manualshive.com logo in svg

NetComm IAC3000, Руководство пользователя

Поделиться
Скачать
NetComm IAC3000 Скачать руководство пользователя страница 49

IAC3000 

User Manual 

 

45

y

 

Authentication Server Configuration 

IAC3000 provides four authentication servers and one on-demand server that the administrator can apply with 

different policy. Click on the server name to set the configuration for that particular server. After completing and 

clicking 

Apply 

to save the settings, go back to the previous page to select a server to be the default server and 

enable or disable any server on the list. Users can log into the default server without the postfix to allow faster 

login process. 

Server 1~4: 

There are 5 authentication methods,

 Local User, POP3, RADIUS, LDAP 

and

 NTDomain, 

to 

select from. 

 

Server Name:

 Set a name for the authentication option by using numbers (0~9), alphabets (a~z or A ~Z), 

dash (-), underline (_), space and dot (.) only. The length of this field is up to 40 characters. This name is 

used for the administrator to identify the authentication options easily such as HQ-RADIUS. 

Postfix:

 A postfix is used to inform the system which authentication option to be used for authenticating an 

account (e.g. bob@MelbourneLdap or tim@SydneyRadius) when multiple options are concurrently in use. 

One of authentication option can be assigned as default. For authentication assigned as default, the postfix 

can be omitted. For example, if "MelbourneLdap" is the postfix of the default option, Bob can login as "bob" 

without having to type in "bob@MelbourneLdap”. Set a postfix that is easy to distinguish (e.g. Local) and 

the server numbers (0~9), alphabets (a~z or A~Z), dash (-), underline (_) and dot (.) within a maximum of 

40 characters. All other characters are not allowed. 

Caution: The Policy Name cannot contain these words: MAC and IP. 

Black List:

 There are 5 sets of black lists provided by the system. A user account listed in the black list is 

not allowed to log into the system, the client's access will be denied. The administrator may select one 

black list from the drop-down menu and this black list will be applied to this specific authentication option. 

Group: 

Select one Group from the drop-down list box for this specific authentication option. 

Authentication Method:

 Select 

Local

 from the drop-down list box and then click 

Local User Setting 

button to enter the 

Local User Settings

. Then, click the hyperlink of 

Edit Local User List

Caution: Enabling two or more servers of the same authentication method is NOT allowed. 

 

 

Содержание IAC3000

Страница 1: ...User Guide IAC3000 User Guide www netcomm com au IAC3000 Internet Access Controller...

Страница 2: ...in Portal Page 18 Chapter 4 Web Interface Configuration 22 4 1 System Configuration 23 4 1 1 Configuration Wizard 24 4 1 2 System Information 25 4 1 3 WAN1 Configuration 27 4 1 4 WAN2 Configuration 29...

Страница 3: ...Ad List 111 4 4 5 Proxy Server Properties 114 4 4 6 Dynamic DNS 115 4 4 7 IP Mobility 116 4 4 8 VPN Configuration 117 4 5 Utilities 121 4 5 1 Change Password 122 4 5 2 Backup Restore Setting 123 4 5 3...

Страница 4: ...D Proxy Setting 177 Appendix E Session Limit and Session Log 183 Appendix F Network Configuration on PC User Login 185 Appendix G Console Interface 201 Appendix H Local VPN 205 Appendix I Customizabl...

Страница 5: ...on y For any caution or warning that requires special attention of readers a highlight box with italic font is used as below Warning For security purposes you should immediately change the Administrat...

Страница 6: ...user authentication authorization and accounting The user account information is stored in the local database or a specified external database server Featured with user authentication and integrated w...

Страница 7: ...rformance Capacity and Performance IAC3000 Concurrent Users 120 Local Accounts 1000 On demand user Accounts 2 000 Managed Access Points NP725 12 Monitored 3rd Party Access Points 40 VPN Termination Tu...

Страница 8: ...o install the TCP IP network protocol 3 1 2 Package Contents The standard package of IAC3000 includes y IAC3000 x 1 y CD ROM with User Manual x 1 y DC 12V Power Adapter x 1 y Ethernet Cable x 1 y Cons...

Страница 9: ...2 Two WAN ports 10 Base T 100Base TX RJ 45 are available on the system LAN1 LAN8 Client machines connect to IAC3000 via LAN ports 10 Base T 100Base TX RJ 45 Note By Default all LAN ports are set with...

Страница 10: ...modem a cable modem or a switch hub of the network The LED of WAN1 port should be on to indicate a proper connection 3 Connect an Ethernet cable to one of the LAN1 LAN8 Ports on the front panel Conne...

Страница 11: ...d are listed below Step 1 Change Admin s Password Step 2 Choose System s Time Zone Step 3 Set System Information Step 4 Select Connection Type for WAN Port Step 5 Add Local User Account Optional Step...

Страница 12: ...because the browser treats IAC3000 as an illegal website Please press Continue to this website to continue The default user login page will then appear in the browser Caution If you can t get the logi...

Страница 13: ...as follows Admin The administrator can access all area of the IAC3000 User Name admin Password admin Manager The manager can access the area under User Authentication to manage the user account but n...

Страница 14: ...IAC3000 User Manual 10 Operator The operator can only access the area of Create On demand User to create and print out the new on demand user accounts User Name operator Password operator...

Страница 15: ...ion page Then click Configuration Wizard on the left Click the Run Wizard button to begin the Configuration Wizard The Configuration Wizard will appear in a pop up browser window Click Next to begin 3...

Страница 16: ...IAC3000 User Manual 12 h Click Next to continue y Step 2 Choose System s Time Zone h Select a proper time zone from the drop down list box h Click Next to continue...

Страница 17: ...the default setting h Click Next to continue y Step 4 Select Connection Type for WAN Port Three are three types of WAN port to be selected from Static IP Address Dynamic IP Address and PPPoE Client Se...

Страница 18: ...ter the IP Address Subnet Mask and Default Gateway DNS Server provided by your ISP Click Next to continue PPPoE Client Set PPPoE Client s Information Enter the Username and Password provided by the IS...

Страница 19: ...User database To add a user here enter the Username e g test Password e g test MAC Address optional to specify the valid MAC address of this user and assign an Applied Group to this particular user o...

Страница 20: ...s restarting a Restarting now Please wait for a moment message will appear on the screen Please do NOT interrupt IAC3000 restart process until the Configuration Wizard pop up window has disappeared wh...

Страница 21: ...IAC3000 User Manual 17 Note For an example of user login please refer to Appendix F Network Configuration on PC User Login...

Страница 22: ...d you may now connect a client s device for example a PC to the controlled port of IAC3000 and set the device to obtain an IP address automatically After the client obtains the IP address open an Inte...

Страница 23: ...IAC3000 User Manual 19...

Страница 24: ...ser login successfully the following Login Success page will appear There is extra information showing Remaining usage and a Redeem button on the bottom y Remaining usage Show the remaining quota that...

Страница 25: ...for adding credit to the counter and then the client will get a new username and password After clicking the Redeem button a Redeem Page will appear Please enter the new username and password obtained...

Страница 26: ...guration Manual Configuration Monitor IP List Firmware Upgrade Routing Table WAN2 Configuration Policy Configuration Template Settings Walled Garden List Walled Garden Ad List Restart Current Users WA...

Страница 27: ...anual 23 4 1 System Configuration This section includes the following functions Configuration Wizard System Information WAN1 Configuration WAN2 Configuration WAN Traffic Settings LAN Port Mapping and...

Страница 28: ...ys to configure the IAC3000 system using the online Configuration Wizard or changing the settings by commands manually The Configuration Wizard comprises of 6 basic steps providing a simple and easy w...

Страница 29: ...lly Qualified Domain Name This is the domain name of the IAC3000 as seen on client machines connected on LAN ports A user on client machine can use this domain name to access IAC3000 instead of its IP...

Страница 30: ...009 01 22 y Management IP Address List In the page of Management IP Address List the administrator can grant the access of the web management interface by specifying a list specific IP addresses or ra...

Страница 31: ...ress the IP address of the WAN1 port Subnet mask the subnet mask of the network WAN1 port connects to Default gateway a gateway of the network WAN1 port connects to Preferred DNS Server The primary DN...

Страница 32: ...he idle time is reached the system will automatically disconnect itself y PPTP Client Select STATIC to specify the IP address of the PPTP Client manually or select DHCP to get the IP address automatic...

Страница 33: ...dicate required fields to be filled in IP Address the IP address of the WAN2 port Subnet Mask the subnet mask of the network WAN2 port connects to Default Gateway a gateway of the network WAN2 port co...

Страница 34: ...PPPoE to connect to the network please set the UserName and Password There is a Dial on demand function under PPPoE If this function is enabled Maximum Idle Time can be set When the idle time is reac...

Страница 35: ...AN2 dynamically according to designed algorithms based on the weight ratio WAN1 Weight The percentage of traffic through WAN1 Range 1 99 by default it is 50 Base The weight ratio between WAN1 and WAN2...

Страница 36: ...tor to enter a reminding message This reminding message will appear on clients screens when Internet connection is down An example of the reminding message can be Sorry The service is temporarily unav...

Страница 37: ...ervice Zone as each Service Zone is identified by VLAN tags carried within message frames By default the system is in Port Based mode with Default Service Zone enabled and all LAN ports are mapped to...

Страница 38: ...form of a many to one mapping between ports and Service Zones o Specify a desired Service Zone for each LAN Port For each LAN port select a Service Zone to which the LAN port is to be mapped from the...

Страница 39: ...physical LAN ports Select Tag Based and then click Apply to activate the Tag Based VLAN function When a restart message screen appears do NOT restart the system until you have completed the configura...

Страница 40: ...work into different logical zones Users attempting to access the resources within a particular Service Zone will be controlled based on the group they belong to and the group s associated policy profi...

Страница 41: ...ice Zone WLAN Encryption Data encryption method for wireless networks within the Service Zone Applied Policy The global policy that is applied to the Service Zone This is for users who are not assigne...

Страница 42: ...he IP address of clients will be assigned by an external DHCP server The system will only relay DHCP information from the external DHCP server to downstream clients of this service zone o Start IP Add...

Страница 43: ...provides SIP proxy functionality which allows SIP clients to pass through NAT When enabled all SIP traffic can pass through NAT via a fixed WAN interface The policy route setting of SIP Authentication...

Страница 44: ...s the default option so that users do not have to type in the postfix string while entering username during login Custom Pages Related login and logout pages can be customized by administrators for ea...

Страница 45: ...in this Service Zone For each Service Zone one policy can be applied to enforce the access control over the users Please refer to 4 2 4 Policy Configuration for complete description Email Message for...

Страница 46: ...IAC3000 User Manual 42 All managed APs that belong to this service zone are listed here...

Страница 47: ...User Manual 43 4 2 User Authentication This section includes the following functions Authentication Configuration Black List Configuration Group Configuration Policy Configuration and Additional Confi...

Страница 48: ...me There are several authentication options supported by IAC3000 Server 1 to Server 4 On demand User and SIP Click the hyperlink of the respective Server Name to configure the authentication server y...

Страница 49: ...SydneyRadius when multiple options are concurrently in use One of authentication option can be assigned as default For authentication assigned as default the postfix can be omitted For example if Mel...

Страница 50: ...tton is for exporting all local user accounts into a text file Clicking on each user account leads to a page for configuring the individual local account Local user account can be assigned a policy an...

Страница 51: ...Username Password MAC and Remark Select a desired Group to classify local users Check to enable Local VPN in the Enable Local VPN column Click Apply to complete adding the user s Note Local VPN in IAC...

Страница 52: ...be omitted but the trailing comma must be retained When adding user accounts by uploading a file the existing accounts in the embedded database will be remained but not replaced by new ones o Download...

Страница 53: ...icular user and then modify or add any desired information such as Username Password MAC Address optional Group optional Enable Local VPN optional and Remark optional Click Apply to complete the modif...

Страница 54: ...cation is enabled the Local authentication database will be used as a RADIUS database for connection with 802 1x enabled devices such as APs or switches Roaming Out The system s local user database ca...

Страница 55: ...d y Black List There are five sets of the black lists Select one of them or choose None For details please refer to 4 2 2 Black List Configuration y Group Select one Group from the drop down list box...

Страница 56: ...Z dash underline _ and dot within a maximum of 40 characters All other characters are not allowed A postfix is used to inform the system which authentication option is used for authenticating an acco...

Страница 57: ...r Local VPN in IAC3000 is tightly coupled with Active X which is supported by Windows platform Internet Explorer where Active X program is supported y Authentication Method Select RADIUS from the drop...

Страница 58: ...external RADIUS server y Class Group Mapping This function is to assign a Group to a RADIUS class attribute sent from the RADIUS server When the clients classified by RADIUS class attributes log into...

Страница 59: ...List There are five sets of the black lists A user account listed in the black list is not allowed to log into the system Select one black list from the drop down list box to be applied to this speci...

Страница 60: ...assign a Group to a LDAP attribute sent from the LDAP server When the clients classified by LDAP attributes log into the system via the LDAP server each client will be mapped to its assigned Group To...

Страница 61: ...urneLdap as his username y Black List There are five sets of the black lists A user account listed in the black list is not allowed to log into the system Select one black list from the drop down list...

Страница 62: ...T Domain Server Transparent Login This function refers to Windows NT Domain single sign on When Transparent Login is enabled clients will log in to the system automatically after they have logged in t...

Страница 63: ...s used to inform the system which type of authentication database to be used for authentication when multiple databases are concurrently in use Enter the postfix used for on demand users y Monetary Un...

Страница 64: ...page by the time interval defined here y Number of Tickets Print one or duplicate receipts when pressing the print button of the ticket printer which connected to serial port 2 Ticket Customization On...

Страница 65: ...ensions of the image is set but a 460x480 image is recommended y Preview Click Preview button the ticket will be shown including the information of username and password with the selected background P...

Страница 66: ...re allowed to access the network y Price The unit price of the plan y Enable Click the check box to activate the plan y Function Click the button Edit to add and edit a billing plan 4 External Payment...

Страница 67: ...icate transactions Payment Gateway URL This is the default website address to post all transaction data Verify SSL Certificate This is to help protect the system from accessing a website other than Au...

Страница 68: ...usly enabled plans can be further enabled or disabled here as needed Client s Purchasing Record Starting Invoice Number An invoice number may be provided as additional information with a transaction T...

Страница 69: ...in the format of MMYY For example an expiration date of July September 2009 should be entered as 0709 Card Type This value indicates the level of match between the Card Code entered on a transaction...

Страница 70: ...r shipping address of a transaction This may be entered as five digits nine digits or five digits and four digits Country The country is associated with both the billing and shipping address of a tran...

Страница 71: ...s is to help protect the system from accessing a website other than PayPal Currency It is the currency to be used for the payment transactions Service Disclaimer Content Choose Billing for Payment Pag...

Страница 72: ...transaction Click the Change the Number checkbox to change it Description Item Name This is the item information to describe the product for example Internet Access Title for Message to Seller Admini...

Страница 73: ...cy It is the currency to be used for the payment transactions Service Disclaimer Content Choose Billing for Payment Page Service Disclaimer Content View service agreements and fees for the standard pa...

Страница 74: ...nd an on demand user account will be created Click Print to print a receipt which will contain the on demand user s information including the username and password Note If no Billing plan is enabled a...

Страница 75: ...sabled y Function Press Create button for the desired plan You can add an operator s remark and press the Create button again An On demand user account will be created and then click Printout to print...

Страница 76: ...aining time or volume that the user can continue to use to access the network y Status The status of the account Normal the account is not currently in use and also does not exceed the quota limit Onl...

Страница 77: ...Registrars A group can be chosen to govern SIP traffic y SIP SIP authentication supports 4 Trusted SIP Registrar y IP Address The IP address of the Trusted SIP Registrar y Remark The administrator ca...

Страница 78: ...The administrator can use the pull down menu to select the desired black list y Select Black List There are 5 lists to select from for the desired black list y Name Set the black list name and it wil...

Страница 79: ...IAC3000 User Manual 75 If removing a user from the black list is desired select the user s Delete check box and then click the Delete button to remove that user from the black list...

Страница 80: ...s a Service Zone can be applied with a Policy within this zone The same Group within different Service Zones can be applied with different Policies as well as different Authentication Options y Group...

Страница 81: ...nt belonging to this Group The Individual Request Downlink cannot exceed the value of Group Total Downlink and Individual Maximum Downlink o Group Total Uplink Defines the maximum uplink bandwidth all...

Страница 82: ...or example the above figure shows that users in Group 1 can access network services via every Service Zone as well as Remote VPN under constraints of Policy 1 Policy Select a Policy that the Group wil...

Страница 83: ...to the Service Zone listed For example the above figure shows clients in Group 1 8 can access Default Service Zone where they are governed by Policy 1 8 respectively o Policy Select a Policy that the...

Страница 84: ...ication database is LDAP the Attribute Group Mapping function will be available to allow administrator to assign a Group for LDAP Attribute therefore a Policy applied to this Group will be mapped to a...

Страница 85: ...ads to a Service Protocols List where the administrator can defined a list of service by protocols TCP UDP ICMP IP o Firewall Rules Click the number of Filter Rule No to edit individual rules and clic...

Страница 86: ...ed Check the box for only filtering on the encrypted traffic o Service Protocol There are defined protocols in the service protocols list to be selected o Schedule When schedule is selected clients as...

Страница 87: ...is LDAP a policy is applied to user group defined an attribute value pair The Attribute Policy Mapping function will be available to let administrator assign a policy for a LDAP Attribute When the ty...

Страница 88: ...stomized service protocols by clicking Add and delete the added protocols by clicking Delete o Firewall Rules Click on the hyperlink in the No column to edit individual rules and then click Apply to s...

Страница 89: ...he box to filter the encrypted traffic only o Service Protocol Select a defined protocol from the drop down list box o Schedule Defines the time when this firewall rule will be activated When a schedu...

Страница 90: ...ion is a single host o Gateway IP Address The IP address of the gateway or next router to the destination Schedule Profile Click Setting of Schedule Profile to enter the configuration page Select Enab...

Страница 91: ...will be kicked out automatically Idle Timeout If a user has idled with no network activities the system will automatically kick out the user Interim Update The system will update the users current sta...

Страница 92: ...ge To Use Default Certificate Click Use Default Certificate to use the default certificate and key Click restart to validate the changes y Credit Reminder The administrator can enable this function to...

Страница 93: ...st can log into IAC3000 There are 40 users maximum allowed in this MAC address list User authentication is still required for these users Please enter the Permit MAC Address List to fill in these MAC...

Страница 94: ...supports to manage up to 12 NP725 access points AP and they can be configured in this section This section includes the following functions AP List AP Discovery Manual Configuration Template Settings...

Страница 95: ...this column Click the hyperlink of the shown status of each managed AP to see detailed status information about the specific AP such as System Status Service Zone Status Wireless Status Access Contro...

Страница 96: ...IAC3000 User s Manual 92 Click Apply Template to select one template to apply to the AP Click Apply Service Zone to setup one Service Zone to the AP...

Страница 97: ...tings There are four kinds of settings General Settings LAN Interface Setting Wireless Interface Setting and Access Control Setting Click the hyperlink to go on the configuration General Setting Click...

Страница 98: ...configuring the network it s suggested to enable this function but also make sure to disable it when finished With this enabled someone could easily obtain the SSID information with the site survey s...

Страница 99: ...des 56 bits Synchronization field to improve WLAN transmission efficiency y Transmit Power Choose the suitable value from the drop down box y Wireless QoS WMM Enable or disable QoS and WMM WMM maintai...

Страница 100: ...e given settings will show in the list below If one of the IP addresses intended is used a warning message will show up In this case please change the IP range and then click Scan Now again Input the...

Страница 101: ...system will scan once every 10 minutes or according to the time set by the administrator If any AP is discovered and Auto Add AP is enabled it will be assigned an available IP from the starting IP add...

Страница 102: ...n AP Discovery screen Note After when configures service zones setting and port tag based Mapping in 4 1 6 LAN Port Mapping and 4 1 7 Service Zones the administrator continues to configure AP Discover...

Страница 103: ...n Tag based mode the name of service zone has been selected in the Interface such as Guest or SZ1 Select Factory Default in the section of Admin Setting Recommended Then start scanning the new APs in...

Страница 104: ...e of the specific AP Admin Password Password required for this AP IP Address IP address of the specified AP MAC Address MAC address of the specific AP Remark Some extra information to be filled in for...

Страница 105: ...Template Remark and click the button of Configure to go on configuration Template Edit Here is the section that administrators can configure template name template source and template remark Template...

Страница 106: ...4 3 5 Firmware Management Preloaded Firmware displays the current version of the AP s firmware New firmware can be uploaded here to update the current firmware To upload click Browse to select the fi...

Страница 107: ...IAC3000 User s Manual 103 4 3 6 AP Upgrade Check the APs which need to be upgraded and select the upgrade version of firmware and click Apply to upgrade firmware...

Страница 108: ...e the WDS connection with the following operations Add Add a new WDS connection with a Child AP not in the WDS and a Parent AP from the AP List A new WDS Tree will be added if the selected Parent AP i...

Страница 109: ...ork Configuration This section includes the following functions Network Address Translation Privilege List Monitor IP List Walled Garden List Walled Garden Ad List Proxy Server Properties Dynamic DNS...

Страница 110: ...ace WAN1 that will change dynamically if WAN1 Interface is Dynamic When Automatic WAN IP Assignments is enabled the entered Internal IP Address of Automatic WAN IP Assignment will be bound with WAN1 i...

Страница 111: ...e column check the desired server to enable These settings will become effective immediately after clicking the Apply button y Port and IP Redirect This function allows the administrator to set 40 set...

Страница 112: ...ttings will become effective immediately after clicking Apply Warning Permitting specific IP addresses to have network access rights without going through standard authentication process at the contro...

Страница 113: ...AC3000 User s Manual 109 Warning Permitting specific MAC addresses to have network access rights without going through standard authentication process at the controlled port may cause security problem...

Страница 114: ...l become effective immediately Click Monitor to check the current status of all the monitored IPs Green light means online and red light means offline The system provides 40 monitor IP address fields...

Страница 115: ...main names of the websites can be defined in this list Users without the network access right can still have a chance to experience the actual network service free of charge Enter the website IP Addre...

Страница 116: ...layed in the subscriber login page Click on Edit and enter the website IP address or Domain Name Topic and Description in the list then click Apply To make the Walled Garden Ad List active please chec...

Страница 117: ...IAC3000 User s Manual 113 Caution To use the domain name the IAC3000 has to connect to DNS server first or this function will not work...

Страница 118: ...rs will not be able to reach the login page and thus unable to access the network If there is a matching then the end users will be directed to the system first for authentication After a successful a...

Страница 119: ...at WAN port this function will also update the newest IP address regularly to the DNS server These settings will become effective immediately after clicking Apply y DDNS Enabling or disabling of this...

Страница 120: ...4 7 IP Mobility IAC3000 supports IP PNP function At the user end a static IP address can be used to connect to the system Regardless of what the IP address at the user end is authentication can still...

Страница 121: ...the local wireless network through the Internet all the way to the corporate servers and database IAC3000 provides 3 types of VPN for different network usage scenarios Here we ll use local VPN as an...

Страница 122: ...d with Active X which is supported by Windows platform Internet Explorer where Active X program is supported Remote VPN When the setting is enabled the system allows the VPN tunnel between a remote cl...

Страница 123: ...emote VPN capable devices such as a VPN gateway Click Add A Local Entry button to set configuration about local site Click Add A Remote Site to enter the Remote VPN Gateway page for further configurat...

Страница 124: ...IAC3000 User s Manual 120 Click NEW to enter the screen of Remote VPN Gateway...

Страница 125: ...00 User s Manual 121 4 5 Utilities This section provides four utilities to customize and maintain the system including Change Password Backup Restore Settings Firmware Upgrade Restart and Network Util...

Страница 126: ...o permission to change the settings of the profiles for Firewall Specific Route and Schedule User Name manager Password manager Operator The operator can only access the configuration page of Create O...

Страница 127: ...lt settings here y Backup current system setting Click Backup to create a db database backup file and save it on disk y Restore system setting Click Browse to search for a db system setting file that...

Страница 128: ...e process may take a few minutes to complete and the system needs to be restarted to make the new firmware become effective Warning 1 Firmware upgrade may cause the loss of some of the data Please ref...

Страница 129: ...conds Click YES to restart IAC3000 click NO to go back to the previous screen If turning off the power is necessary it is recommended to restart IAC3000 first and then turn off the power after complet...

Страница 130: ...ed and is on the LAN side Enter the MAC Address of the desired device and click Wake Up button to execute this function Ping It allows administrator to detect a device using IP address or Host domain...

Страница 131: ...s Manual 127 4 6 Status This section includes System Status Interface Status Routing Table Current Users Traffic History and Notification Configuration to provide system status information and online...

Страница 132: ...IAC3000 User s Manual 128 4 6 1 System Status This section provides an overview of the system for the administrator...

Страница 133: ...n and all online users are allowed disallowed to log in the network WAN Failover Enabled Disabled stands for the function currently being used or not Load Balancing Enabled Disabled stands for the fun...

Страница 134: ...IAC3000 User s Manual 130 4 6 2 Interface Status This section provides an overview of the interface for the administrator including WAN1 WAN2 SZ default 8...

Страница 135: ...ytes In The total accumulated bytes in through this WAN port since the gateway boots up The delta shows the difference between the numbers from last time this Interface Status page is visited Bytes Ou...

Страница 136: ...IAC3000 User s Manual 132 4 6 3 Routing Table All the Policy Route rules and Global Policy Route rules will be listed here Also it will show the System Route rules specified by each interface...

Страница 137: ...Policy y System Shows the information of the system administration Destination The destination IP address of the device Subnet Mask The Subnet Mask IP address of the port Gateway The Gateway IP addre...

Страница 138: ...IP MAC Pkts In Bytes In Pkts Out Bytes Out Idle Location and Kick Out will be shown Administrators can force out a specific online user by clicking the hyperlink of Logout and check the user access A...

Страница 139: ...traffic history provides all login and logout activity of specific date Other information includes User Name IP address MAC address In bound Packet Count Out bound Packet Count In bound Byte Count and...

Страница 140: ...Login Expiration Time Account Valid Through and Remark of user activities y Roaming Out Traffic History As shown in the following figure each line is a roaming out traffic history record consisting of...

Страница 141: ...r up to two months and can be exported as a text file in CSV format As follows are the descriptions of fields in the usage record Username Username of the local user account Connection Time Usage The...

Страница 142: ...ser Log and Session Log via external Syslog servers In addition the Session Log can be sent to a specified FTP server Enter the related information and select the desired items and then apply the sett...

Страница 143: ...thod to be used can not be configured y Syslog Configuration There are 3 types of Syslog supported System Log On demand User Log and Session Log Enter the IP address and Port number to specify which a...

Страница 144: ...IAC3000 User s Manual 140 4 7 Help On the screen the Help button is on the upper right corner Click Help to the Online Help window and then click the hyperlink of the items to get the information...

Страница 145: ...IAC3000 User s Manual 141...

Страница 146: ...et This section is to show independent Hotspot IAC owners how to configure related settings in order to accept credit card payments via Authorize Net making the Hotspot an e commerce environment for c...

Страница 147: ...IAC3000 User s Manual 143...

Страница 148: ...merchant account or Internet payment gateway to process transactions you can fill out the Inquiry Form on http www authorize net solutions merchantsolutions merchantinquiryform 1 2 Configure IAC3000 u...

Страница 149: ...t Click Settings and Profile Go to the Security section Click MD5 Hash Enter New Hash Value Confirm Hash Value Click Submit Required Card Code If the Card Code is set up as a required field please log...

Страница 150: ...cord with the account name Click Delete All to delete all users at once 2 2 Refund A Settled Transaction and Remove the On demand Account Generated on IAC3000 a To refund a credit card payment please...

Страница 151: ...dd New Contact to Enter necessary contact information on this page Check the Transaction Receipt box Click Submit 3 Reporting During normal operation the following steps will be necessary to generate...

Страница 152: ...nload To File to download records and then use MS Excel to generate more detailed reports 3 3 Search for The Transaction Details for A Specific Customer Please log in Authorize Net Click Search and Do...

Страница 153: ...IAC3000 User s Manual 149...

Страница 154: ...t this transaction There will be a confirm dialog box Step 4 Please confirm the data and the click OK to go on the transaction or click Cancel to revise the data or cancel this transaction After click...

Страница 155: ...IAC3000 User s Manual 151...

Страница 156: ...ick Start Internet Access to use the Internet access service Note The clients must fill in the correct credit card number and expiration date Card code is the last 3 digits of the security code locate...

Страница 157: ...This section is to show independent Hotspot IAC owners how to configure related settings in order to accept payments via PayPal making the Hotspot an e commerce environment for clients to pay for and...

Страница 158: ...nt and login Here is a link https www paypal com cgi bin webscr cmd _registration run Step 2 Edit necessary settings in Website Payment Preferences Click Profile Click Website Payment Preferences in t...

Страница 159: ...tings Screenshots Auto Return On Return URL Redirect Webpage Type http www www com or other URL Payment Data Transfer On Block Non encrypted Website Payment Off PayPal Account Optional Off Contact Tel...

Страница 160: ...ption Business Account ID This is the Login ID email address that is associated with the PayPal Business Account Payment Gateway URL https www paypal com cgi bin webscr default URL for PayPal Identity...

Страница 161: ...listing in the activity history log Click Details of the payment listing Click Refund Payment at the end of the details page Type in information Gross Refund Amount and or Optional Note to Buyer Click...

Страница 162: ...e server On demand User On demand User Server Configuration External Payment Gateway Click Configure External Payment Gateway Select PayPal Go to Client s Purchasing Record section Type in information...

Страница 163: ...ick History Click Advanced Search Enter the name for a specific customer as criteria in the Search For field and Choose Last Name or First Name in the In field Specify the time period Click Submit Cli...

Страница 164: ...Users Step 1 Click the link below the login window to pay for the service via PayPal Step 2 Choose I agree to accept the terms of use and click Next Step 3 Please fill out the form and Click Submit t...

Страница 165: ...IAC3000 User s Manual 161 Step 4 You will be redirected to PayPal website to complete the payment process...

Страница 166: ...IAC3000 User s Manual 162...

Страница 167: ...ecurely online using PayPal account a credit card or bank account Clicking on Buy Now button you will be redirected to PayPal s site to make payment 2 Please do not manually close the browser when you...

Страница 168: ...e Service Zone for Employees and another for Guests Note The switches deployed under IAC3000 in Port Based mode must be Layer 2 switches only y Configuration Steps for Port Based Service Zones Step 1...

Страница 169: ...ND authentication method as default Disable all other authentication options Then click Apply to activate the settings made so far A warning message You should restart the system to activate the chang...

Страница 170: ...User s Manual 166 A warning message You should restart the system to activate the changes will appear at the bottom of the page Do NOT restart the system until you have completed all the configuratio...

Страница 171: ...ees Assume that LAN2 is assigned to the Service Zone 2 SZ2 for Employees Select the Service Zones tab and click Configure of SZ2 Step 6 Configure Basic Settings for SZ2 Check the Enable radio button o...

Страница 172: ...options Then click Apply to activate the settings made so far A warning message You should restart the system to activate the changes will appear at the bottom of the page Do NOT restart the system un...

Страница 173: ...the bottom of the page Click the hyperlink of Restart to restart the system and activate all configurations Step 9 Restart the System A confirmation message of Do you want to restart the system will a...

Страница 174: ...abled Step 10 AP Discovery Select AP Discovery in AP Management Set the Interface in Default port Select Factory Default in the section of Admin Settings Used to Discover If selecting manually type th...

Страница 175: ...Zone VLAN tags carried within message frames An example of network application diagram is shown as below one Service Zone for Employees and another for Guests Note The switch deployed under IAC3000 i...

Страница 176: ...status and just powered up Step 1 Set Tag Based mode Click the System menu and select the LAN Port Mapping tab Select Tag Based mode and click Apply A warning message You should restart the system to...

Страница 177: ...ce Zone Name field Enter a VLAN tag for SZ1 e g 1111 in the VLAN Tag field In the Authentication Settings section check the Default button and Enable box of Guest Users to set ONDEMAND authentication...

Страница 178: ...k the Enable radio button of Service Zone Status to activate SZ2 Enter a name for SZ1 e g Employee in the Service Zone Name field Enter a VLAN tag for SZ1 e g 2222 in the VLAN Tag field Check the Enab...

Страница 179: ...ng message You should restart the system to activate the changes will appear at the bottom of the page Click the hyperlink of Restart to restart the system and activate all changes you have made A con...

Страница 180: ...Admin Settings Used to Discover If selecting manually type the range of IP address in the section Then start scanning the new APs by clicking Scan Now button After scanning new APs will be listed in...

Страница 181: ...rces more quickly This section presents basic examples for configuring the proxy server settings of IAC3000 Using Internet Proxy Server The first scenario is that a proxy server is placed outside the...

Страница 182: ...ers page Add the IP address leaving it blank means any IP address and port number of the proxy servers into External Proxy Servers setting Enable the Built in Proxy Server Click Apply to save the sett...

Страница 183: ...he proxy server setting of the system Otherwise users will not be able to get the Login page for authentication via browsers and it will show an error page in the browser 2 When the Built in Proxy Ser...

Страница 184: ...Core Switch Firewall Router L2 Switch Proxy Server Web Server Mail Server DMZ Caution A special scenario is that a proxy server is placed in a zone like Intranet where users can reach each other witho...

Страница 185: ...ge Add the IP address and port number of the proxy server into External Proxy Servers setting Click Apply to save the settings Step 3 Make sure that clients use the same proxy server settings Please a...

Страница 186: ...required that the proxy server setting of the clients match with the proxy server setting of the system Otherwise users will not be able to get the Login page for authentication via browsers and it wi...

Страница 187: ...ecord connection details of each user accessing the Internet In addition the log data can be sent out to a specified Syslog Server Email Box or FTP Server based on pre defined interval time The descri...

Страница 188: ...l TCP MAC 00 09 6b cd 83 8c SIP 10 1 1 37 SPort 1628 DIP 203 125 164 142 DPort 80 27 Jan 12 35 06 2009 New user1 local TCP MAC 00 09 6b cd 83 8c SIP 10 1 1 37 SPort 1629 DIP 203 125 164 142 DPort 80 2...

Страница 189: ...iguration on PC After IAC3000 is installed the following configurations must be set up on the PC Internet Connection Setup and TCP IP Network Setup y Internet Connection Setup Windows 9x 2000 1 Choose...

Страница 190: ...nnection manually or I want to connect through a local Area network LAN and then click Next 4 Choose I connect through a local area network LAN and then click Next 5 DO NOT choose any option in the fo...

Страница 191: ...C3000 User s Manual 187 6 Choose No and then click Next 7 Finally click Finish to exit the Internet Connection Wizard Now the set up is completed Windows XP 1 Choose Start Control Panel Internet Optio...

Страница 192: ...AC3000 User s Manual 188 2 Choose the Connections tab and then click Setup 3 When the Welcome to the New Connection Wizard window appears click Next 4 Choose Connect to the Internet and then click Nex...

Страница 193: ...9 5 Choose Set up my connection manually and then click Next 6 Choose Connect using a broadband connection that is always on and then click Next 7 Finally click Finish to exit the Connection Wizard No...

Страница 194: ...for each PC If the Windows operating system is not a server version the default settings of the TCP IP will regard the PC as a DHCP client and this function is called Obtain an IP address automaticall...

Страница 195: ...ing Specific IP Address If you want to use a specific IP address acquire the following information from the network administrator the IP Address Subnet Mask and DNS Server address provided by your ISP...

Страница 196: ...ay field and click Add Then click OK 4 3 Click on DNS Configuration tab If the DNS Server field is empty select Enable DNS and enter DNS Server address Click Add and then click OK to complete the conf...

Страница 197: ...t Protocol TCP IP and then click Properties Now you can choose to use DHCP or a specific IP address 4 Using DHCP If you want to use DHCP choose Obtain an IP address automatically and then click OK Thi...

Страница 198: ...e following steps 5 1 Choose Use the following IP address and enter the IP address Subnet mask If the DNS Server field is empty select Using the following DNS server addresses and enter the DNS Server...

Страница 199: ...1 Select Start Control Panel Network Connection 2 Right click on the Local Area Connection icon and select Properties 3 Click on the General tab and choose Internet Protocol TCP IP and then click Prop...

Страница 200: ...ion from the network administrator the IP Address Subnet Mask and DNS Server address provided by your ISP and the Gateway address of IAC3000 Note If your PC has been set up completed please inform the...

Страница 201: ...tab and click Add below the Default gateways column and the TCP IP Gateway Address window will appear 5 4 Enter the gateway address of IAC3000 in the Gateway field and then click Add After back to th...

Страница 202: ...ere will be a Certificate Error because the browser treats IAC3000 as an illegal website b Please press Continue to this website to continue c The default user login page will appear in the browser 2...

Страница 203: ...Successful page appearing means IAC3000 has been installed and configured successfully Now you are connected to the network and Internet Note When On demand accounts are used for example we use d9d5...

Страница 204: ...d up the quota by purchasing an additional account Please enter the new username and password in the Redeem Page and click ENTER button to merge the two accounts so that there will be more quota for t...

Страница 205: ...with dialog boxes Please use arrow keys on the keyboard to browse the menu and press the Enter key to make selection or confirm what you enter 3 Once the console port of IAC3000 is connected properly...

Страница 206: ...IAC3000 User s Manual 202...

Страница 207: ...able of the system is displayed Display system up time The system live time time for system being turn on is displayed Check service status Check and display the status of the system Set device into s...

Страница 208: ...face Password can also be changed here If administrators forget the password and are unable to log in the management interface from the web or the remote end of the SSH they can still use the null mod...

Страница 209: ...tless IPSec VPN setting is then configured automatically At the end of this setup a build in IPSec VPN feature will be enabled and ready to serve once it is launched for setup The goal of this design...

Страница 210: ...IPSec VPN tunnels between them If the connection is down the ActiveX component will detect the broken link and decompose the IPSec tunnel Once the IPSec VPN tunnel was built all sent packets will be...

Страница 211: ...in Windows XP SP2 c The forced termination through CTRL ALT DEL Task Manager of the Internet Explorer will stop the running of ActiveX It causes that IPSec tunnel cannot be cleared properly at client...

Страница 212: ...pporting active mode FTP inside IPSec VPN tunnel of Windows XP SP2 Suggestion Please UPDATE client s Windows XP SP2 with patch KB889527 5 The Termination of ActiveX The ActiveX component for IPSec VPN...

Страница 213: ...ser chooses to click Yes The user has to log in again to regain the network access Suggestion Click Cancel if you do not intend to stop the IPSec VPN connection yet 6 Non supported OS and Browser Curr...

Страница 214: ...IAC3000 User s Manual 210 C del VPNClient_1_5 ocx c What can I do if unable establish IPSec connection for Windows XP SP1 ANS Disable Windows XP firewall...

Страница 215: ...ge selections to have further configuration 1 Custom Pages Login Page The administrator can use the default login page or get the customized login page by setting the template page uploading the page...

Страница 216: ...IAC3000 User s Manual 212 y Custom Pages Login Page Uploaded Page Choose Uploaded Page and upload a login page...

Страница 217: ...mit The system will show the used space and the maximum size of the image file of 512K If the administrator wishes to restore the factory default of the login page click the Use Default Page button to...

Страница 218: ...ust include the following HTML code that the user can enter the username and password After the upload is completed the customized logout page can be previewed by clicking Preview at the bottom of thi...

Страница 219: ...ck up a color and then fill in all of the blanks Click Preview to see the result first y Custom Pages Login Success Page Uploaded Page Choose Uploaded Page and get the login success page to upload Cli...

Страница 220: ...w login success page can be previewed by clicking Preview button at the bottom of this page 4 Custom Pages Login Success Page for On demand User The users can apply their own Login Success page for on...

Страница 221: ...to pick up a color and then fill in all of the blanks Click Preview to see the result y Custom Pages Login Success Pages for On demand Users Uploaded Page Choose Uploaded Page and get the login succe...

Страница 222: ...the bottom of this page 5 Custom Pages Logout Success Page The administrator can apply their own Logout Success page for Users in the menu As the process is similar to that of the Login Page please re...

Страница 223: ...upload process is completed and applied the new logout success page can be previewed by clicking Preview button at the bottom y Custom Pages Logout Success Page External Page Choose the External Page...

Страница 224: ...stalled and used in accordance with the instructions detailed within this manual may cause interference to radio communications However there is no guarantee that interference will not occur with the...

Страница 225: ...line whether caused by thunderstorm activity or any other cause s 3 The fault is the result of accidental damage or damage in transit including but not limited to liquid spillage 4 Your product has b...

Страница 226: ...ined in the Quick Start Guide For further information regarding the advanced features of this product please refer to the configuring sections in the User Guide or contact a Network Specialist NETCOMM...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды