator s password again Although it does not require a username and password for the connection via the serial port the same management interface can be a...

Страница 200: ...ts 13 1 View the Status This section includes System Status Interface Status Hardware Routing Table Online Users Session List User Logs Logs DHCP Lease and E mail Syslog to provide system status infor...

Страница 201: ...201 13 1 1 System Status View System Status go to Status System This section provides an overview of the system for the administrator...

Страница 202: ...s are allowed disallowed to log in the network WAN Failover Enabled Disabled stands for the function currently being used or not Load Balancing Enabled Disabled stands for the function currently being...

Страница 203: ...203 13 1 2 Interface Status View Interface Status go to Status Interface This section provides an overview of the interface for the administrator including WAN1 WAN2 SZ Default SZ1 SZ8...

Страница 204: ...e day Displays traffic information of the day in a table Traffic of the month Displays traffic information of the in a table Traffic of the top 10 Shows the top 10 traffic of the day records Service Z...

Страница 205: ...205 13 1 3 HW View Hardware Status go to Status HW This tab page displays the system s hardware usage information...

Страница 206: ...Policy 1 n Shows the information of the individual Policy from 1 to n Global Policy Shows the information of the Global Policy System Shows the information of the system administration Destination Th...

Страница 207: ...user account name IP Address The IP address of this user MAC Address The MAC address of this user Pkts In Out Number of packets received sent by this user Bytes In Out Number of Bytes received sent by...

Страница 208: ...address from the system s DHCP server but have not yet been authenticated This feature is designed for administrators to keep track of systems resources from being exhausted The list shows the client...

Страница 209: ...ist This page allows the administrator to inspect sessions currently established between a client and the system Each result displays the IP and Port values of the Source and Destination You may defin...

Страница 210: ...for limited time frame please manually copy and save the traffic history information for backup purpose If the Receiver E mail Address es has been entered under the Notification Configuration page th...

Страница 211: ...sisting of 14 fields Date Type Name NSID NASIP NASPort UserMAC SessionID SessionTime Bytes in Bytes Out Pkts In Pkts Out and Message of user activities Roaming In User Log As shown in the following fi...

Страница 212: ...System Name Connection Time Usage Packets In Bytes In Packets Out and Bytes Out of user activities o Username Username of the local user account o Connection Time Usage The total time used by the use...

Страница 213: ...make back up manually System Log This page displays system related logs for event tracing Web Log This page shows which of the web pages have been accessed on the Controllers built in web server UAMD...

Страница 214: ...the number under column 3 indicated the lease count in the last 30 minutes hours days and so on Statistics of expired list IP leased to clients that have expired in the Last 10 Minutes Hours and Days...

Страница 215: ...to SYSLOG Settings Allows the configuration of two external SYSLOG servers where selected users logs as well as system logs will be sent to FTP Settings Allows the configuration of an external FTP Ser...

Страница 216: ...Plain Login CRAM MD5 and NTLMv1 or None to use none of the above Depending on which authentication method selected enter the Account Name Password and Domain o NTLMv1 is not currently available for g...

Страница 217: ...ddress and port number of the external SYSLOG server System Log This controls the enabling disabling of the SYSLOG logging feature When enabled the selected logs from Notification Settings will be sen...

Страница 218: ...on Specify the IP address and port number of your FTP server If your FTP needs authentication enter the Username and Password The Send Test Log radio button can be used to send a test log for testing...

Страница 219: ...sen time Interval Sending Logs to E mail The following log types can be sent to E mail addresses configured in SMTP Settings Monitor IP Report Users Log On demand Users Log Session Log The numbers 1 t...

Страница 220: ...ers Log On demand Users Log Session Log Hardware Log HTTP Web Log and DHCP Server Log Click the desired log type and select the time interval for sending log Detail Clicking this radio button allows t...

Страница 221: ...Report Click the desired log type and select the time interval for sending log Detail Clicking this radio button allows the specification of the FTP server folder where the logs sent will be stored on...

Страница 222: ...It can show the total DHCP Lease number of all Service Zone and each Service Zone Item Select the type of report you wish to see Available report types are CPU Loading CPU Temperature Memory Usage Net...

Страница 223: ...ion difficulty from IPSec VPN users At the client side the IPSec VPN implementation of the system is based on ActiveX and the built in IPSec VPN client of Windows OS ActiveX Component The ActiveX is a...

Страница 224: ...ICMP Ping and PORT command of FTP can not work in Windows XP SP2 The forced termination through CTRL ALT DEL Task Manager of the Internet Explorer will stop the running of ActiveX It causes that IPSec...

Страница 225: ...ent computer Once Windows service is resumed go through the login process again 2 Termination of the Internet Explorer Task from Windows Task Manager Do NOT terminate this VPN task of Internet Explore...

Страница 226: ...top 2 How to remove ActiveX component in client s computer ANS Uninstall and delete ActiveX component Close all Internet Explorer windows Open a command prompt window and type the commands as follows...

Страница 227: ...re look like the settings in Service Zone It also can setup the SIP WAN Interface Authentication Options Group Permission Applied Policy and customizable Login Page After Remote VPN is enabled when yo...

Страница 228: ...tunnel to each other over the WAN network For example if there are 2 WHG CONTROLLER you can create a VPN tunnel to let a subnet of one WHG CONTROLLER to access the subnet of another WHG CONTROLLER Fir...

Страница 229: ...68 111 0 24 of WHG CONTROLLER_B after the tunnel is created the users within these two subnets can reach each other You can create more than one VPN tunnel but the IP segment mapping can not be overla...

Страница 230: ...logout pages for each service zone that can be customized by administrators Go to System Configuration Service Zone Configure Authentication Settings Custom Pages Click the button of Configure the se...

Страница 231: ...nated website After finishing the setting click Preview to see the login page Custom Pages Login Page Default Page Choose Default Page to use the default login page Custom Pages Login Page Template Pa...

Страница 232: ...232 Custom Pages Login Page Uploaded Page Choose Uploaded Page and upload a login page to the built in HTTP server...

Страница 233: ...tton to select the file to upload Then click Submit to complete the upload process Next enter or browse the filename of the images to upload in the Upload Images field on the Upload Images Files page...

Страница 234: ...nated website In the External Page Setting enter the URL of the external login page and then click Apply After applying the setting the new login page can be previewed by clicking Preview button at th...

Страница 235: ...instructions for more details Note The different part is the HTML code of the user defined logout interface must include the following HTML code that the user can enter the username and password After...

Страница 236: ...l login page configured Gateway while redirecting users to the external web page will also send URL parameters required for the operation for instance user authentication Therefore each self defined e...

Страница 237: ...o get remaining quota vlanid Integer 1 4094 VLAN ID gwip IP format Gateway activated WAN IP address client_ip IP format Client IP address umac MAC format separated by Client MAC address session String...

Страница 238: ...clear type button value Clear FORM The following shows the corresponding self defined javascript function used to parse the loginurl parameter function getVarFromURL url name if name url return name n...

Страница 239: ...ession String Encrypted session information include client IP address MAC address date and return URL External Login Successful Page Variables Field Value Description Uid String User ID postfix is inc...

Страница 240: ...n link rate Req_uplink Integer b s Minimum up link rate Req_downlink Integer b s Minimum down link rate next_page String Client redirection URL CLASS String RADUIS CLASS attribute Only available for R...

Страница 241: ...g or open a website to get a Cookie Invalid IP address Please check the IP address and try again Invalid MAC address Please check the MAC address and try again Sorry your account is not usable because...

Страница 242: ...nd password and try again Cannot identify the policy for your account BR Please contact your network administrator User of this device the MAC address is not allowed to use this account BR Please cont...

Страница 243: ...er s quota of time type byteamount Integer byte On demand user s quota of volume type idletimeout Integer Sec Idle timeout logouturl String URL encoded Logout URL redeemurl String URL encoded Redeem U...

Страница 244: ...244 External Logout Fail Page Variables Field Value Description Uid String User ID Gwip IP format Gateway activated WAN IP address Vlanid Integer 1 4094 VLAN ID...

Страница 245: ...sword session Optional String Encoded string which contains some information of this session default is taken from cookie Output No output redirect user to login successful page User Logout Path LAN I...

Страница 246: ...no ret_url is presented client would be redirected to pop_reminder shtml page which shows remaining quota in our UI style If ret_url is presented client would be redirected to ret_url and gateway wou...

Страница 247: ...pw Required String Old password Npw Required String New password Npwc Required String Confirmed new password ret_url Required String URL encoded Return URL Output Client would be redirected to ret_url...

Страница 248: ...o ret_url is presented client would be redirected to login successful page and in addition a JavaScript window would pop up and show the result If ret_url is presented client would be redirected to re...

Страница 249: ...r this number is to prevent quick click issue in IE 6 0 ret_url Optional String URL encoded Return URL Output If no ret_url is presented the client would be redirected to a ticket page in our UI style...

Страница 250: ...250 price duration serial number number is account s n...

Страница 251: ...ngs System General Disclaimer Page Go to System Service Zone Service Zone Configuration Disclaimer Page Disclaimer Pages Login Page The administrator can use the default disclaimer page or get the cus...

Страница 252: ...252...

Страница 253: ...sed by Authorize Net to authenticate transactions Payment Gateway URL This is the default website address to post all transaction data Verify SSL Certificate This is to help protect the system from ac...

Страница 254: ...igured in Billing Plans page and all previously enabled plans can be further enabled or disabled here as needed o Client s Purchasing Record o Starting Invoice Number An invoice number may be provided...

Страница 255: ...ormat of MMYY For example an expiration date of July September 2009 should be entered as 0709 o Card Type This value indicates the level of match between the Card Code entered on a transaction and the...

Страница 256: ...address of a transaction This may be entered as either a two character abbreviation or the full text name of the state o Zip The ZIP code represents the five or nine digit postal code associated with...

Страница 257: ...Pal account to continue PayPal Payment Page Configuration External Payment Gateway PayPal Payment Page Configuration Business Account The Login ID an email address that is associated with the PayPal B...

Страница 258: ...ent Page Remark Content Client s Purchasing Record Invoice Number An invoice number may be provided as additional information against a transaction This is a reference field that may contain any kind...

Страница 259: ...ave a valid SecurePay Merchant Account from its official website Payment Page Configuration Merchant ID The ID that is associated with the Business Account Password This is the key used by Secure Pay...

Страница 260: ...tandard payment gateway services as well as add or edit the service disclaimer content here SecurePay Payment Page Billing Configuration These 10 plans are the plans in Billing Configuration and the d...

Страница 261: ...The default website of posting all transaction data Currency The currency to be used for the payment transactions Service Disclaimer Content View the service agreement and fees for the standard payme...

Страница 262: ...to the Merchant Interface Login url www rbsworldpay com support index php page login c WW Select Business Gateway Formerly WorldPay Click Merchant Interface Username user2009 Password user2009 STEP Se...

Страница 263: ...lect the Save Changes button STEP Input Installation ID and Payment Gateway URL in gateway UI Installation ID 2009test URL https select wp3 rbsworldpay com wcc purchase Note The WAN IP of gateway must...

Страница 264: ...to select the text file for uploading user accounts then click Upload to complete the upload process When uploading a file any format error or duplicated username will terminate the uploading process...

Страница 265: ...tion to create a txt file with all current user account information and then save it on disk Restore Accounts After the current user accounts have backup you can restore all these accounts to another...

Страница 266: ...l be available to define the authorized device with IP address Subnet Mask and Secret Key Click the hyperlink Roaming Out 802 1x Client Device Settings to enter the Roaming Out 802 1x Client Device Se...

Страница 267: ...at are connected to the Master node Master AP their users can only roam with the Master node Master Node Master node can roam with many slave nodes Contains 15 entries where network administrator can...

Страница 268: ...268...

Страница 269: ...lished certificate authority To avoid the error message in the browser a company should have its own Certificate Authority CA The IT department must therefore install the SSL certificate for each norm...

Страница 270: ...e to the WHG CONTROLLER In some circumstance the company without Certificate Authority may follow the steps stated below to avoid error message When in the LAN environment of the office instead of a w...

Страница 271: ...IE7 the following steps may be taken to provide a workaround or to bypass the issue 1 Open the IE7 browser and you will be redirected to the default login page If the certificate is not trusted the f...

Страница 272: ...trusted certificate to solve the IE7 certificate issue please follow the instructions stated below 1 When the User Login page appears click Certificate Error at the top 2 Click View Certificate 3 Clic...

Страница 273: ...273 4 Select root certification and then click View Certificate 5 Click Install Certificate...

Страница 274: ...274 6 Click Next 7 Select Automatically select the certificate store based on the type of certificate and then click Next...

Страница 275: ...275 8 Click Finish...

Страница 276: ...276 9 Click Yes 10 Click OK 11 Launch a new IE7 browser The certificate is now trusted via IE7 according to the key symbol shown at top next to the address field...

Страница 277: ...the following information provides the step to take when the certificate publisher is not trusted by IE6 1 Open an IE6 browser the Security Alert message will be appeared if the certificate is not tru...

Страница 278: ...PC After WHG CONTROLLER is installed the following configurations must be set up on the PC Internet Connection Setup and TCP IP Network Setup Internet Connection Setup Windows 9x 2000 1 Choose Start C...

Страница 279: ...nually or I want to connect through a local Area network LAN and then click Next 4 Choose I connect through a local area network LAN and then click Next 5 DO NOT choose any option in the following LAN...

Страница 280: ...280 6 Choose No and then click Next 7 Finally click Finish to exit the Internet Connection Wizard Now the set up is completed Windows XP 1 Choose Start Control Panel Internet Option...

Страница 281: ...281 2 Choose the Connections tab and then click Setup 3 When the Welcome to the New Connection Wizard window appears click Next 4 Choose Connect to the Internet and then click Next...

Страница 282: ...Set up my connection manually and then click Next 6 Choose Connect using a broadband connection that is always on and then click Next 7 Finally click Finish to exit the Connection Wizard Now the setup...

Страница 283: ...PC If the Windows operating system is not a server version the default settings of the TCP IP will regard the PC as a DHCP client and this function is called Obtain an IP address automatically If che...

Страница 284: ...fic IP Address If you want to use a specific IP address acquire the following information from the network administrator the IP Address Subnet Mask and DNS Server address provided by your ISP and the...

Страница 285: ...and click Add Then click OK 4 3 Click on DNS Configuration tab If the DNS Server field is empty select Enable DNS and enter DNS Server address Click Add and then click OK to complete the configuratio...

Страница 286: ...IP and then click Properties Now you can choose to use DHCP or a specific IP address 4 Using DHCP If you want to use DHCP choose Obtain an IP address automatically and then click OK This is also the...

Страница 287: ...ely please inform the network administrator before proceeding to the following steps 5 1 Choose Use the following IP address and enter the IP address Subnet mask If the DNS Server field is empty selec...

Страница 288: ...o the IP Settings tab click OK to complete the configuration Check the TCP IP Setup of Window XP 1 Select Start Control Panel Network Connection 2 Right click on the Local Area Connection icon and sel...

Страница 289: ...following information from the network administrator the IP Address Subnet Mask and DNS Server address provided by your ISP and the Gateway address of WHG CONTROLLER If your PC has been set up comple...

Страница 290: ...Add below the Default gateways column and the TCP IP Gateway Address window will appear 5 4 Enter the gateway address of WHG CONTROLLER in the Gateway field and then click Add After back to the IP Set...

Страница 291: ...p2 If Group1 in Service Zone1 can be applied Policy1 Then user01 login to Service Zone1 will get Policy1 This is a common case for users that can assign Group individually o For Local RADIUS and LDAP...

Страница 292: ...in this example the Vendor ID of LevelOne is 31932 There must have other attribute to define the amount of traffic with Attribute Number and Attribute Value Attribute Name Attribute Number Attribute V...

Страница 293: ...or remotely from other PC Step 1 Assume there are already have users in RADIUS Server Assume there are already have Groups and assigned users to belong these Groups in RADIUS Server Assume there are...

Страница 294: ...te Add a new Vendor specific attribute Step 4 Add a new attribute under Vendor specific Set Vendor Code 31932 Set it conforms to the RADIUS RFC Configure Attribute Set Vendor assigned attribute number...

Страница 295: ...295 Step 5 Confirm the Vendor specific Attribute has been added success Step 6 Follow the same steps to create other Vendor specific Attribute as you need...

Страница 296: ...S server for example use Putty to access the Linux Host Step 1 Assume there are already have users in RADIUS Server Assume there are already have Groups and assigned users to belong these Groups in RA...

Страница 297: ...tated in Section 2 with same format Step 5 Edit the file dictionary under the folder freeradius Step 6 Include dictionary LevelOne in the dictionary of RADIUS server Insert it in an incremental positi...

Страница 298: ...298 Step 8 Insert VSA into RADIUS respond In this example the maximum download and upload in bytes for group03 users is 1MBytes Step 9 Restart RADIUS to get your settings activated...

Страница 299: ...rovides seamless integration between the gateway and the popular High Speed Internet Access HSIA hardware and Front Office System FOS software Each Port Location Mapping entry can be configured to pro...

Страница 300: ...et in this room without any charge If you do not want to provide any internet access right in the rooms you may change the Port type of the rooms to Block If the user opens a browser and tries to acce...

Страница 301: ...teway to provide Port Location Mapping Service Port Type The default state of the rooms it may be Free Block Single User Multiple User Service Zone The service zone profile used to provide internet se...

Страница 302: ...is room The VLAN Tags configured in Port Location Mapping must not conflict with any of the VLAN Tags that has been assigned to each Service Zone When you have finished creating Port Location Mapping...

Страница 303: ...the PMS Middleware connection is finished in the Access WHG Controller side In the PMS Middleware Net Retriever side it has to know the IP address of Access WHG Controller Secret Key AC ID and MD ID c...

Страница 304: ...rk and completing all the Port Location Mapping settings you should verify whether the configurations are working properly According to the Port Type set when a user tries to access the internet from...

Страница 305: ...you can click the here link to login with the user account that you possess When a user tries to access internet from a Multiple User room the browser will show the Login page without billing plans op...

Страница 306: ...ied Service Zone s Custom Pages settings When a user tries to access internet from a Block room the browser will show service unavailable page 6 View the Event Login After the user select a billing pl...

Страница 307: ...307 P N VWHG50020110601...

Отзывы: