Nomadix Access Gateways Скачать руководство пользователя страница 1 | Manualshive

Страница: 1 / 330

Nomadix Access Gateways Скачать руководство пользователя страница 1

1
2
3
...
»

Содержание Access Gateways

Страница 1: ......

Страница 2: ...e Inc All Rights Reserved Livingston Enterprises Inc Copyright 1992 Livingston Enterprises Inc All Rights Reserved The Regents of the University of Michigan and Merit Network Inc Copyright 1992 1995 A...

Страница 3: ...222791 ES1222791 SE1222791 CH1222791 SG88575 00815828 2 AU2006207853 US6 789 110 Japan 3880856 Korea 559357 SG88483 00815982 3 EU1234425 validated in BE1234425 FI1234425 FR1234425 DE60029819 1 GB12344...

Страница 4: ...rische Bauteile AVISO Riesgo de shock el ctrico No abrir No hay piezas configurables dentro CAUTION Read the instruction manual prior to operation ATTENTION Lire le mode d emploi avant utilisation ACH...

Страница 5: ...ACCESS GATEWAY...

Страница 6: ...This page intentionally left blank ACCESS GATEWAY...

Страница 7: ...p Service Branding 5 NSE Core Functionality 6 Access Control 7 Bandwidth Management 8 Billing Records Mirroring 8 Bridge Mode 8 Command Line Interface 9 Credit Card 9 Dynamic Address Translation 9 Dyn...

Страница 8: ...Unpacking the Access Gateway 26 Installation Workflow 27 Powering Up the System 28 Logging In to the Command Line Interface 29 The Management Interfaces CLI and Web 31 Making Menu Selections and Input...

Страница 9: ...ptions Home Page Redirect 79 Enabling Intelligent Address Translation iNAT 80 Defining IPSec Tunnel Settings IPSec 82 Establishing Your Location Location 88 Managing the Log Options Logging 91 Enablin...

Страница 10: ...n Assignments by Port Find by Port 158 Importing Port Location Assignments Import 159 Displaying the Port Location Mappings List 161 Subscriber Administration Menu 161 Adding Subscriber Profiles Add 1...

Страница 11: ...n 216 Defining the MAC Filtering Options Mac Filtering 219 Rebooting the System Reboot 220 Adding a Route Route Add 221 Deleting a Route Route Delete 222 Establishing Session Rate Limiting Session Lim...

Страница 12: ...268 Accounting Request 269 Selected Detailed Descriptions 270 Nomadix Vendor Specific Attributes 271 Setting Up the SSL Feature 273 Prerequisites 273 Obtain a Private Key File cakey pem 273 Installin...

Страница 13: ...s section provides an overview and sample scenario for the Access Gateway s subscriber interface It also includes an outline of the authorization and billing processes utilized by the system and the N...

Страница 14: ...Licensing All Nomadix Access Gateway products are powered by our patented and patent pending suite of embedded software called the Nomadix Service Engine NSE The Access Gateway employs our NSE core s...

Страница 15: ...service or as an amenity to augment the main line of business for your venue Contains an advanced XML interface for accepting and processing XML commands allowing the implementation of a variety of se...

Страница 16: ...ployment of broadband network services Our patented Dynamic Address Translation DAT functionality offers a true plug and play solution by enabling a seamless and transparent experience and the tools t...

Страница 17: ...companies such as Cisco Checkpoint Nortel and Microsoft Nomadix iNAT feature allows multiple tunnels to be established to the same VPN server creating a seamless connection for all users on the netwo...

Страница 18: ...eatures needed to successfully deploy public access networks These core features solve issues of connectivity security billing and roaming in a Wi Fi public access network The NSE s core package of fe...

Страница 19: ...he source IP address of administrator logins A login is permitted only if a match is made with the master list contained within the NSE If a match is not made the login is denied even if a correct log...

Страница 20: ...rs that have been previously defined by system administrators The NSE assumes control of billing transmissions and the saving of billing records By effectively mirroring the billing data the NSE can s...

Страница 21: ...f billing records to multiple sources See also Secure Socket Layer SSL on page 17 Billing Records Mirroring on page 8 Dynamic Address Translation Dynamic Address Translation DAT enables transparent br...

Страница 22: ...g Web page content for the centrally hosted portal page If you choose to use the EWS interface Nomadix Technical Support can provide you with sample scripts See also Contact Information on page 297 Ho...

Страница 23: ...utilization of costly public IP addresses If the protocol type can be supported without the use of a public IP for example HTTP FTP our proven Dynamic Address Translation functionality continues to b...

Страница 24: ...page 11 Internal Web Server The NSE offers an embedded Internal Web Server IWS to deliver Web pages stored in flash memory These Web pages are configurable by the system administrator by selecting va...

Страница 25: ...n with a public pool address the NSE associates their MAC address with their public IP address for the duration of the service level agreement The opposite is true if they select a plan with a private...

Страница 26: ...ndard protocol that assures accurate synchronization to the millisecond of computer clock times in a network of computers NTP synchronizes the client s clock to the U S Naval Observatory master clocks...

Страница 27: ...erminated at the NOC Network Operations Center See also Secure Management on page 16 RADIUS Client Nomadix offers an integrated RADIUS Remote Authentication Dial In User Service client with the NSE al...

Страница 28: ...swords This Remember Me functionality creates a more efficient and better user experience in wireless networks The RADIUS Re Authentication buffer has been expanded to 720 hours allowing an even more...

Страница 29: ...g typical examples ICMP PING from NOC to edge devices Telnet Telnet from NOC to edge devices Web Management HTTP access from NOC to edge devices SNMP SNMP GET from NOC to subscriber side device for ex...

Страница 30: ...logs out or the customer s account expires while online and the goodbye page is enabled In addition the NSE also provides pre and post authentication redirects as well as one at session termination S...

Страница 31: ...ly company to simultaneously support port based authentication using IEEE 802 1x and authentication mechanisms used by Smart Clients MAC based authentication is also available See also Access Control...

Страница 32: ...IP connection to select PMS interfaces PMS Integration By integrating with a hotel s PMS your NSE powered product can post charges for Internet access directly to a guest s hotel bill In this case th...

Страница 33: ...k that can take over if the primary device fails ensuring Wi Fi service remains uninterrupted Network Architecture Sample The Access Gateway can be deployed effectively in a variety of wireless and wi...

Страница 34: ...ystem called WebHelp which is accessible through the Web Management Interface when a remote Internet connection is established following a successful installation WebHelp can be viewed on any platform...

Страница 35: ...ation about WebHelp and other online documentation resources go to Online Documentation and Help on page 35 Notes Cautions and Warnings The following formats are used throughout this User Guide Genera...

Страница 36: ...ACCESS GATEWAY 24 Introduction...

Страница 37: ...Interface on page 29 Establishing the Start Up Configuration on page 36 Logging Out and Powering Down the System on page 44 Connecting the Access Gateway to the Customer s Network on page 44 Establish...

Страница 38: ...NM or DB9 female to RJ45 6ft length Null Modem NM 1 Cable CATS5 standard 7 ft length 1 Cable CATS5 crossover 7 ft length 1 Screw 10 32 X 1 2 PH with internal washer 4 Screw 4 40 5 16 flathead 100 deg...

Страница 39: ...The AG will then prompt you to reboot the system Connect the AG to the customer s network Power up the AG and log in via a Telnet session or the Web Management Interface Set the basic configuration p...

Страница 40: ...wer up the system 1 Place the Access Gateway on a flat and stable work surface 2 Connect the power cord 3 Connect the DB9 serial cable between the Access Gateway s serial port or front Access RJ45 por...

Страница 41: ...HyperTerminal settings 2 When connected to the Access Gateway a login prompt appears on your screen The default login user name is admin The password is admin Login names and passwords are case sensit...

Страница 42: ...ACCESS GATEWAY 30 Installing the Access Gateway a license key from the Nomadix License Key Server you must accept the Nomadix End User License Agreement EULA...

Страница 43: ...enu but you must enter su to access the Subscribers menu and sy to access the System menu because they both start with the letter s You may also do any of the following Enter b back or press Esc escap...

Страница 44: ...y from the CLI you can then access the Access Gateway from its embedded Web Management Interface WMI The WMI is easier to use point and click and includes some items not found in the CLI You can use e...

Страница 45: ...ACCESS GATEWAY Installing the Access Gateway 33 Note Your browser preferences or Internet options should be set to compare loaded pages with cached pages...

Страница 46: ...essages subscriber other messages 72 Description of Service billing options Plan 140 Home Page URL 237 Host Name and Domain Name DNS settings 64 IP DNS Name passthrough addresses 237 Label billing opt...

Страница 47: ...online documentation resources available from our corporate Web site www nomadix com include a full PDF version of this User Guide viewable with Acrobat Reader white papers technical notes and busines...

Страница 48: ...ter and manage the Access Gateway securely Setting the SNMP Parameters optional The SNMP Simple Network Management Protocol parameters must be established before you can use an SNMP client for example...

Страница 49: ...d operators where managers are permitted read write access and operators are restricted to read access only Once the logins have been assigned managers have the ability to perform all write commands S...

Страница 50: ...2 1 Enter c configuration at the Access Gateway Menu The Configuration menu appears 2 Enter sn snmp 3 Enable the SNMP daemon as required The system displays any existing SNMP contact information and p...

Страница 51: ...LOG protocol UDP is used to send all message logs generated by the Access Gateway to the specified server 1 Enter log logging at the Configuration menu The system displays the current logging status e...

Страница 52: ...10 Enable disable System Log Save to file disabled enable Enable disable AAA Log disabled enable Enter AAA Log Number 0 7 0 2 Enter AAA Log Filter 0 Emergency 1 Alert 2 Critical 3 Error 4 Warning 5 N...

Страница 53: ...able Enable Disable Port Reporting disabled enable Enable Disable Location Reporting disabled enable Enable Disable 500th Packet Count Reporting disabled enable System Log Enabled System Log Number 2...

Страница 54: ...t now 3 When prompted enter the company s address line by line 6 lines 4 When prompted enter a valid email address for this company The system now displays the current network interface IP address the...

Страница 55: ...the venu type that most reflects your location 1 Apartment 2 Bar Coffeeshot Restaurant 3 Convention Center 4 Corporate Guest Access 5 Education 6 Hospitality 7 Marina Camp Ground 8 Public Space 9 Pub...

Страница 56: ...the System Use this procedure to log out and power down the Access Gateway 1 Enter l logout at the Access Gateway Menu Your serial session closes automatically 2 Turn off the Access Gateway and discon...

Страница 57: ...ibers who are DHCP enabled The Access Gateway can relay the service through an external DHCP server or it can be configured to act as its own DHCP server Setting the DNS Options DNS Domain Name System...

Страница 58: ...dress Translation DAT functionality DAT is automatically configured to facilitate plug and play access to subscribers who are misconfigured with static permanent IP addresses or subscribers that do no...

Страница 59: ...e the following procedure to set the DNS configuration options 1 Enter c configuration at the Access Gateway Menu The Configuration menu appears 2 Enter dn dns at the Configuration menu The system dis...

Страница 60: ...29 Enter Proxy DNS Port 1028 The system must be rebooted to function properly The DNS options have been established DNS will now convert subscriber browser URLs into the correct IP addresses automatic...

Страница 61: ...cess Gateway s CLI or Web Management Interface under the Configuration menu snmp 3 All variables defined by Nomadix start with the following prefix iso org dod internet private enterprises nomadix 4 Y...

Страница 62: ...ACCESS GATEWAY 50 Installing the Access Gateway...

Страница 63: ...ly with any of the following interface options Using the Web Management Interface WMI Provides a powerful and flexible Web interface for network administrators Using an SNMP Manager Allows remote Wind...

Страница 64: ...ically the same The only difference between the two interfaces is in the method used for making selections and applying your changes selections are checkable boxes and applying your changes is achieve...

Страница 65: ...ws you to see and interact with the Access Gateway s Command Line Interface as if you were connected via the serial interface As with any remote connection the network interface IP address for the Acc...

Страница 66: ...up the AAA Authentication Authorization and Accounting service options AAA Services are used by the Access Gateway to authenticate authorize and subsequently bill subscribers for their use of the cust...

Страница 67: ...ACCESS GATEWAY System Administration 55 1 From the Web Management Interface click on Configuration then AAA The Authentication Authorization and Accounting Settings screen appears...

Страница 68: ...ss 6 Enable or disable Print Billing Command as required This feature enables NSE to support Driverless Print servers If this feature is enabled you must enable the XML interface and enter the IP addr...

Страница 69: ...to define a policy on a port The billing methods RADIUS Credit Card PMS L2TP Tunneling and the billing plans available on each port can now be individually configured This ability allows for having d...

Страница 70: ...authorization mode you have the option of enabling or disabling the Usernames and New Subscribers features These features work in conjunction with each other to determine how new subscribers are hand...

Страница 71: ...red refer to the table in Enabling AAA Services with the Internal Web Server on page 58 To enable SSL Support your Access Gateway s flash must include the server pem cakey pem and cacert pem certifica...

Страница 72: ...You will need to open a merchant account with Authorize net Chainfusion or Datacenter Luxembourg before this feature can be used Please contact Nomadix Technical Support for assistance Refer to Conta...

Страница 73: ...ur changes or click on the Reset button if you want to reset all the values to their previous state Enabling AAA Services with an External Web Server You are here because you want to enable the AAA Se...

Страница 74: ...d by the NSE and EWS or IWS Portal Page to validate subscriber access This capability eliminates a vulnerability that was previously exploited to gain unauthorized Internet access at charge for use si...

Страница 75: ...I and FTP SSH and SFTP and incorporates a master access control list that checks the source IP address of administrator logins A login is permitted only to the interfaces that have not been blocked an...

Страница 76: ...ion If the required certificates are not resident on the flash an attempted https connection will generate an error syslog 1 From the Web Management Interface click on Configuration then Access Contro...

Страница 77: ...re Web Management access from the subscriber side to the NSE WMI Default setting is enabled FTP Access enables disables blocking of FTP access from the subscriber side to the NSE Default setting is en...

Страница 78: ...nge of IP addresses from the access control list you must now enter the ending IP address in the Access Control End IP field If you are removing a single IP address enter None in the Access Control En...

Страница 79: ...firm Password 4 Click on the check box for Reboot after changes are saved to reboot the system when you submit your changes 5 Click on the Submit button to save your changes or click or the Reset butt...

Страница 80: ...e performed either at a device pre staging center or by the field engineer 1 Establish a WAN connection and electronically accept the EULA 2 Setup RADIUS Server parameters go to Defining the Realm Bas...

Страница 81: ...the Auto Configuration option and rebooting the device for example using SNMP See also Defining Automatic Configuration Settings Auto Configuration Setting Up Bandwidth Management Bandwidth Management...

Страница 82: ...lick on the Reset button if you want to reset all the values to their previous state Establishing Billing Records Mirroring Bill Record Mirroring The Access Gateway can send copies of credit card tran...

Страница 83: ...Management Interface click on Configuration then Bill Record Mirroring The Credit Card PMS Mirroring Settings screen appears 2 If you want to enable the billing records mirroring functionality for cre...

Страница 84: ...s or click on the Reset button if you want to reset all the values to their previous state Managing the dhcp service options DHCP When a device connects to the network the DHCP server assigns it a dyn...

Страница 85: ...s automatically configured to facilitate plug and play access to subscribers who are misconfigured with static permanent IP addresses or subscribers that do not have DHCP capability on their computers...

Страница 86: ...x 7 If required enable the IP Upsell feature System administrators can set two different DHCP pools for the same physical LAN When DHCP subscribers select a service plan with a public pool address the...

Страница 87: ...a valid DHCP Server IP address for the DHCP server 10 Enter the DHCP Server Netmask 11 Enter the starting and ending IP addresses for the DHCP address pool you want to use DHCP Pool Start IP DHCP Poo...

Страница 88: ...Gateway can issue IP addresses to any DHCP enabled subscriber who enters the network Managing the DNS Options DNS DNS allows subscribers to enter meaningful URLs into their browsers instead of complic...

Страница 89: ...reboot the system or click on the Reset button if you want to reset all the values to their previous state Managing the Dynamic DNS Options Dynamic DNS Use the following procedure to set the Dynamic...

Страница 90: ...name field DDNS mapping is configured on the DynDNS org account Enter the user name for the DDNS server account in the Username field Enter the password name for the DDNS server account in the Passwor...

Страница 91: ...ox for Reboot after changes are saved to reboot the system after saving your changes 8 Click Submit to save your changes and reboot the system or click Reset to reset all the values to their previous...

Страница 92: ...easily 5 In the Redirection Frequency field specify the frequency in minutes for home page redirection This is the interval at which the subscriber is redirected to the solution provider s home page a...

Страница 93: ...r disabling the following VPN protocols PPTP PPTP CALL ID IPSEC SIP 4 Click on the Submit button to save your options Use the iNAT Start and iNAT End fields to enter an IP address or range of IP addre...

Страница 94: ...n IPSec The IPSec Tunnel Settings screen appears 2 Check the Enable IPsec checkbox to enable IPsec Note that you will have to reboot for IPsec to take effect 3 Click Submit to save the setting To add...

Страница 95: ...table The IPSec Tunnel Peer Settings screen opens 2 Enter the IP address of the peer in the Tunnel Peer field 3 In the Peer Authentication Method section select one of the two peer authentication meth...

Страница 96: ...Tunnel Settings screen 6 Click the Back to Main IPSec Tunneling Settings page link to return to the IPSec Tunnel Settings screen Modifying an Existing IPSec Tunnel Peer 1 Click on the IPSec tunnel pe...

Страница 97: ...uld like to add a security policy from the Tunnel peer IP address menu You must select a peer if the policy is using ESP or AH if the policy is a Discard or Bypass policy select none 3 In the Traffic...

Страница 98: ...sk and the IP address of network interface for this policy The Local IP Subnet is the IP address of the local network secured by the IPSec tunnel The address can specify a host The Subnet Mask is the...

Страница 99: ...the maximum life size in kbytes in the Maximum Lifesize field Enable the automatic renewal option by putting a check in the Automatic renewal checkbox The default setting is enabled 8 Click Add to add...

Страница 100: ...sets up your location and the corresponding IP addresses for the network interface subscriber interface subnet and default gateway You must provide your full location information 1 From the Web Manage...

Страница 101: ...ag number Subscribers traffic check the box Enable WAN 802 1Q header for Subscribers Traffic and if necessary enter the tag number Changing these settings could result in loss of connectivity Changing...

Страница 102: ...Maximum Missed Responses allowed This is the number of echo requests that can be allowed to go without a response before the NSE determines that the PPP link is down This parameter can only set to wh...

Страница 103: ...aving your changes 11 Click on the Submit button to save your changes and reboot the system or click on the Reset button if you want to reset all the values to their previous state Managing the Log Op...

Страница 104: ...ACCESS GATEWAY 92 System Administration 1 From the Web Management Interface click on Configuration then Logging The Log Settings screen appears...

Страница 105: ...flash directory of the NSE This setting abides by the other settings set for the syslogs like filters number and enable disable It is not required to input a server IP address if you intend to only s...

Страница 106: ...58 2007 testlab S 192 168 2 4 3444 D 66 163 175 128 80 X 67 130 149 4 5004 non proxy 00 90 27 78 81 00 RADIUS IPASS 0U0000 INFO Access Gateway v2 4 113 LI OUT THU JUN 23 11 44 01 2007 testlab S 192 1...

Страница 107: ...nter the subscriber tracking log number in the Subscriber Tracking Log Number field This is the syslog number to identify this syslog to your Server 3 Enter the IP address of the Syslog server that is...

Страница 108: ...on to save your changes or click on the Reset button if you want to reset all the values to their previous state When logging is enabled log files and error messages are sent to these servers for futu...

Страница 109: ...for MAC based Authentication purposes 7 Click Submit to save the settings or Reset to return the settings to the previous state Assigning Passthrough Addresses Passthrough Addresses The Access Gatewa...

Страница 110: ...ce PMS The Access Gateway can be integrated with existing Property Management Systems For example by integrating with a hotel s PMS the Access Gateway can post charges for Internet access directly to...

Страница 111: ...functionality allows hotels to seamlessly deploy wireless networks or alternatively use low cost wired access concentration equipment that either do not support port ID or do so in a proprietary forma...

Страница 112: ...IP and Query Post interface MSI NH Hotels Protocol Technologies Ramesys ImagInn PMS OnQ System 21 Xeta Virtual XL Nomadix offers the following standards based interfaces generally used to establish a...

Страница 113: ...ACCESS GATEWAY System Administration 101 1 From the Web Management Interface click on Configuration then PMS The Property Management System Settings screen appears...

Страница 114: ...r Name and Room If you choose Micros Fidelio Post Only with TCP IP you must provide the Target IP Address and the Target Port Number If you choose Micros 1700 2000 3700 4700 8700 emulation you must pr...

Страница 115: ...vious state PMS solutions such as Galaxy require this option to be enabled to work with Nomadix Micros POS emulation in wireless hospitality networks Some PMS systems send selection records as lastnam...

Страница 116: ...tion Setting Up Port Locations Port Location Port Location allows you to establish the mode of operation for devices 1 From the Web Management Interface click on Configuration then Port Location The P...

Страница 117: ...Access Gateway Go to In Room Port Mapping on page 107 to map rooms from the subscriber side of the Access Gateway 4 Select No Port Location Mapping if you are not using Port based access 5 If you are...

Страница 118: ...r migration Enable box For cascading Tut and RFC1493 compliant systems click on the associated Cascading button The Cascading Support screen appears allowing you to enter the IP address and SNMP commu...

Страница 119: ...or example http 219 57 108 103 1111 usg roommapping The Enter Network Password prompt appears Access Gateway multiple VLAN tagged systems can use the same tags and be placed on different Subscriber po...

Страница 120: ...ccess mode you want to assign to this room Room Free Access Room For Charge Room Blocked 6 Click on the Submit button to save your changes 7 Repeat Steps 4 through 6 for each room see note If you leav...

Страница 121: ...d packets with 802 1p priority bits already set it will pass the priority values through unaltered In Internal mode classification and resultant bit marking is performed via QoS policies that are defi...

Страница 122: ...vice for the rule and then click Add Rule Once added rules will be displayed in the list above Defining the RADIUS Client Settings RADIUS Client The Access Gateway supports Remote Authentication Dial...

Страница 123: ...d logs their activity including bytes transferred connect time etc The Access Gateway s RADIUS implementation also handles vendor specific attributes VSAs required by WISPs that want to enable more ad...

Страница 124: ...Based Routing Settings Realm Based Routing on page 118 RADIUS Attributes on page 267 1 From the Web Management Interface click on Configuration then RADIUS Client The RADIUS Client Settings screen app...

Страница 125: ...ccount access request click on the check box for Send NAS identifier then define the NAS identifier in the NAS identifier field 5 To send the NAS IP address with your account request click on the chec...

Страница 126: ...ble RADIUS QoS Policies to assign a QoS policy to a user in their Radius Profile 17 Click on the Submit button to save your changes or click on the Reset button if you want to reset all the values to...

Страница 127: ...RADIUS Proxy Services as required by clicking on the appropriate check box 3 If you enabled RADIUS Proxy Services you must provide the Authentication Server Port and the Accounting Server Port refere...

Страница 128: ...ecret key in the Authentication Secret Key field During the authentication process the server and client exchange secret keys The secret keys must match for communication between the server and the cl...

Страница 129: ...RL VSA The Radius VSA for Redirect URL will be passed on to the Upstream NAS when enabled Enforce IP Upsell VSA The Radius VSA for Ip Upsell will be passed on to the Upstream NAS when enabled Enforce...

Страница 130: ...to see configured RADIUS service profiles and Realm Routing Policies this will take you to the Realm Based Routing Settings screen See also Defining the Realm Based Routing Settings Realm Based Routin...

Страница 131: ...ADIUS servers will return the L2TP tunnel parameters which the NSE will use to establish an L2TP tunnel Create a RADIUS service profile to a RADIUS server that will handle Prefix based users This is t...

Страница 132: ...red by clicking on the Enable RADIUS Authentication Service check box 2 If you enabled the RADIUS Authentication Service enter the primary RADIUS authentication server IP address in the Primary IP fie...

Страница 133: ...hen communicating accounting records 4 Enter a secret key in the Secret Key field for the primary RADIUS accounting server 5 Repeat Steps 1 through 4 for the secondary RADIUS accounting server if used...

Страница 134: ...cies can reference the same RADIUS service or tunnel profile This policy references a RADIUS service profile so a realm match will result in an access request being sent to the RADIUS server s specifi...

Страница 135: ...ke this entry the active entry click on the Entry Active check box 3 To define a specific realm choose the Specific Realm option and enter the destination in the Realm Name field Alternatively you can...

Страница 136: ...ACCESS GATEWAY 124 System Administration...

Страница 137: ...at are of the format username tcisp com Since this policy references a tunnel profile no RADIUS access requests will be sent to any RADIUS server In this case the NSE will use the L2TP tunnel paramete...

Страница 138: ...ce realm information will be used by the NSE s L2TP tunnel feature to determine how to handle usernames that contain realm information The screen below shows an example of setting the routing mode to...

Страница 139: ...x for SMTP Redirection Misconfigured to enable this feature for misconfigured subscribers 3 Click on the check box for SMTP Redirection Properly Configured to enable this feature for properly configur...

Страница 140: ...lates network management over the Internet To do this you must set up the SNMP communities and identifiers For more information about SNMP see Using an SNMP Manager on page 52 1 From the Web Managemen...

Страница 141: ...changes 5 Click on the Submit button to save your changes and reboot the system or click on the Reset button if you want to reset all the values to their previous state You can now use your SNMP clien...

Страница 142: ...en appears 2 Click on the Add button to add a new public subnet The Add Public Subnets screen appears 3 Enter a valid IP address for this subnet in the Subnet field 4 Enter the subnet mask for this su...

Страница 143: ...ion settings To view the summary listing go to the Web Management Interface click on Configuration then click on Summary To edit the Current Public DHCP Subnets table go to Managing the dhcp service o...

Страница 144: ...32 System Administration The Summary of Configuration Settings screen appears partial screen shown here Setting the System Date and Time Time This procedure shows you how to set the system date and ti...

Страница 145: ...are time or select External Time Server if you want to use NTP instead of the internal clock of the NSE If you select Internal Time enter the new date and time parameters in the relevant fields if req...

Страница 146: ...RADIUS servers for example if the RADIUS server is setup for a time zone that is different from the Access Gateway 4 When finished click on the Submit button to save your changes or click on the Reset...

Страница 147: ...or Select a condition type from the Add Condition menu and define the matching parameters Once added conditions will be displayed in the condition list 6 Select Remove to remove a condition from this...

Страница 148: ...s Settings screen appears 2 If you want to enable this feature click on the check box for URL Filtering 3 Click on the Submit button to save your setting 4 If URL Filtering is enabled you can add or r...

Страница 149: ...gration significantly expands this capability via the following means It allows the creation of multiple zones which are then constituted by groupings of multiple port locations These groupings can be...

Страница 150: ...ce Port Locations This is where the port configuration for the zone is entered The data must be entered as a string between 1 and 128 characters in length The string must contain either an individual...

Страница 151: ...perations Center and the edge device early VPN protocols such as PPTP have been widely discredited as a secure tunneling method As part of Nomadix commitment to provide outstanding carrier class netwo...

Страница 152: ...agement traffic either originating at the NOC or from the edge device through the IPSec tunnel Alternatively AAA data such as RADIUS Authentication and Accounting traffic can be sent through the IPSec...

Страница 153: ...rdware MAC address ARP is limited to a single physical network that supports hardware broadcasting To view the ARP Table go to the Web Management Interface click on Network Info then click on ARP The...

Страница 154: ...urrently configured This table includes the assigned host names their corresponding IP addresses and any aliases that may be assigned to each host Hosts provide services to other computers that are li...

Страница 155: ...as a listing which details the current status of each ICMP transmission element To view the ICMP Statistics go to the Web Management Interface click on Network Info then click on ICMP The ICMP Statist...

Страница 156: ...ACCESS GATEWAY 144 System Administration The Network Interfaces screen appears...

Страница 157: ...reaches its destination even though different packets may pass through different networks to get to the same location To view the IP Statistics go to the Web Management Interface click on Network Info...

Страница 158: ...fo then click on Routing The Routing Tables screen appears Displaying the Active IP Connections Sockets You can display a table which provides a detailed listing of all currently active IP Internet Pr...

Страница 159: ...Table Static Port Mapping You can display a table which provides a detailed listing of the currently active static port mapping scheme To view the Static Port Mapping Table go to the Web Management In...

Страница 160: ...rotocol statistics which are presented as a detailed listing of all TCP elements and their current status TCP is a standard protocol that manages data transmissions across networks To view the TCP Sta...

Страница 161: ...ort Location Menu The Port Location capabilities on the NSE have been enhanced It is now possible to define a policy on a port The billing methods RADIUS Credit Card PMS L2TP Tunneling and the billing...

Страница 162: ...n a hotel or apartment building a floor number wing or building There may even be multiple ports assigned to a single room or location The Access Gateway uses a port location authorization table to ma...

Страница 163: ...ent This procedure shows you how to add a port location assignment If you want to update an existing assignment go to Updating a Port Location Assignment 1 From the Web Management Interface click on P...

Страница 164: ...Charge for Use additional configurations are available Refer to the Note Port based Policies should be enabled from the Configuration AAA page for these settings to take effect Choose Enable RADIUS B...

Страница 165: ...e location file appears or click on the Reset button if you want to reset all the values to their previous state Updating a Port Location Assignment The procedure for updating a port location assignme...

Страница 166: ...his action before deleting the requested port location 1 From the Web Management Interface click on Port Location then Delete by Location The Delete Port Location Assignments by Location screen appear...

Страница 167: ...tton to delete the specified port location assignment or click on the Reset button if you want to reset the port value to its blank state Exporting Port Location Assignments Export This procedure show...

Страница 168: ...f you want to review the details of a specific port location You can also find port locations based on their location or port 1 From the Web Management Interface click on Port Location then Find by De...

Страница 169: ...rt 1 From the Web Management Interface click on Port Location then Find by Location The Find a Port Location Assignment by Location screen appears 2 In the Enter Location field enter the location of t...

Страница 170: ...their description or location 1 From the Web Management Interface click on Port Location then Find by Port The Find a Port Location Assignment by Port screen appears 2 In the Enter Port field enter th...

Страница 171: ...to import port location assignments from the flash location txt file Viewing the location txt File You can click on the View location txt link if you want to view the current contents of the file If...

Страница 172: ...iverDelta subnet state description Location Locations are assigned as an alpha numeric or alpha numeric value unless a PMS interface is used in which case only numeric values can be used Port Any numb...

Страница 173: ...dure shows you how to add subscriber profiles into a table of authorized users Three types of subscriber profiles are provided see the following sections for configuration information for the differen...

Страница 174: ...ubscriber account type 3 Define the DHCP Address Type Public or Private only used when the IP Upsell feature is enabled otherwise leave this set to private 4 Enter a valid MAC Address for the subscrib...

Страница 175: ...p Quality of Service QoS on page 109 for more information 14 Enable Countdown after login if you want the timeout amount to take effect after the user logins If the option is not enabled user timeouts...

Страница 176: ...he device is connected to a specific VLAN 5 Enter a valid MAC Address for the device 6 Enter the IP Address of the device 7 Enter a valid Subnet address for this device 8 In the Username field enter a...

Страница 177: ...ue which limits the number of subscribers that can be logged in through the account at any given time Group accounts can now be added via XML using the GROUP_ADD command The overall layout and behavio...

Страница 178: ...Subnet address for this subscriber 5 In the Username field enter a user name for this subscriber 6 If you assigned a user name you must now assign a Password 7 In the Expiration Time field define the...

Страница 179: ...to reset all the values to their previous state Displaying Current Subscriber Connections Current You can display a listing of all the subscribers currently connected to the system The list includes t...

Страница 180: ...rocedure shows you how to delete a subscriber profile from the Access Gateway s database of authorized subscribers based on the profile s MAC address In the State field Valid denotes that the subscrib...

Страница 181: ...User This procedure shows you how to delete a subscriber profile from the Access Gateway s database of authorized subscribers based on the profile s user name 1 From the Web Management Interface click...

Страница 182: ...Interface click on Subscriber Administration then click on DHCP Leases The Currently Allocated DHCP Leases screen appears Deleting All Expired Subscriber Profiles Expired This procedure shows you how...

Страница 183: ...ce click on Subscriber Administration then Find by MAC The Find a Subscriber Profile screen appears 2 In the Enter MAC Address field enter the MAC address of the subscriber you want to find 3 Click on...

Страница 184: ...bscriber profile or click on the Reset button if you want to reset the Username value to its blank state Listing Subscriber Profiles by MAC Address List by MAC You can display the currently active dat...

Страница 185: ...e list of Authorized Subscriber Profiles go to the Web Management Interface click on Subscriber Administration then click on List by User The Authorized Subscriber Profiles screen appears 1 indicates...

Страница 186: ...ing messages or 320000 bytes when and if necessary the oldest records are purged to make room for new records If the logfile is disabled the current logfile is purged from the flash If this is re enab...

Страница 187: ...database Current Table and a numerical breakdown of how the subscribers can utilize the system for example free access credit card etc The total number of user profiles stored in the Access Gateway s...

Страница 188: ...WS to allow users online on a time X over period Y basis Standard billing plans where time X period Y can be used concurrently with X over Y plans For example multiple plans with flexible billing even...

Страница 189: ...Subscriber Interface then Billing Options The Internal Billing Options Setup screen appears 2 Review the billing plans normal plans and X over Y plans that are currently active To view or edit a bill...

Страница 190: ...ACCESS GATEWAY 178 System Administration The Internal Billing Options Plan Setup or Internal Billing Options XoverY Plan Setup screen appears for the billing plan and type you selected...

Страница 191: ...ACCESS GATEWAY System Administration 179 Sample of Internal Billing Options XoverY Plan Setup Screen Depending on the type of plan you want to set up go to Setting Up a Normal Billing Plan on page 180...

Страница 192: ...g note 8 Click on the Submit this Plan button to save your changes and establish this billing plan Alternatively you can click on the Delete this Plan button if you want to delete this plan or click o...

Страница 193: ...tate Setting Up an X over Y Billing Plan 1 If required click on the Enable check box to enable make active this billing plan 2 Define a label for this billing plan in the Label field 3 Enter a descrip...

Страница 194: ...ation and Control Console ICC Setup The Nomadix ICC is a HTML pop up window that is presented to subscribers allowing them to select their bandwidth and billing plan options quickly and efficiently an...

Страница 195: ...opportunity to display the elapsed count down time and one logo for intra session service branding This procedure allows you to set up how the ICC is displayed to subscribers For more information abo...

Страница 196: ...ACCESS GATEWAY 184 System Administration 1 From the Web Management Interface click on Subscriber Interface then ICC Setup The ICC Setup screen appears...

Страница 197: ...er s screen Choose one of the following options Upper Left Corner Upper Right Corner Lower Left Corner Lower Right Corner 6 Define how you want to display the subscriber session time Elapsed Time how...

Страница 198: ...e image file you want to use for the button When assigning images for buttons refer to Pixel Sizes on page 188 When you have completed assigning all your redirect buttons click on the Submit button to...

Страница 199: ...eters that buttons use see Assigning Buttons on page 185 with the addition of 3 three more These are Duration Defines how long the banner is displayed in the ICC Start Time This is an optional paramet...

Страница 200: ...on the Submit button to save your changes or click on the Reset button if you want to reset all the values to their previous state 5 To return to the previous screen click on the Configure ICC link P...

Страница 201: ...nguage Support The Access Gateway allows you to define the text displayed to your users by the Internal Web Server IWS without any HTML or ASP knowledge The language you select here will determine the...

Страница 202: ...ntly 6 six pre translated language options If you want to have the ICC pre translated into Japanese and enter and display Japanese characters on the Web Management Interface and the subscriber s porta...

Страница 203: ...1 Upload the required pages and images to the flash web directory using FTP Total file size of all pages and images cannot exceed 200 KB File names should be labeled using the 8 3 format 2 Go to WMI...

Страница 204: ...b Page File Name This text box lets you add or remove the names of the web pages that you intend to serve to the end users Note The name of the web page has to be added in order for it to be served to...

Страница 205: ...ACCESS GATEWAY System Administration 193 Defining the Subscriber s Login UI Login UI This procedure allows you to set up the presentation and content of the subscriber s login User Interface UI...

Страница 206: ...ce click on Subscriber Interface then Login UI The Subscriber Login User Interface Settings screen appears 2 Define the messages you want subscribers to see when they log in Keep messages brief and to...

Страница 207: ...nabled the Remember Me option define the duration in days in the Remember for how many days field 6 If required define a Help Hyperlink Message and a corresponding Help Hyperlink URL 7 Define the loca...

Страница 208: ...er Login Screen Sample on page 197 12 If you made changes to the Image File Name or Partner Image File Name fields you must reboot the Access Gateway for your changes to take effect In this case click...

Страница 209: ...Page can be defined either as a RADIUS VSA or be driven by the Access Gateway s Internal Web Server IWS Using the IWS option means that this functionality is available for other post paid billing mec...

Страница 210: ...ACCESS GATEWAY 198 System Administration Freely configurable hypertext link in case the ISP wants to link the user back to a sign up help page Sample of Post Session UI Goodbye Page...

Страница 211: ...ACCESS GATEWAY System Administration 199 1 From the Web Management Interface click on Subscriber Interface then Post Session UI The Subscriber Post Session User Interface Settings screen appears...

Страница 212: ...ink in the Hyper Text Link URL field 5 Define the following Field Label Definitions for your Goodbye Page Session Summary IP Address Authen Type Start Time Stop Time Byte Sent Byte Received Go To 6 Cl...

Страница 213: ...3 Click on the Submit button to save your changes or click on the Reset button if you want to reset all the values to their previous state If you want to reset all field values to their default state...

Страница 214: ...age Field Label Definitions screen appears 2 Enter the definitions you want for each label in the corresponding fields 3 Click on the Submit button to save your changes or click on the Reset button if...

Страница 215: ...erface click on Subscriber Interface then Subscriber Errors 1 of 2 The Subscriber Page Error Message Definitions 1 of 2 screen appears 2 Enter the definitions you want for each error message in the co...

Страница 216: ...ACCESS GATEWAY 204 System Administration If you want to reset all field values to their default state click on the Revert button 4 Repeat Steps 1 3 for page 2 of 2 see following screen...

Страница 217: ...rocedure allows you to define how other subscriber messages are displayed 1 From the Web Management Interface click on Subscriber Interface then Subscriber Messages 1 of 3 The Subscriber Page Other Me...

Страница 218: ...he corresponding fields 3 Click on the Submit button to save your changes or click on the Reset button if you want to reset all the values to their previous state If you want to reset all field values...

Страница 219: ...ACCESS GATEWAY System Administration 207 5 Repeat Steps 1 3 for page 3 of 3 see following screen...

Страница 220: ...ARP Add The Add ARP Table Entries screen appears 1 Enter the IP Address of the entry you are adding 2 Enter the MAC Address of the entry you are adding 3 Define whether this entry is Static Will only...

Страница 221: ...Mode option is enabled the Access Gateway is effectively transparent to the network in which it is located allowing clusters of switches especially Cisco Systems switch clusters to be managed using th...

Страница 222: ...n the Submit button to save your changes or click on the Reset button if you want to reset the Enable option to its previous state Exporting Configuration Settings to the Archive File Export This proc...

Страница 223: ...authentication settings to the archive txt file Importing the Factory Defaults Factory This procedure shows you how to replace the current authentication settings with the settings that were establis...

Страница 224: ...ail Over Many large scale networks require fail over support for all devices in the public access network The Fail Over Options feature allows two Nomadix Gateways to act as siblings where one device...

Страница 225: ...he Secondary will wait while not receiving messages from the Primary before it takes over 7 Click on the check box for Reboot after changes are saved 8 Click on the Submit button to save your changes...

Страница 226: ...tory log fields include Message Administrator Operator action Login User name of the Administrator Operator IP Source IP address see note Establishing ICMP Blocking Parameters ICMP The Access Gateway...

Страница 227: ...eature as required 3 You can Ping a host via the network port by entering either an IP address or DNS name of host This is the site that you want the ping to be sent to from the NSE 4 Click on the Sub...

Страница 228: ...vels to differentiate between managers and operators where managers are permitted read write access and operators are restricted to read access only Once the logins have been assigned managers have th...

Страница 229: ...allowed SSH Shell Access SSL Only managers can assign a username and password for the remote RADIUS testing login option 1 From the Web Management Interface click on System then Login The Login Name a...

Страница 230: ...htm and can be accessed from the network side of the Access Gateway You must open a separate browser to utilize this feature The Framed IP field is configurable by the user and can be set to any IP ad...

Страница 231: ...s to their previous state Defining the MAC Filtering Options Mac Filtering MAC Address filtering enhances Nomadix access control technology by allowing System Administrators to block malicious users b...

Страница 232: ...n to add this address to the blocked list or click on the Remove button to remove this address from the list For advanced security see also Establishing Session Rate Limiting Session Limit on page 222...

Страница 233: ...setting the gateway or router IP address by which the route s destination can be reached 1 From the Web Management Interface click on System then Route Add The Add Static Routes screen appears 2 Enter...

Страница 234: ...ete Static Routes screen appears 2 Enter the Destination IP address of the route you want to delete from the routing table 3 Click on the Delete button to delete this route from the routing table or c...

Страница 235: ...Defining the MAC Filtering Options Mac Filtering on page 219 Adding Static Ports Static Port Mapping Add Static Port Mapping allows the network administrator to setup a port mapping scheme that forwa...

Страница 236: ...rnal device from any network side workstation 8 Optional Enable the Protect with Source IP based Access Control option Enabling this will only allow address in the source based access control list to...

Страница 237: ...articular static IP typically private and mis configured and port number on the subscriber side of the Access Gateway The advantage for the network administrator is that free private IP addresses can...

Страница 238: ...Interfaces The Subscriber Interfaces screen appears 2 Enable or disable the following items by clicking on the corresponding check box Block Subscriber Interface 1 Block Subscriber Interface 2 3 Clic...

Страница 239: ...ike a router the Access Gateway continuously tracks subscriber IP and MAC settings eliminating the need for further sign ins and ensuring that subscriber usage and billing is recorded accurately The A...

Страница 240: ...equired to pay Naturally subscribers expect to pay only for the services rendered to them In any environment billing is a complex process It requires accurate data collection and reconciliation a mean...

Страница 241: ...nd deny service to those guests who have not paid Allowing the solution provider to bill subscribers for services rendered either directly on their hotel bill in the hotel scenario via a mailed invoic...

Страница 242: ...subscribers on a local flash database By looking up subscribers on a remote database The Authentication module can support user name and MAC address authentication simultaneously Subscriber Login Sub...

Страница 243: ...ning the time purchased Interaction with a Property Management System PMS and Web interfaces enabling administrators to edit the subscriber s input Only subscribers that are correctly identified and a...

Страница 244: ...Provider s Portal Page Internal or External Web Server AG detects connection and verifies user against authorization table Lease time has expired Purchase more time Yes No Internet and local online s...

Страница 245: ...rver Either method is transparent to the subscriber however the advantage of using the internal Web server is obvious no login redirection tasks and a faster response time for the subscriber Language...

Страница 246: ...ddress The Access Gateway can be configured to allow access for specified MAC addresses In this model when a subscriber attempts to access the Internet the Access Gateway validates the subscriber s MA...

Страница 247: ...user name and password are optional the MAC address will be substituted but in this event the service is not transferable between computers Credit card Enable the AAA services You have the choice of...

Страница 248: ...f redirection options For information about configuring the ICC refer to Defining Languages Language Support on page 189 ICC Pop Up Window The ICC displays a HTML based applet in the form of a pop up...

Страница 249: ...s System Administrators to define a simple HTML based pop up window for explicit logout that can be used as an alternative to the more fully featured ICC The pop up Logout Console can display the elap...

Страница 250: ...ACCESS GATEWAY 238 The Subscriber Interface...

Страница 251: ...G parameters Network Info Menu Displays the Network Info menu The items in this menu are used to monitor and review network connections routings protocols and network session statistics Port Location...

Страница 252: ...used This feature allows administrators to block access from Telnet Web Management and FTP sources Auto Configuration Provides an effortless and rapid method for configuring devices for fast network...

Страница 253: ...stablishes the Access Concentrator settings RADIUS Client This procedure sets up the RADIUS client RADIUS Proxy Establishes RADIUS proxies where different realms can be set up to directly channel RADI...

Страница 254: ...or the interfaces IP Displays the IP performance statistics Routing Displays the routing tables and performance statistics Sockets Displays the active Internet connections Static Port Mapping Displays...

Страница 255: ...signment based on a unique description Find by Location Finds a port location assignment based on a specified location Find by Port Finds a port location assignment based on a specified port Import Im...

Страница 256: ...pecified user name List by MAC Displays a list of authorized subscriber profiles sorted by MAC address List by User Displays a list of authorized subscriber profiles sorted by user name Statistics Dis...

Страница 257: ...d to subscribers page 1 of 3 Subscriber Messages 2 of 3 Defines how other general messages are displayed to subscribers page 2 of 3 Subscriber Messages 3 of 3 Defines how other general messages are di...

Страница 258: ...s routing table Route Delete Deletes a route to a specific IP destination Session Limit Limits the number sessions any one user can take over a given time period and if necessary then blocks maliciou...

Страница 259: ...users based on their MAC address Up to 50 MAC addresses can be blocked at any one time Reboot Reboots the Access Gateway Route Add Adds a route into the Access Gateway s routing table Route Delete De...

Страница 260: ...Description Find port location assignments by description Port Location Find by Location Find port location assignments by location Port Location Find by MAC Find a subscriber profile by MAC address...

Страница 261: ...tics Display the subscriber profile statistics Subscriber Admin Subnets Enable dynamic multiple subnet support Configuration Subscriber Buttons Define how control buttons are displayed to subscribers...

Страница 262: ...its of Network Interface MAC MAC address is unique for each product MAC address is unique for each product Network Interface IP Subnet Mask Default Gateway IP DHCP Client Admin IP 10 0 0 10 255 255 25...

Страница 263: ...al Authorization New Subscribers Credit Card Service Parameter Passing Usernames XML Disabled Enabled Enabled Enabled Disabled Enabled Disabled DNS Redirection SMTP Redirection SMTP Server IP Enabled...

Страница 264: ...y Fail Over PERFORMANCE User Support Up to 50 users concurrently Throughput up to 20Mbits s As defined by RFC1242 Section 3 17 PHYSICAL 1U rack space in a 19 rack 10 00 L x 10 00 D x 1 73 H 254mm L x...

Страница 265: ...01 A2 2003 IEC 61000 4 2 1995 A1 1998 A2 2000 IEC 61000 4 3 2006 IEC 61000 4 4 2004 IEC 61000 4 5 2005 IEC 61000 4 6 2007 IEC 61000 4 8 1993 A1 2000 IEC 61000 4 11 2004 EN 61000 3 3 1995 A1 2001 A2 20...

Страница 266: ...lient IPSec for secure connection to an NOC Access Control Lists Web Administration UI CLI via Telnet and Serial Port SNMPv2c Secure XML API Auto Configuration and Upgrades Syslog AAA log NETWORKING I...

Страница 267: ...y Management Interface PMS PERFORMANCE User Support Up to 200 users concurrently Throughput up to 85Mbits s As defined by RFC1242 Section 3 17 PHYSICAL 1U rack space in a 19 rack 10 00 L x 10 00 D x 1...

Страница 268: ...1950 CSA22 2 No 950 INTERFACES 3 x 10 100 Mbps Ethernet RJ 45 1 x DB9 serial for serial management and PMS interface LED INDICATORS ACT LINK and 10 100 for each Ethernet port Power NETWORK MANAGEMENT...

Страница 269: ...Management Interface PMS PERFORMANCE User Support Up to 2000 users concurrently Throughput up to 100Mbits s As defined by RFC1242 Section 3 17 PHYSICAL 1U rack space in a 19 rack 16 85 L x 10 04 W x...

Страница 270: ...61000 3 2 2000 CENELEC EN 61000 3 3 1995 A1 2001 UL Std 1950 CSA22 2 No 950 INTERFACES 3 x 10 100 Mbps Ethernet RJ 45 1 x DB9 serial for serial management and PMS interface LED INDICATORS ACT LINK an...

Страница 271: ...ACCESS GATEWAY Quick Reference Guide 259 NETWORKING IEEE 802 3 3u IEEE 802 1d DHCP Server DHCP Relay RADIUS Client MD 5 PAP CHAP MS CHAPv1 v2 AG 5500 Specifications...

Страница 272: ...put up to 750Mbits s As defined by RFC1242 Section 3 18 PHYSICAL 1U rack space in a 19 rack 17 24 L x 11 53 W x 1 73 H 438mm L x 292 0mm W x 44mm H Weight 8 8 lbs Weight 4 00 Kg OPERATING VOLTAGE 100...

Страница 273: ...ive 2006 95 EC IEC 60950 1 2005 2nd Edition EN60950 1 2006 A11 2009 INTERFACES 2 x 10 100 1000 Mbps GigE RJ 45 LAN 1 x 10 100 1000 Mbps GigE RJ 45 WAN 1 x DB9 serial PMS Interface 1 x Front Access RJ...

Страница 274: ...ACCESS GATEWAY 262 Quick Reference Guide NETWORKING IEEE 802 3 3u 3ab IEEE 802 1d DHCP Server DHCP Relay RADIUS Client MD 5 PAP CHAP MS CHAPv1 v2 AG 5600 Specifications...

Страница 275: ...Added_in_memory_ta ble_ pending 00 00 0E 32 2 C BC Mar 31 18 43 54 nomad237 nomadix com INFO AAA 4208 AAA_Authentication Unsuccessful_Error 00 60 08 B4 20 6A Mar 31 21 34 21 nomad237 nomadix com INFO...

Страница 276: ...Interface Updated_by_administrator Subscriber profile was updated AAA_Interface Removed_by_administrator Subscriber profile was manually removed from the authorization table Message Definition 2003 02...

Страница 277: ...ACCESS GATEWAY Quick Reference Guide 265 Sample History Log A history log is generated by the Access Gateway which includes the system s activity Access Reboot and Uptime More listings...

Страница 278: ...ata and place it on the clipboard Ctrl X Copy selected data to the clipboard Ctrl C Paste data from the clipboard into a document at the insertion point Ctrl V Copy the active window to the clipboard...

Страница 279: ...granted and if so with what privileges When a subscriber attempts to access the service provider s network the Access Gateway delivers a Web page to the subscriber asking for a login name and password...

Страница 280: ...scriptions Nomadix Vendor Specific Attributes Authentication Request Username Password Service Type NAS Port port number NAS Identifier Framed IP Address NAS IP Address NAS Port Type Acct Session ID L...

Страница 281: ...wn Nomadix URL Redirection Nomadix IP Upsell Nomadix MaxBytesUp Nomadix MaxBytesDown Nomadix Net VLAN Nomadix Session Terminate End Of Day Nomadix Subnet Nomadix Expiration Accounting Request Username...

Страница 282: ...ateway will set the subscriber expiration time to 0 which means access forever Log Off URL Allows for the placement of a log off URL for example 1 1 1 1 on an external portal page Idle Timeout The WMI...

Страница 283: ...sent The precision is 2 minutes The Access Gateway will not send Interim messages more frequently than every 2 minutes Called Station ID This is the Media Access Control MAC address of the Access Gate...

Страница 284: ...ess Gateway has the IP Upsell feature enabled Nomadix Volume Based Session Timeout This attribute allows you to terminate a session once a specified data volume has been reached Nomadix Session Termin...

Страница 285: ...are based on obtaining a key from VeriSign Please contact Nomadix Technical Support if you want to use a different Certificate Authority For Nomadix technical support go to Contact Information on pag...

Страница 286: ...a PC The procedure starts from the Cygwin Net Release Setup Program screen Click on the Next button The following screen appears Click on the Next button to display the next setup screen The example...

Страница 287: ...GATEWAY Quick Reference Guide 275 Click on the Next button to display the next setup screen Click on the Next button to display the next setup screen Click on the Next button to display the next setup...

Страница 288: ...please skip all packages except cygwin and openssl then click on the Next when you are done For the purposes of this document Nomadix used ftp planetmirror com At the time of this writing there are m...

Страница 289: ...inform you that the installation process is completed At the pop up dialog click on the OK button Private Key Generation Create a directory from Root and put 5 random files a dat b dat c dat d dat and...

Страница 290: ...ommand prompt from Windows then click on the OK button Go to the c cygwin bin directory and run the following command openssl genrsa rand file1 file2 file3 file4 file5 1024 cakey pem The following tab...

Страница 291: ...P to the Access Gateway openssl openssl command genrsa A parameter for openssl to generate an RSA key Rand A parameter for openssl to generate a random number from the files list file1 file2 file5 The...

Страница 292: ...280 Quick Reference Guide Here is the output of cakey pem Create a Certificate Signing Request CSR File Run the following command to generate the certificate signing request openssl req new key cakey...

Страница 293: ...n Name in the Web Management Interface of the Access Gateway refer to the Access Gateway setup information later in this document Here is the output of server csr Create a Public Key File server pem V...

Страница 294: ...282 Quick Reference Guide This is the procedure to get a 40 bit encryption or 128 bit Public Key from VeriSign With IE or Netscape go to www verisign com products site index html Select Buy for Secur...

Страница 295: ...s in the server csr created in the previous step Open server csr and copy and paste all data into the edit box Select the purchase method and summit the required contact information When you receive a...

Страница 296: ...gin FTP the cakey pem and server pem files into the Access Gateway platform s flash directory FTP to the Access Gateway by Netscape ftp username password Access Gateway Network IP flash Drag and drop...

Страница 297: ...r logins secure logins or both When subscribers enter the Portal Page they can then choose either a regular login or a secure login To setup the Portal Page add the following For Regular Logins http A...

Страница 298: ...This document describes the process used by the Access Gateway for mirroring billing records and is organized into the following sections Sending Billing Records on page 286 XML Interface on page 287...

Страница 299: ...at Access Gateway to External Server USG RMTLOG_COMMAND ADD_REC REC_NUM max 4 characters REC_NUM USG_ID max 6 characters USG_ID PROPERTY_ID max 64 characters PROPERTY_ID DATE max 10 characters DATE TI...

Страница 300: ...The XML string is a command sent by the External Server to the Access Gateway product In this case the acknowledgement received from the External Server forms the command The Access Gateway expects t...

Страница 301: ...VALUE IP_ADDR 11 22 33 44 IP_ADDR ERROR_CODE 5 ERROR_CODE USG Format for each Field RESULT_VALUE OK or ERROR IP Standard IP format 123 123 123 123 ERROR_CODE1 for OK or any other number For more infor...

Страница 302: ...ACCESS GATEWAY 290 Quick Reference Guide...

Страница 303: ...ice the Access Gateway requires careful handling It should be positioned in a dust free and temperature controlled environment Never block the unit s ventilation holes and do not stack with other equi...

Страница 304: ...ge settings or the message is generated by the system when it fails to locate the data it needs Error loading factory settings The system cannot find the default configuration file when attempting to...

Страница 305: ...es are available to subscribers This message is displayed because you have disabled both the external DHCP relay and the system s DHCP service To make DHCP available to subscribers at least one of the...

Страница 306: ...server If necessary test the communication with the ping command The DHCP relay is enabled with the correct IP address for the external DHCP server but the DHCP server is misconfigured Check the exte...

Страница 307: ...to the Access Gateway incorrectly Re enter the correct URL The server that hosts the home page is down or the service provider if different from the host is not able to route to your page Check that t...

Страница 308: ...This page intentionally left blank ACCESS GATEWAY 296 Troubleshooting...

Страница 309: ...rk documentation to verify that the network components are functioning correctly If you cannot resolve the problem with your documentation resources try connecting to our corporate Web site We may hav...

Страница 310: ...This page intentionally left blank ACCESS GATEWAY 298...

Страница 311: ...An IEEE standard for providing a virtual LAN capability within a campus network 802 1Q establishes a standard format for frame tagging Layer 2 VLAN markings enabling the creation of VLANs that use equ...

Страница 312: ...a fixed size 53 bytes each The cell used with ATM is relatively small compared to units used with older technologies The small constant cell size allows ATM equipment to transmit video audio and comp...

Страница 313: ...vailable for reassignment to another device See also Dynamic IP Address IP Address Static IP Address and TCP IP DNS Domain Name System A system that maps meaningful domain names with complex numeric I...

Страница 314: ...fer rates of 10 Mbps The Ethernet specification served as the basis for the IEEE 802 3 standard which specifies the physical and lower software layers Ethernet is one of the most widely implemented LA...

Страница 315: ...FTP File Transfer Protocol A standard protocol used for copying and moving files quickly efficiently and securely across public and private networks An FTP site is one where files are available for do...

Страница 316: ...In infrastructure mode wireless devices can communicate with each other or can communicate with a wired network When one AP is connected to a wired network and a set of wireless stations it is referre...

Страница 317: ...between nodes Also referred to as WLAN See also Node LDAP Lightweight Directory Access Protocol Directories containing information such as names phone numbers and addresses are often stored on a varie...

Страница 318: ...m on a computer NTP sends periodic time requests to servers obtaining server time stamps and using them to adjust the client s clock OFDM Orthogonal Frequency Division Multiplexing An FDM modulation t...

Страница 319: ...a host and expects a response within a predetermined time This is useful when troubleshooting network transmission problems See also ICMP Portal A portal is a Web site The portal consists of a collect...

Страница 320: ...word This information is passed to a RADIUS server which checks that the information is correct and then authorizes access to the ISP system RFC Request for Comments A series of notes about the Intern...

Страница 321: ...s a wireless network SSL Secure Sockets Layer A protocol developed by Netscape for transmitting private documents via the Internet SSL works by using a private key to encrypt data that is transferred...

Страница 322: ...to the login prompt of another host that you have access rights to See also Host Throughput The net data transfer rate between an information source and its destination using the maximum packet size w...

Страница 323: ...calculated into UTC UTC was devised on January 1 1972 and is coordinated in Paris by the International Bureau of Weights and Measures UTC like GMT is set at 0 degrees longitude on the prime meridian...

Страница 324: ...A Wi Fi Protected Access A Wi Fi standard that was designed to improve upon the security features of WEP The technology is designed to work with existing Wi Fi products that have been enabled with WEP...

Страница 325: ...ode 8 209 C cautions 23 202 Certificate Signing Request 280 character lengths 34 CLI 9 Command Line Interface 9 inputting data 31 logging in 29 common problems 294 concurrent login 216 configurable po...

Страница 326: ...215 importing factory settings 211 iNAT 10 80 Information and Control Console 8 11 182 236 assigning banners 187 assigning buttons 185 pixel sizes 188 time formats 189 inputting data 34 in room port m...

Страница 327: ...aces 143 notes 23 202 NSE core functionality 6 NTP support 14 O optional NSE modules 20 High Availability Module 20 Hospitality Module 20 P PageFaults 95 passthrough addresses 97 PMS 98 PMS integratio...

Страница 328: ...6 remote connections 51 routes 221 222 adding 221 deleting 222 routing tables 145 S secure administration 63 secure management 16 secure socket layer 17 security 5 serial cable connection 28 service b...

Страница 329: ...tory 94 95 Log Filter 93 Save file 93 SYSLOG report 264 System Administration menu 51 System menu 208 System report log 93 System report log interval 93 T TCP statistics 148 technical support 297 cont...

Страница 330: ...ACCESS GATEWAY 318...

Отзывы:

Нет отзывов

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды