Nomadix AG 5500 Скачать руководство пользователя страница 232

Страница: 232 / 338

AG 5500

220

System Administration

Defining Subscriber Messages {Subscriber Messages}

This procedure allows you to define how “other” subscriber messages are displayed.

From the Web Management Interface, click on

Subscriber Interface

, then

Subscriber

Messages, 1 of 3

The

Subscriber Page -- Other Message Definitions, 1 of 3

screen

appears:

There are 3 (three) pages of subscriber messages available.

ag5500_userguide.book Page 220 Tuesday, June 5, 2007 7:31 PM

Содержание AG 5500

Страница 1: ......

Страница 2: ...ts Reserved Livingston Enterprises Inc Copyright 1992 Livingston Enterprises Inc All Rights Reserved The Regents of the University of Michigan and Merit Network Inc Copyright 1992 1995 All Rights Rese...

Страница 3: ...36 894 EU1222791 BE1222791 FI1222791 FR1222791 DE60020588 6 GB1222791 NL1222791 ES1222791 SE1222791 CH1222791 SG88575 ZL00815828 2 US6 798 110 Japan 3880856 Korea 559357 SG88483 Zl00815982 3 EU1234425...

Страница 4: ...elevision reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures z Reorient or relocat...

Страница 5: ...uteile AVISO Riesgo de shock el ctrico No abrir No hay piezas configurables dentro CAUTION Read the instruction manual prior to operation ATTENTION Lire le mode d emploi avant utilisation ACHTUNG Lese...

Страница 6: ...This page intentionally left blank AG 5500 vi...

Страница 7: ...Access Control 7 Bandwidth Management 8 Bridge Mode 8 Command Line Interface 9 Dynamic Address Translation 9 Dynamic Transparent Proxy 9 End User Licensee Count 9 External Web Server Mode 10 Home Page...

Страница 8: ...30 Installation Workflow 31 Powering Up the System 32 Logging In to the Command Line Interface 33 The Management Interfaces CLI and Web 35 Making Menu Selections and Inputting Data with the CLI 36 Men...

Страница 9: ...me Page Redirect 89 Enabling Intelligent Address Translation iNAT 90 Defining IPSec Tunnel Settings IPSec 91 Establishing Your Location Location 97 Managing the Log Options Logging 102 Enabling MAC Au...

Страница 10: ...gs List 175 Subscriber Administration Menu 176 Adding Subscriber Profiles Add 176 Displaying Current Subscriber Connections Current 179 Deleting Subscriber Profiles by MAC Address Delete by MAC 180 De...

Страница 11: ...leting a Route Route Delete 239 Establishing Session Rate Limiting Session Limit 240 Adding Static Ports Static Port Mapping Add 241 Deleting Static Ports Static Port Mapping Delete 243 Blocking a Sub...

Страница 12: ...ions 277 Nomadix Vendor Specific Attributes 279 Setting Up the SSL Feature 280 Prerequisites 280 Obtain a Private Key File cakey pem 280 Installing Cygwin and OpenSSL on a PC 281 Private Key Generatio...

Страница 13: ...00 s subscriber interface It also includes an outline of the authorization and billing processes utilized by the system and the Nomadix Information and Control Console Chapter 4 Quick Reference Guide...

Страница 14: ...gments Product Configuration and Licensing All Nomadix Access Gateway products including the AG 5500 are powered by our patented and patent pending suite of embedded software called the Nomadix Servic...

Страница 15: ...nvestment to create new revenue streams z Enables you to provide Wi Fi access as a billable service or as an amenity to augment the main line of business for your venue z The AG 5500 contains an advan...

Страница 16: ...d Dynamic Address Translation DAT functionality offers a true plug and play solution by enabling a seamless and transparent experience and the tools to acquire new customers on site DAT greatly reduce...

Страница 17: ...0 provides fine grain management of DoS Denial of Service attacks through its Session Rate Limiting SRL feature and MAC filtering for improved network reliability 5 Step Service Branding A network ena...

Страница 18: ...ackage of features includes z Access Control z Bandwidth Management z Bridge Mode z Command Line Interface z Dynamic Address Translation z Dynamic Transparent Proxy z End User Licensee Count z Externa...

Страница 19: ...login is permitted only if a match is made with the master list contained within the NSE If a match is not made the login is denied even if a correct login name and password are supplied The access c...

Страница 20: ...dwidth dynamically by the minute or on an hourly daily weekly or monthly basis and also adjust the pricing plan for their service see graphic Bridge Mode This feature allows complete and unconditional...

Страница 21: ...are The NSE supports both PPTP and IPSec VPNs in a manner that is transparent to the user and that provides a more secure standard connection See also Transparent Connectivity on page 4 Dynamic Transp...

Страница 22: ...If you choose to use the EWS interface Nomadix Technical Support can provide you with sample scripts See also Contact Information on page 305 Home Page Redirect The NSE supports a comprehensive HTTP...

Страница 23: ...able pool of publicly routable IP addresses The same public IP address can be used as a source IP to support concurrent tunnels to different termination devices offering unmatched efficiency in the ut...

Страница 24: ...ers See also z 5 Step Service Branding on page 5 z Logout Pop Up Window on page 13 z Information and Control Console ICC on page 254 Internal Web Server The NSE offers an embedded Internal Web Server...

Страница 25: ...ool address the NSE associates their MAC address with their public IP address for the duration of the service level agreement The opposite is true if they select a plan with a private pool address Thi...

Страница 26: ...tocol that assures accurate synchronization to the millisecond of computer clock times in a network of computers NTP synchronizes the client s clock to the U S Naval Observatory master clocks Running...

Страница 27: ...of the individual configuration files and their download frequency status are downloaded from an FTP server into the flash of the Nomadix device 2 Defines the automated login into the centralized FTP...

Страница 28: ...RADIUS Proxy functionality is the ability to route RADIUS messages depending on the Network Access Identifier NAI Both prefix based for example ISP username ISP net and suffix based username ISP net N...

Страница 29: ...lso the secure management of third party devices for example WLAN Access Points and 802 3 switches on private subnets on the subscriber side of the Nomadix gateway See also Enabling Secure Management...

Страница 30: ...ize and enhance their product installations This feature allows the operator to use Nomadix popular XML API using the built in SSL certificate functionality in the NSE so that parameters passed betwee...

Страница 31: ...ing an SNMP Manager on page 59 z Installing the Nomadix Private MIB on page 55 Tri Mode Authentication The NSE enables multiple authentication models providing the maximum amount of flexibility to the...

Страница 32: ...such as finance yahoo com sports yahoo com etc The system administrator can dynamically add or remove up to 300 specific IP addresses and domain names to be filtered for each property Walled Garden T...

Страница 33: ...ipped with a dedicated PMS port to facilitate connectivity with a customer s Property Management System Billing Records Mirroring NSE powered devices can send copies of credit card and optionally PMS...

Страница 34: ...Billing Records Mirroring on page 21 High Availability Module The optional High Availability Module offers enhanced network uptime and service availability when delivering high quality Wi Fi service...

Страница 35: ...the NSE s optional Hospitality Module our Meeting Room Scheduler MRS application can further enhance your product s integration into the hospitality environment The MRS allows hotel desk clerks to sc...

Страница 36: ...oyed effectively in a variety of wireless and wired broadband environments where there are many users usually mobile who need high speed access to the Internet The following example shows a potential...

Страница 37: ...m H Weight 6 61 lbs Weight 3 00Kg OPERATING VOLTAGE 100 to 240 VAC 50 60 Hz Auto Sensing POWER CONSUMPTION 65 watts ENVIRONMENTAL Operating temperature 5 C to 40 C Storage temperature 0 C to 70 C Oper...

Страница 38: ...ower NETWORK MANAGEMENT Multi Level Administration Controls Integrated VPN Client IPSec for secure connection to an NOC Access Control Lists Web Administration UI CLI via Telnet and Serial Port SNMPv2...

Страница 39: ...5500 and you want to access information quickly and efficiently It contains all the information you will find in this User s Guide For more information about WebHelp and other online documentation re...

Страница 40: ...This page intentionally left blank AG 5500 28 Introduction...

Страница 41: ...ablishing the Start Up Configuration z Logging Out and Powering Down the System z Connecting the AG 5500 to the Customer s Network z Establishing the Basic Configuration for Subscribers z Archiving Yo...

Страница 42: ...odem NM 1 Cable CATS5 standard 7 ft length 1 Cable CATS5 crossover 7 ft length 1 Screw 10 32 X 1 2 PH with internal washer 4 Screw 4 40 5 16 flathead 100 deg 8 Plastic bumper feet 4 Universal mounting...

Страница 43: ...pt you to reboot the system Connect the AG 5500 to the customer s network Power up the AG 5500 and log in via a Telnet session or the Web Management Interface Set the basic configuration parameters fo...

Страница 44: ...he AG 5500 and your laptop computer and to power up the system 1 Place the AG 5500 on a flat and stable work surface 2 Connect the power cord 3 Connect the DB9 serial cable between the AG 5500 s seria...

Страница 45: ...a login prompt appears on your screen The default login user name is admin The password is admin Login names and passwords are case sensitive 3 Enter admin when prompted for a user name and password T...

Страница 46: ...AG 5500 34 Installing the AG 5500...

Страница 47: ...Network Info z Port location z Subscribers z System The AG 5500 supports various methods for managing the system remotely These include an embedded graphical Web Management Interface WMI an SNMP clien...

Страница 48: ...access the CLI s Help screen When using the CLI if a procedure asks you to enter sn this means you must type sn and press the Enter key The system does not accept data or commands until you hit the En...

Страница 49: ...AG 5500 Installing the AG 5500 37 Note Your browser preferences or Internet options should be set to compare loaded pages with cached pages...

Страница 50: ...subscriber other messages 72 Description of Service billing options Plan 140 Home Page URL 237 Host Name and Domain Name DNS settings 64 IP DNS Name passthrough addresses 237 Label billing options pl...

Страница 51: ...ion resources available from our corporate Web site www nomadix com include a full PDF version of this User s Guide viewable with Acrobat Reader version 4 0 or higher white papers technical notes and...

Страница 52: ...manage the AG 5500 securely z Setting the SNMP Parameters optional The SNMP Simple Network Management Protocol parameters must be established before you can use an SNMP client for example HP OpenView...

Страница 53: ...ibers to see the AG 5500 on the network Use this address when you need to make a network connection with the AG 5500 z Assigning the Subnet Mask The subnet mask defines the number of IP addresses that...

Страница 54: ...nter lo login The system prompts you for the current login If this is the first time you are changing the login parameters since initializing the AG 5500 the default login name and password is admin 3...

Страница 55: ...d identifiers The SNMP parameters include your contact information the get set communities and the IP address of the trap recipient Your SNMP manager needs this information to enable network managemen...

Страница 56: ...nd you can terminate this procedure 3 Assign a valid ID number 0 7 to each server 4 Enter the IP addresses to identify the location of the system and AAA SYSLOG servers on the network the default for...

Страница 57: ...nter System Report log number 0 7 0 2 Enter System Report log server IP 0 0 0 0 9 10 11 12 Enter System Report log Interval minutes 10 Enable disable Tracking log disabled enable Enter Tracking number...

Страница 58: ...AG 5500 46 Installing the AG 5500 System Report log Save to file Disabled Tracking logging Enabled Tracking log number 1 Tracking log server IP 8 9 10 11 Tracking log Save to file Disabled...

Страница 59: ...address the default address is 10 0 0 10 and prompts you for a valid address The network interface IP address is the public IP address that allows administrators to see the AG 5500 on the network Use...

Страница 60: ...ip newzip Country country newcountry Please enter your email address em em com newmail email com Please select the venu type that most reflects your location 1 Apartment 2 Bar Coffeeshot Restaurant 3...

Страница 61: ...lling area code 818 818 Please enter your network SSID Zone samplezonename The system must be reset to function properly Reboot yes no y Your new settings are displayed and the AG 5500 reboots When th...

Страница 62: ...ween the AG 5500 and your computer Connecting the AG 5500 to the Customer s Network Use this procedure to connect the AG 5500 to the customer s network after the start up configuration parameters have...

Страница 63: ...AG 5500 Installing the AG 5500 51 3 Connect the power cord and turn on the AG 5500 4 Go to Establishing the Basic Configuration for Subscribers on page 52 To Network To Subscribers Front Panel...

Страница 64: ...this service on the AG 5500 you can either enable the DHCP relay routed to an external DHCP server IP address or you can enable the AG 5500 to act as its own DHCP server In both cases DHCP functionali...

Страница 65: ...r Netmask Start IP End IP Lease Type IPUp 208 11 0 4 255 255 0 0 208 11 0 5 208 11 0 7 20 PRIV NO 10 0 0 4 255 255 255 0 10 0 0 5 10 0 0 250 30 PRIV NO Default IP Pool DHCP IP Pools Configuration 0 Sh...

Страница 66: ...ers the default for the DNS primary address is 0 0 0 2 5 Enter the IP addresses for the DNS servers located at the customer s network operating center where DNS requests are sent 6 Enter y yes to rebo...

Страница 67: ...file from the CD ROM you will be able to view and manage SNMP objects on your AG 5500 Procedure 1 Import the nomadix mib file into your SNMP client manager 2 Connect to the AG 5500 from a node on the...

Страница 68: ...This page intentionally left blank AG 5500 56 Installing the AG 5500...

Страница 69: ...nterface options z Using the Web Management Interface WMI Provides a powerful and flexible Web interface for network administrators z Using an SNMP Manager Allows remote Windows management using an SN...

Страница 70: ...name and password To access any menu item from the WMI simply click on the item you want The corresponding work screen then appears in the right side frame From here you can control the features and s...

Страница 71: ...These objects include hardware configuration parameters and performance statistics Managed objects are arranged into a virtual information database called a Management Information Base MIB SNMP enabl...

Страница 72: ...he feature is mentioned in the body text Configuration Menu Defining the AAA Services AAA This procedure shows you how to set up the AAA Authentication Authorization and Accounting service options AAA...

Страница 73: ...AG 5500 System Administration 61...

Страница 74: ...sable the XML Interface as required XML eXtensible Markup Language is used by the AG 5500 s subscriber management module for port location and user administration Enabling the XML interface allows the...

Страница 75: ...ith these variables sent to the server it can now send the XML command to bill the users properly Print Server IP needs to be entered as one of the XML server IP for the command to successfully comple...

Страница 76: ...PMS billing and have a meeting room with a plan of 14 99 an hour with Credit Card billing In order for the port based policies to work you must enable Port Based Billing Policies See also Adding and U...

Страница 77: ...e and you have the certificate files server pem cakey pem and cacert pem on the flash After selecting the Internal Web Server authorization mode you have the option of enabling or disabling the Userna...

Страница 78: ...tions for obtaining certificates are provided by Nomadix 3 If you want to designate a portal page you must enable the Portal Page feature otherwise leave this feature disabled 4 If you enabled the Por...

Страница 79: ...ll down menu You will need to open a merchant account with Authorize net Chainfusion or Datacenter Luxembourg before this feature can be used Please contact Nomadix Technical Support for assistance Re...

Страница 80: ...lient Support as required if enabled your license key must support this feature 13 You can assign a session idle timeout parameter for subscribers see following note To assign an idle timeout simply e...

Страница 81: ...ess for the External Web Server 4 Enter a valid External login page URL 5 You can assign a session idle timeout parameter for subscribers see following note To assign an idle timeout simply enter a nu...

Страница 82: ...not been blocked and only if a match is made with the master Source IP list contained on the AG 5500 If a match is not made with the Source IP list the login is denied even if a correct login name an...

Страница 83: ...AG 5500 System Administration 71 1 From the Web Management Interface click on Configuration then Access Control The Access Control screen appears...

Страница 84: ...Access enables disables blocking of SSH shell access from the subscriber side to the NSE CLI Default setting is disabled 5 Click the check box for Access Control if you want to enable this feature th...

Страница 85: ...access control list you must now enter the ending IP address in the Access Control End IP field If you are removing a single IP address enter None in the Access Control End IP field 10 Click on the R...

Страница 86: ...guration The Autoconfiguration Settings screen appears 2 Enable or disable Autoconfiguration as required 3 If you enabled Autoconfiguration you must enter the following information into the correspond...

Страница 87: ...he automated login into the centralized FTP server and the actual download process into the flash The Auto Configuration setup requires a few basic steps to be completed by both the field engineer and...

Страница 88: ...ver with the configuration files 5 The following diagram shows a sample RADIUS configuration file meta file and illustration of the FTP server setup The Nomadix device will automatically initiate one...

Страница 89: ...then Bandwidth Management The Bandwidth Management screen appears 2 If required click the check box for Bandwidth Management Enabled 3 If you enabled Bandwidth Management enter the uplink and downlin...

Страница 90: ...ionally if the primary and secondary servers are down the AG 5500 can store up to 2 000 credit card transaction records When a connection is re established with either server the AG 5500 sends the sto...

Страница 91: ...IP z URL z Secret Key 5 Repeat Step 4 for the secondary server if any and all carbon copy servers 6 Define the fail safe provisions including z Retransmit Method Alternate or do not alternate z Number...

Страница 92: ...ility on their computer To enable this service on the AG 5500 you can either enable the DHCP relay routed to an external DHCP server IP address or you can enable the AG 5500 to act as its own DHCP ser...

Страница 93: ...ith their public IP address for the duration of the service level agreement The opposite is true if they select a plan with a private pool address This feature enables a competitive solution and is an...

Страница 94: ...k on the Add button The Add DHCP Pools screen appears 9 Enter a valid DHCP Server IP address for the DHCP server 10 Enter the DHCP Server Netmask 11 Enter the starting and ending IP addresses for the...

Страница 95: ...revious page 16 You must now reboot the system for the new settings to take effect Click the check box for Reboot after changes are saved then click on the Submit button to save your changes and reboo...

Страница 96: ...imary secondary or tertiary third DNS server The AG 5500 utilizes whichever server is currently available Use the following procedure to set the DNS configuration options 1 From the Web Management Int...

Страница 97: ...rt and a Proxy DNS Port 6 When finished you must reboot the system for the new settings to take effect Click on the check box for Reboot after changes are saved to reboot the system after saving your...

Страница 98: ...Dynamic DNS Options Dynamic DNS These settings can be accessed under the following menus WMI Configuration z Go to Configuration Dynamic DNS CLI Configuration z Go to Configuration dyndns z Go to Conf...

Страница 99: ...ol the vendor supports Server and Port to which the client sends updates to the DDNS server Account Information The Host Name is the DDNS name mapped to the client IP address DDNS mapping is configure...

Страница 100: ...r the GRE Interface IP Address This is the IP of the local GRE interface on the AG 5500 5 Enter the GRE Interface Subnet Mask This is the subnet mask for the GRE connection 6 Enter the GRE Interface D...

Страница 101: ...ected home page in the Home Page URL field 4 If required click on the check box for Parameter Passing Parameter passing allows the AG 5500 to track a subscriber s initial Web request usually their hom...

Страница 102: ...protocol for example GRE IKE etc 1 From the Web Management Interface click on Configuration then iNAT The iNAT screen appears 2 Enable of disable the iNAT feature as required 3 If you enabled iNAT yo...

Страница 103: ...uration IPSec to configure settings and Network Info IPSec to view IPSec Tunnel status The IPSEC Tunnel Settings screen appears To enable this feature click on the Enable IPSEC check box Enable disabl...

Страница 104: ...er Peer Authentication Method z Choice of Pre shared key or X 509 certificates z Enter the Pre shared Key in the Shared Key text field if Pre shared Key is selected z Enter the filename of the private...

Страница 105: ...rity Parameters z Encryption Algorithm at least one must be selected z Hash Algorithm at least one must be selected z Key Strength a k a Diffie Hellman either Group 1 768 bit or Group 2 1024 bit z Lif...

Страница 106: ...AG 5500 94 System Administration IPSec Tunnel Security Policies...

Страница 107: ...could specify a host z Subnet Mask This is the subnet mask of the remote network secured by the IPSec tunnel z Remote Port 0 is for all ports only if protocol is UDP or TCP z Local End z Choice of us...

Страница 108: ...cryption algorithms z ESP AH select all acceptable authentication algorithms z Perfect Forward Secrecy Strength z Maximum Lifetime z Maximum Life size z Automatic renewal z Perfect Forward Secrecy che...

Страница 109: ...s up your location and the corresponding IP addresses for the network interface subscriber interface subnet and default gateway You must provide your full location information 1 From the Web Managemen...

Страница 110: ...AG 5500 98 System Administration...

Страница 111: ...Network SSID Zone You must reboot the system if you make changes to any of the following IP settings You may lose your connection if you change the IP settings incorrectly using invalid IP addresses...

Страница 112: ...PPP Authentication z Username This is the username for PPP based authentication required by your service provider z Password This is the password for PPP based authentication required by your service...

Страница 113: ...to transmit data to the Internet 7 When finished you must reboot the system for the new settings to take effect Click on the check box for Reboot after changes are saved to reboot the system after sa...

Страница 114: ...ation and Accounting functions You can enable either of these options 1 From the Web Management Interface click on Configuration then Logging The Log Settings screen appears Although the AAA and billi...

Страница 115: ...AG 5500 System Administration 103...

Страница 116: ...amed syslog txt in the flash directory of the NSE This setting abides by the other settings set for the syslogs like filters number and enable disable It is not required to input a server IP address i...

Страница 117: ...2007 testlab S 192 168 2 4 3444 D 66 163 175 128 80 X 67 130 149 4 5004 non proxy 00 90 27 78 81 00 RADIUS IPASS 0U0000 INFO AG 5500 v2 4 113 LI OUT THU JUN 23 11 44 01 2007 testlab S 192 168 2 4 344...

Страница 118: ...es to their previous state When logging is enabled log files and error messages are sent to these servers for future retrieval To see sample reports go to Sample SYSLOG Report on page 270 and Sample A...

Страница 119: ...guration z Go to Configuration MAC authentication CLI Configuration z Go to configuration macauth SNMP Configuration z Go to nse aaa aaaMacAuth enterprises 3309 1 x 2 28 for MAC based Authentication c...

Страница 120: ...will be expressed in the RADIUS username and password attributes The RADIUS server must use the same format Default setting is aa bb cc dd ee ff MAC Address Hex Alpha Case Specifies in the MAC addres...

Страница 121: ...le this feature 3 In the MRS XML IP field enter the IP address of the machine that will process XML commands for the Meeting Room Scheduler MRS application 4 Click on the Submit button to save your ch...

Страница 122: ...d to the broadband Internet service This is useful if solution providers want to openly promote selected services to all users even if they are not currently subscribing paying for access Allowing up...

Страница 123: ...the pass through you want to add or remove from the system 4 If adding this pass through click on the Add button otherwise click on Remove to delete this pass through from the list The system only acc...

Страница 124: ...settings a PMS must be connected to the AG 5500 via the serial port on the rear panel See also Connecting the AG 5500 to the Customer s Network on page 50 The AG 5500 can query most popular Property...

Страница 125: ...S TSPS 1BT2 TEST RSI z Galaxy Post Only z Marriot z NH post paid only z Micros Fidelio Query Post Post Only and Post Only with TCP IP z Micros 1700 2000 3700 4700 8700 System Software Emulation 1 From...

Страница 126: ...AG 5500 114 System Administration...

Страница 127: ...st Name z OnQ Compliant Enable this option if you want to use Nomadix Micros POS emulation to query post to Hilton Corporation s OnQ PMS system The pre paid option requires hotel guests to pre pay for...

Страница 128: ...ause some Property Management Systems do not allow you to enter characters you must enter these service descriptions as a numeric value only no characters or delimiters The numbers must be entered in...

Страница 129: ...Setting Up Port Locations Port Location Port Location allows you to establish the mode of operation for devices 1 From the Web Management Interface click on Configuration then Port Location The Port...

Страница 130: ...ct 802 1Q one way or 802 1Q two way VLAN IDs if you are using a device that understands VLAN IDs These options tell the AG 5500 that the device can process VLAN IDs to identify which port location the...

Страница 131: ...ogin after migration Enable box For cascading Tut and RFC1493 compliant systems click on the associated Cascading button The Cascading Support screen appears allowing you to enter the IP address and S...

Страница 132: ...xample http 219 57 108 103 1111 usg roommapping The Enter Network Password prompt appears AG 5500 multiple VLAN tagged systems can use the same tags and be placed on different Subscriber ports Althoug...

Страница 133: ...ode you want to assign to this room z Room Free Access z Room For Charge z Room Blocked 6 Click on the Submit button to save your changes 7 Repeat Steps 4 through 6 for each room see note If you leave...

Страница 134: ...t authenticates the customer with the RADIUS server applies associated attributes stored in that customer s profile and logs their activity including bytes transferred connect time etc The AG 5500 s R...

Страница 135: ...AG 5500 System Administration 123 1 From the Web Management Interface click on Configuration then RADIUS Client The RADIUS Client Settings screen appears...

Страница 136: ...nt to enable the URL redirection feature click on the check box for Enable URL Redirection 4 For a Network Access Server NAS if you want to send a NAS identifier with your account access request click...

Страница 137: ...le WAN 802 1q Attribute To enable the default 802 1q tag click on the check box for Enable Default 802 1q Tag for System Traffic and if necessary enter the tag number see caution 13 Enable or disable...

Страница 138: ...ent realms can be set up to directly channel RADIUS messages to the various RADIUS servers For additional RADIUS information see also z Defining the RADIUS Client Settings RADIUS Client on page 122 z...

Страница 139: ...t to add a new Upstream RADIUS NAS for example an 802 11 Access Point on the subscriber side of the AG 5500 click on the Add button The Add Upstream RADIUS NAS screen appears 6 To make this entry the...

Страница 140: ...ns 12 Repeat Steps 5 through 11 to add more Upstream RADIUS NAS definitions as required 13 To view your configured RADIUS Service Profiles and Realm Routing Policies click on the link Click here to se...

Страница 141: ...s procedure when setting up RADIUS Service Profiles up to 10 and Realm based Routing Policies up to 50 For additional RADIUS information see also z Defining the RADIUS Client Settings RADIUS Client on...

Страница 142: ...AG 5500 130 System Administration 1 From the Web Management Interface click on Configuration then RADIUS Routing The RADIUS Routing Settings screen appears...

Страница 143: ...based users This is to handle users that will login with a username in the format type of ISP username In this case the delimiter is and what appears before it ISP is the realm name Create a RADIUS se...

Страница 144: ...ent to continue The secret key is a valuable and necessary security measure 5 Repeat Steps 2 through 4 for the secondary RADIUS authentication server if used Accounting This category requires input fo...

Страница 145: ...the data 4 Click on the Add button to add this RADIUS Service Profile 5 When you have completed the definition of your RADIUS Service Profile you can return to the previous screen RADIUS Routing Sett...

Страница 146: ...henticating subscribers In this example it is checked and so realm information will be stripped leaving only the simple username and password to be passed to the tunnel server The tunnel server in thi...

Страница 147: ...return to the previous screen RADIUS Routing Settings by clicking on the Back to Main RADIUS Routing Settings page link The screen below shows a realm routing policy that handles prefix based usernam...

Страница 148: ...case is and a tunnel profile LNSOne is selected instead of a RADIUS service profile This means that this realm routing policy will match usernames that are of the format username tcisp com Since this...

Страница 149: ...he Local hostname field is also blank is this example which means that the NSE will use the default value of usg_lac during tunnel negotiation Configure RADIUS Client The NSE RADIUS client must be set...

Страница 150: ...500 138 System Administration The Realm Routing Policy you just created is added to the list Your new RADIUS Service Profiles are added to this list Your new Realm Routing Policies are added to this l...

Страница 151: ...MTP Redirection Misconfigured to enable this feature for misconfigured subscribers 3 Click on the check box for SMTP Redirection Properly Configured to enable this feature for properly configured subs...

Страница 152: ...etwork management over the Internet To do this you must set up the SNMP communities and identifiers For more information about SNMP see Using an SNMP Manager on page 59 1 From the Web Management Inter...

Страница 153: ...nable network management over the Internet 4 When finished you must reboot the system for the new settings to take effect Click on the check box for Reboot after changes are saved to reboot the system...

Страница 154: ...ublic access networks For example z Establish a maximum of 15 different DHCP pools for routable IP addresses at the same time z Establish a maximum of 10 different public IP subnets that will not be a...

Страница 155: ...subnet mask for this subnet in the Subnet Mask field 5 Click on the Back to Main Subnet Configuration Page link to return to the previous screen Public Subnets Settings To edit the Current Public DHCP...

Страница 156: ...y You can display a summary listing of all your current Configuration settings To view the summary listing go to the Web Management Interface click on Configuration then click on Summary The Summary o...

Страница 157: ...he relevant fields z Year z Month 1 12 z Day 1 31 z Hour 0 23 z Minute 0 59 After entering new data for the final parameter minutes the system writes the information into its BIOS then displays the ne...

Страница 158: ...for Hours and Minutes in the appropriate fields and define whether this time is plus or minus from the pull down menu 4 When finished click on the Submit button to save your changes or click on the R...

Страница 159: ...as finance yahoo com sports yahoo com etc The system administrator can dynamically add or remove specific IP addresses and domain names to be filtered for each property 1 From the Web Management Inter...

Страница 160: ...rred management protocol but also the secure management of third party devices for example WLAN Access Points and 802 3 switches on private subnets on the subscriber side of the Nomadix gateway The ad...

Страница 161: ...ion Basic IPSec parameters must be entered by the system administrator to successfully establish the VPN session We recommend that you create different private subnets behind the VPN termination devic...

Страница 162: ...P Address Resolution Protocol assignments ARP is used to dynamically bind a high level IP address to a low level physical hardware MAC address ARP is limited to a single physical network that supports...

Страница 163: ...ress Translation DAT allows all users to obtain network access regardless of their computer s network settings To view the DAT Session Table go to the Web Management Interface click on Network Info th...

Страница 164: ...red This table includes the assigned host names their corresponding IP addresses and any aliases that may be assigned to each host Hosts provide services to other computers that are linked to it by a...

Страница 165: ...a standard Internet protocol that delivers error and control messages from hosts to message requestors These statistics are presented as a listing which details the current status of each ICMP transmi...

Страница 166: ...isplay the network interfaces which are presented as a detailed listing of all interface communication elements and their current status To view the Network Interfaces go to the Web Management Interfa...

Страница 167: ...er the network By using IP addressing Internet Protocol ensures that the data reaches its destination even though different packets may pass through different networks to get to the same location To v...

Страница 168: ...ing You can display the current Routing Tables including any dynamically generated routes unreachable routes or wildcard routes To view the Routing Tables go to the Web Management Interface click on N...

Страница 169: ...tions Sockets You can display a table which provides a detailed listing of all currently active IP Internet Protocol connections To view the Socket Table go to the Web Management Interface click on Ne...

Страница 170: ...pping You can display a table which provides a detailed listing of the currently active static port mapping scheme To view the Static Port Mapping Table go to the Web Management Interface click on Net...

Страница 171: ...ocol statistics which are presented as a detailed listing of all TCP elements and their current status TCP is a standard protocol that manages data transmissions across networks To view the TCP Statis...

Страница 172: ...d listing of all UDP elements and their current status UDP is an Internet standard transport layer protocol It is a connectionless protocol which adds a level of reliability and multiplexing to the In...

Страница 173: ...individually configured This ability allows for having different billing methods and billing plans on different ports of the NSE A practical application of this feature is to have a normal hotel room...

Страница 174: ...AG 5500 162 System Administration...

Страница 175: ...m or location The AG 5500 uses a port location authorization table to manage the assigned ports and ensure accurate billing for the services used by a particular port Adding a Port Location Assignment...

Страница 176: ...ailable Refer to the Note Port based Policies should be enabled from the Configuration AAA page for these settings to take effect z Choose Enable RADIUS Billing if you want RADIUS billing to be enable...

Страница 177: ...the per port enable Tunneling parameter is set 7 Click on the Add button to save your changes the message Entry added or updated in the location file appears or click on the Reset button if you want t...

Страница 178: ...nts The AG 5500 displays a warning and prompts you to confirm this action before deleting all the port locations currently assigned in the system 1 From the Web Management Interface click on Port Loca...

Страница 179: ...ation of the port location assignment you want to delete 3 Click on the Delete button to delete the specified port location assignment or click on the Reset button if you want to reset the location va...

Страница 180: ...ation then Delete by Port The Delete Port Location Assignments by Port screen appears 2 In the Port field enter the port of the assignment you want to delete 3 Click on the Delete button to delete the...

Страница 181: ...red in flash location txt resident in the AG 5500 s flash memory 1 From the Web Management Interface click on Port Location then Export The Export Port Location Assignments screen appears 2 Click on t...

Страница 182: ...m the Web Management Interface click on Port Location then Find by Description The Find a Port Location Assignment by Description screen appears 2 In the Enter Description field enter the description...

Страница 183: ...From the Web Management Interface click on Port Location then Find by Location The Find a Port Location Assignment by Location screen appears 2 In the Enter Location field enter the location of the a...

Страница 184: ...eir description or location 1 From the Web Management Interface click on Port Location then Find by Port The Find a Port Location Assignment by Port screen appears 2 In the Enter Port field enter the...

Страница 185: ...ocation Assignments screen appears 2 Click on the Import button to import port location assignments from the flash location txt file If you have never exported port location assignments since installi...

Страница 186: ...n assignments location port modem MAC address for RiverDelta subnet state description z Location Locations are assigned as an alpha numeric or alpha numeric value unless a PMS interface is used in whi...

Страница 187: ...Mappings List You can display a listing of all port locations assigned to this system To view the listing of port location assignments go to the Web Management Interface click on Network Info then cl...

Страница 188: ...to limit access to pre qualified users only For more information about subscriber access and billing options see the following sections z Authorization and Billing on page 246 z Subscriber Management...

Страница 189: ...Database screen appears 2 Choose Subscriber or Device for this profile 3 Define the DHCP Address Type Public or Private only used when the IP Upsell feature is enabled otherwise leave this set to pri...

Страница 190: ...er must re subscribe to the service 13 Enable or disable the Count down after Login feature as required 14 Enter an amount in the Paid field 15 The next two fields User Definable 1 and User Definable...

Страница 191: ...their connection to the Internet was not completed By reviewing the byte statistics you can clearly see if the subscriber made a successful connection To view the list of Current Subscriber Connection...

Страница 192: ...ubscriber Administration then Delete by MAC The Delete a Subscriber Profile by MAC screen appears 2 In the Enter MAC Address field enter the MAC address of the profile you want to delete 3 Click on th...

Страница 193: ...k on Subscriber Administration then Delete by User The Delete a Subscriber Profile by User screen appears 2 In the Username field enter the user name of the profile you want to delete 3 Click on the D...

Страница 194: ...to network devices DHCP leases define the amount of time that subscribers can utilize the system s DHCP service To view the list of Currently Allocated DHCP Leases go to the Web Management Interface c...

Страница 195: ...red subscriber profiles from the AG 5500 s database of authorized subscribers Use this procedure when you want to clean up the subscriber database 1 From the Web Management Interface click on Subscrib...

Страница 196: ...sponding to the MAC address Statistics include user name and password if any and the access time remaining for this subscriber 1 From the Web Management Interface click on Subscriber Administration th...

Страница 197: ...responding to the user name Statistics include the subscriber s MAC address and the access time remaining for this subscriber 1 From the Web Management Interface click on Subscriber Administration the...

Страница 198: ...ibers based on MAC addresses To view the list of Authorized Subscriber Profiles go to the Web Management Interface click on Subscriber Administration then click on List by MAC The Authorized Subscribe...

Страница 199: ...rently active database of authorized subscribers based on their user names To view the list of Authorized Subscriber Profiles go to the Web Management Interface click on Subscriber Administration then...

Страница 200: ...messages or 320000 bytes when and if necessary the oldest records are purged to make room for new records If the logfile is disabled the current logfile is purged from the flash If this is re enabled...

Страница 201: ...es the number of subscribers currently in the database Current Table and a numerical breakdown of how the subscribers can utilize the system for example free access credit card etc The total number of...

Страница 202: ...rver IWS to allow users online on a time X over period Y basis Standard billing plans where time X period Y can be used concurrently with X over Y plans For example multiple plans with flexible billin...

Страница 203: ...AG 5500 System Administration 191 The Internal Billing Options Setup screen appears...

Страница 204: ...active To view or edit a billing plan simply click on the View Edit Delete button opposite the corresponding plan The Internal Billing Options Plan Setup or Internal Billing Options XoverY Plan Setup...

Страница 205: ...AG 5500 System Administration 193 Sample of Internal Billing Options XoverY Plan Setup Screen...

Страница 206: ...Define the DHCP Pool public or private see following note 8 Click on the Submit this Plan button to save your changes and establish this billing plan Alternatively you can click on the Delete this Pl...

Страница 207: ...state Setting Up an X over Y Billing Plan 1 If required click on the Enable check box to enable make active this billing plan 2 Define a label for this billing plan in the Label field 3 Enter a descr...

Страница 208: ...ternatively you can click on the Delete this Plan button if you want to delete this plan or click on the Reset button if you want to reset all the values to their previous state 12 Click on the Back b...

Страница 209: ...rovide a choice of redirection options The AG 5500 also lets System Administrators define a simple HTML based pop up window for explicit Logout that can be used as an alternative to the more fully fea...

Страница 210: ...AG 5500 198 System Administration...

Страница 211: ...ld 4 Define the physical location where you want the Nomadix Logout Console to appear on the subscriber s screen Choose one of the following options z Upper Left Corner z Upper Right Corner z Lower Le...

Страница 212: ...age z Target URL Where subscribers are sent when they click on the button z Image Name The representative image file you want to use for the button When assigning images for buttons refer to Pixel Siz...

Страница 213: ...that buttons use see Assigning Buttons on page 200 with the addition of 3 three more These are z Duration Defines how long the banner is displayed in the ICC z Start Time This is an optional parameter...

Страница 214: ...e definitions click on the check box for Reboot after changes are saved to reboot the AG 5500 4 When finished click on the Submit button to save your changes or click on the Reset button if you want t...

Страница 215: ...s height z ISP Button 98 pixels width x 26 pixels height z Small buttons 45 pixels width x 26 pixels height Time Formats Use the following formats when defining times z Duration for Banners 1 through...

Страница 216: ...e language you select here will determine the language encoding that the AG 5500 s Internal Web Server instructs the browser to use The available language options are z English z Chinese Big 5 z Frenc...

Страница 217: ...nd display Japanese characters on the Web Management Interface and the subscriber s portal page choose the Japanese Shift_JIS option If you want to have the ICC displayed in English but enter and disp...

Страница 218: ...ould be labeled using the 8 3 format 2 Go to WMI Subscriber Interface Local Web Server and add the names of the HTML or image files that were uploaded to the flash web directory 3 Reboot the NSE 4 The...

Страница 219: ...added in order for it to be served to the end users Uploading the web page to the web directory is not sufficient Image File Name This text box lets you add or remove the names of the image files tha...

Страница 220: ...in UI Login UI This procedure allows you to set up the presentation and content of the subscriber s login User Interface UI 1 From the Web Management Interface click on Subscriber Interface then Login...

Страница 221: ...Click on the check box for Enable Remember Me option if you want to enable or disable this feature This option enables the AG 5500 to remember logins for a predetermined duration see next step 5 If y...

Страница 222: ...ou may want to experiment before establishing these settings to ensure that your chosen color scheme is both presentable and readable to subscribers see notes If you click on the View Color Grid link...

Страница 223: ...st reboot the AG 5500 for your changes to take effect In this case click on the check box for Reboot after changes are saved 12 Click on the Submit button to save your changes or click on the Reset bu...

Страница 224: ...n means that this functionality is available for other post paid billing mechanisms for example post paid PMS if your product license supports PMS The IWS page displays the details of the user s conne...

Страница 225: ...AG 5500 System Administration 213 1 From the Web Management Interface click on Subscriber Interface then Post Session UI The Subscriber Post Session User Interface Settings screen appears...

Страница 226: ...If you enabled the Hypertext Link URL feature enter the URL for the link in the Hyper Text Link URL field 5 Define the following Field Label Definitions for your Goodbye Page z Session Summary z IP Ad...

Страница 227: ...he Subscriber Page Control Button Definitions screen appears 2 Enter the definitions you want for each control button in the corresponding fields 3 Click on the Submit button to save your changes or c...

Страница 228: ...scriber Labels This procedure allows you to define how the user interface UI field labels are displayed to subscribers 1 From the Web Management Interface click on Subscriber Interface then Subscriber...

Страница 229: ...or each label in the corresponding fields 3 Click on the Submit button to save your changes or click on the Reset button if you want to reset all the values to their previous state If you want to rese...

Страница 230: ...iber Errors 1 of 2 The Subscriber Page Error Message Definitions 1 of 2 screen appears 2 Enter the definitions you want for each error message in the corresponding fields 3 Click on the Submit button...

Страница 231: ...AG 5500 System Administration 219 4 Repeat Steps 1 3 for page 2 of 2 see following screen...

Страница 232: ...dure allows you to define how other subscriber messages are displayed 1 From the Web Management Interface click on Subscriber Interface then Subscriber Messages 1 of 3 The Subscriber Page Other Messag...

Страница 233: ...orresponding fields 3 Click on the Submit button to save your changes or click on the Reset button if you want to reset all the values to their previous state If you want to reset all field values to...

Страница 234: ...AG 5500 222 System Administration 5 Repeat Steps 1 3 for page 3 of 3 see following screen...

Страница 235: ...hat supports hardware broadcasting This procedure shows you how to add an ARP table entry 1 From the Web Management Interface click on System then ARP Add The Add ARP Table Entries screen appears 1 En...

Страница 236: ...ingle physical network that supports hardware broadcasting This procedure shows you how to delete an ARP table entry 1 From the Web Management Interface click on System then ARP Delete The Delete ARP...

Страница 237: ...rators to effectively remove the AG 5500 from the network without physically disconnecting the unit You can still manage the AG 5500 when Bridge Mode is enabled but you have no other functionality If...

Страница 238: ...the configuration settings and you are unsure of the effect that the changes will have You can restore the archived system configuration settings at any time with the import function 1 From the Web Ma...

Страница 239: ...he network settings The network connection will be lost if this import function is performed To avoid a prolonged service interruption perform this procedure from the Command Line Interface via the se...

Страница 240: ...n 2 Click on the Submit and Reboot button to replace the current system configuration settings with the factory default settings and reboot the AG 5500 Click here to view the current txt file Click he...

Страница 241: ...ly 1 From the Web Management Interface click on System then FailOver The Fail Over screen appears 2 Enable or disable the Fail Over feature as required 3 If you enabled Fail Over define the Sibling St...

Страница 242: ...the Web Management Interface and click on System then History The Uptime and Access Reboot History screen appears The Uptime field displays the time in days hours minutes and seconds that the system...

Страница 243: ...ul end user troubleshooting feature and also required by certain smart clients for example GRIC 1 From the Web Management Interface click on System then ICMP The ICMP screen appears 2 Click on the che...

Страница 244: ...on screen appears 2 Click on the OK button to replace the current system configuration settings with the settings contained in the archive txt file see notes above The archived configuration settings...

Страница 245: ...managers have the ability to perform all write commands Submit Reset Reboot Add Delete etc but operators cannot change any system settings When this feature is enabled one manager and three operators...

Страница 246: ...manager 4 In the Manager Password field enter a password for this manager 5 In the Confirm Password field enter the password again to confirm it Login names and passwords are case sensitive Use login...

Страница 247: ...AG 5500_IP radtest testradius htm and can be accessed from the network side of the AG 5500 You must open a separate browser to utilize this feature The Framed IP field is configurable by the user and...

Страница 248: ...MAC Filtering screen appears 2 Click on the check box for MAC Filtering to enable or disable this feature as required 3 Enter a MAC address in the MAC field then click on the Add button to add this a...

Страница 249: ...ment Interface click on System then Reboot The Reboot Device screen appears 2 Click on OK to reboot the operating system The reboot procedure outlined on this page allows you to decide when to reboot...

Страница 250: ...outer IP address by which the route s destination can be reached 1 From the Web Management Interface click on System then Route Add The Add Static Routes screen appears 2 Enter the Destination IP addr...

Страница 251: ...b Management Interface click on System then Route Delete The Delete Static Routes screen appears 2 Enter the Destination IP address of the route you want to delete from the routing table 3 Click on th...

Страница 252: ...ry then block malicious users 1 From the Web Management Interface click on System then Session Limit The Session Rate Limiting screen appears 2 Click on the check box for Session Rate Limiting to enab...

Страница 253: ...00 The advantage for the network administrator is that free private IP addresses can be used to manage devices such as Access Points on the subscriber side of the AG 5500 without setting them up with...

Страница 254: ...this field set to zero if you want to connect to the device from any TCP UDP port of a network side workstation 9 Select the protocol TCP or UDP from the pull down menu 10 Click on the Add button to a...

Страница 255: ...ubscriber side of the AG 5500 without setting them up with public IP addresses This procedure shows you how to add static ports 1 From the Web Management Interface click on System then Static Port Map...

Страница 256: ...r disable the following items by clicking on the corresponding check box z Block Subscriber Interface 1 z Block Subscriber Interface 2 3 Click on the Submit button to save your changes or click on the...

Страница 257: ...ure billing Like a router the AG 5500 continuously tracks subscriber IP and MAC settings eliminating the need for further sign ins and ensuring that subscriber usage and billing is recorded accurately...

Страница 258: ...ironment billing is a complex process It requires accurate data collection and reconciliation a means to validate and protect the data and an efficient method for collecting payments The AG 5500 offer...

Страница 259: ...bill its guests for the high speed network services it provides track usage on the network and deny service to those guests who have not paid z Allowing the solution provider to bill subscribers for s...

Страница 260: ...their user name and password z By looking up subscribers on a local flash database z By looking up subscribers on a remote database Subscriber Login Subscriber Management Accounting Billing Authentic...

Страница 261: ...ty Management System PMS and Web interfaces enabling administrators to edit the subscriber s input Only subscribers that are correctly identified and authenticated are authorized to access the system...

Страница 262: ...s Portal Page Internal or External Web Server AG 5500 detects connection and verifies user against authorization table Lease time has expired Purchase more time Yes No Internet and local online servic...

Страница 263: ...ther method is transparent to the subscriber however the advantage of using the internal Web server is obvious no login redirection tasks and a faster response time for the subscriber Language Support...

Страница 264: ...address The AG 5500 can be configured to allow access for specified MAC addresses In this model when a subscriber attempts to access the Internet the AG 5500 validates the subscriber s MAC address ag...

Страница 265: ...user name and password are optional the MAC address will be substituted but in this event the service is not transferable between computers Credit card Enable the AAA services You have the choice of...

Страница 266: ...of redirection options For information about configuring the ICC refer to Setting Up the Information and Control Console ICC Setup on page 197 ICC Pop Up Window The ICC displays a HTML based applet i...

Страница 267: ...m Administrators to define a simple HTML based pop up window for explicit logout that can be used as an alternative to the more fully featured ICC The pop up Logout Console can display the elapsed cou...

Страница 268: ...This page intentionally left blank AG 5500 256 The Subscriber Interface...

Страница 269: ...LOG parameters Network Info Menu Displays the Network Info menu The items in this menu are used to monitor and review network connections routings protocols and network session statistics Port Locatio...

Страница 270: ...net Web Management and FTP sources Auto Configuration Provides an effortless and rapid method for configuring devices for fast network roll outs Bandwidth Management Manages the bandwidth for subscrib...

Страница 271: ...he Access Concentrator settings RADIUS Client With the appropriate product license the AG 5500 supports Remote Authentication Dial In User Service RADIUS This procedure sets up the RADIUS client RADIU...

Страница 272: ...s and any assigned aliases ICMP Displays the ICMP Internet Control Message Protocol performance statistics Interfaces Displays statistics for the interfaces IP Displays the IP performance statistics R...

Страница 273: ...ation assignments based on a specified port VLAN tag Export Exports specified port location assignments to the location txt file Find by Description Finds a port location assignment based on a unique...

Страница 274: ...name DHCP Leases Sets up the current subscriber DHCP leases Expired Removes expired profiles Find by MAC Finds a subscriber profile based on a specified MAC address Find by User Finds a subscriber pro...

Страница 275: ...Post Session UI Defines the post session Goodbye page Subscriber Buttons Defines how each of the subscriber s user interface control buttons are displayed Subscriber Labels Defines how the subscriber...

Страница 276: ...r non authenticated users that are destined to addresses other than those defined in the pass through walled garden list Import Imports previously exported system configuration settings from an archiv...

Страница 277: ...riber Admin Export Export configuration settings to the archive file System Export Export port location assignments to file Port Location Factory Import the factory default configuration settings Syst...

Страница 278: ...ssion Limit Limits subscriber sessions System SMTP Set the SMTP redirection options Configuration SNMP Establish the SNMP parameters Configuration Sockets Display the active IP connections Network Inf...

Страница 279: ...00 MAC address is unique for each product MAC address is unique for each product Network Interface IP Subscriber IP Subnet Mask Default Gateway IP DHCP Client Admin IP 10 0 0 10 10 0 0 11 255 255 255...

Страница 280: ...uthorization New Subscribers Credit Card Service Parameter Passing Usernames XML Disabled Enabled Enabled Enabled Disabled Enabled Disabled DNS Redirection SMTP Redirection SMTP Server IP Enabled Disa...

Страница 281: ...4207 AAA_Authentication Successful 00 10 5A 61 40 FF 12 hrs 0 min Mar 31 18 21 5 3 nomad2 37 nomadi x com INFO AAA 4106 AAA_lookup Added_in_memory_ table_ pending 00 00 0E 32 2C BC Mar 31 18 43 5 4 n...

Страница 282: ...ookup Added_in_memory_table_pending Subscriber profile has been recognized and the AG 5500 is waiting to authenticate the user AAA_Interface Added_by_administrator Subscriber profile was manually adde...

Страница 283: ...AG 5500 Quick Reference Guide 271 Sample History Log A history log is generated by the AG 5500 which includes the system s activity Access Reboot and Uptime More listings...

Страница 284: ...and place it on the clipboard Ctrl X Copy selected data to the clipboard Ctrl C Paste data from the clipboard into a document at the insertion point Ctrl V Copy the active window to the clipboard Alt...

Страница 285: ...be granted and if so with what privileges When a subscriber attempts to access the service provider s network the AG 5500 delivers a Web page to the subscriber asking for a login name and password Thi...

Страница 286: ...t z Selected Detailed Descriptions z Nomadix Vendor Specific Attributes Authentication Request z Username z Password z Service Type z NAS Port port number z NAS Identifier z Framed IP Address z NAS IP...

Страница 287: ...eout z Idle Timeout z EAP Packet used for 802 1x z Message Authenticator used for 802 1x z Acct Interim Interval z Nomadix VSAs z Nomadix Bw Up z Nomadix Bw Down z Nomadix URL Redirection z Nomadix IP...

Страница 288: ...ctets z Acct Input Octets z Acct Output Packets z Acct Input Packets z Class z Nomadix VSAs z Nomadix Subnet z Nomadix URL Redirection z Nomadix IP Upsell z Acct Session Time Stop z Terminate Cause St...

Страница 289: ...nding traffic through the AG 5500 the AG 5500 will immediately detect a Session Timeout However in the case of an Idle Timeout or an inactive subscriber Session Timeout the AG 5500 detects it via a cl...

Страница 290: ...ct Request The AG 5500 has to send the following attributes in an Accounting Stop z Acct Output Packets number of packets sent by subscriber z Acct Input Packets number of packets received by subscrib...

Страница 291: ...e user to receive a public address from a DHCP pool when the AG 5500 has the IP Upsell feature enabled Nomadix Volume Based Session Timeout This attribute allows you to terminate a session once a spec...

Страница 292: ...ers browser We recommend that you use VeriSign all instructions in this document are based on obtaining a key from VeriSign Please contact Nomadix Technical Support if you want to use a different Cert...

Страница 293: ...PC The procedure starts from the Cygwin Net Release Setup Program screen Click on the Next button The following screen appears Click on the Next button to display the next setup screen The example in...

Страница 294: ...display the next setup screen Click on the Next button to display the next setup screen Click on the Next button to display the next setup screen Select a location and click on the Next button For th...

Страница 295: ...nd openssl then click on the Next when you are done Click on the Next button to start the download process Wait for the download process to complete At the time of this writing there are more than 70...

Страница 296: ...ide Click on the Next button to start the install process Wait for the install process to complete There will be a pop up dialog to inform you that the installation process is completed At the pop up...

Страница 297: ...ory where you installed openssl exe Run the command prompt from Windows then click on the OK button Go to the c cygwin bin directory and run the following command openssl genrsa rand file1 file2 file3...

Страница 298: ...s back to cakey pem when trying to FTP to the AG 5500 openssl openssl command genrsa A parameter for openssl to generate an RSA key Rand A parameter for openssl to generate a random number from the fi...

Страница 299: ...AG 5500 Quick Reference Guide 287 Here is the output of cakey pem...

Страница 300: ...ates or Province names do not exist in your country please repeat the Locality Name The Common Name is the name used in the AG 5500 AAA SSL Certificate Domain Name The Common Name in the Public Key mu...

Страница 301: ...AG 5500 Quick Reference Guide 289 Here is the output of server csr...

Страница 302: ...ificate Authority Generally you will need to send a Certificate Signing Request to the Certificate Authority CA and the CA will create a public key base on the certificate request This is the procedur...

Страница 303: ...the existence of your business Please follow the instruction from VeriSign carefully In addition there is one section about generating a CSR however since you have already created the CSR in step 2 w...

Страница 304: ...Select the purchase method and summit the required contact information When you receive an email from VeriSign with Secure Server ID Global Server ID if you create a 128 bit key that contains the Publ...

Страница 305: ...AG 5500 Quick Reference Guide 293 The file server pem will look like this You have now finished the process of obtaining a public key...

Страница 306: ...anagement Interface WMI go to Defining the AAA Services AAA on page 60 Setting Up the Portal Page System administrators can create login button s on the Portal Page and can setup http links for regula...

Страница 307: ...This document describes the process used by the AG 5500 for mirroring billing records and is organized into the following sections z Sending Billing Records on page 295 z XML Interface on page 296 z...

Страница 308: ...G 5500 to External Server USG RMTLOG_COMMAND ADD_REC REC_NUM max 4 characters REC_NUM USG_ID max 6 characters USG_ID PROPERTY_ID max 64 characters PROPERTY_ID DATE max 10 characters DATE TIME max 8 ch...

Страница 309: ...mmand sent by the External Server to the AG 5500 product In this case the acknowledgement received from the External Server forms the command The AG 5500 expects the acknowledgement in the following f...

Страница 310: ...IP_ADDR 11 22 33 44 IP_ADDR ERROR_CODE 5 ERROR_CODE USG Format for each Field RESULT_VALUE OK or ERROR IP Standard IP format 123 123 123 123 ERROR_CODE1 for OK or any other number For more information...

Страница 311: ...ce the AG 5500 requires careful handling It should be positioned in a dust free and temperature controlled environment Never block the unit s ventilation holes and do not stack with other equipment un...

Страница 312: ...settings or the message is generated by the system when it fails to locate the data it needs Error loading factory settings The system cannot find the default configuration file when attempting to res...

Страница 313: ...re available to subscribers This message is displayed because you have disabled both the external DHCP relay and the system s DHCP service To make DHCP available to subscribers at least one of these f...

Страница 314: ...server If necessary test the communication with the ping command The DHCP relay is enabled with the correct IP address for the external DHCP server but the DHCP server is misconfigured Check the exte...

Страница 315: ...to the AG 5500 incorrectly Re enter the correct URL The server that hosts the home page is down or the service provider if different from the host is not able to route to your page Check that the serv...

Страница 316: ...This page intentionally left blank AG 5500 304 Troubleshooting...

Страница 317: ...etwork documentation to verify that the network components are functioning correctly If you cannot resolve the problem with your documentation resources try connecting to our corporate Web site We may...

Страница 318: ...This page intentionally left blank AG 5500 306 Appendix A Technical Support...

Страница 319: ...2 1Q An IEEE standard for providing a virtual LAN capability within a campus network 802 1Q establishes a standard format for frame tagging Layer 2 VLAN markings enabling the creation of VLANs that us...

Страница 320: ...ts of a fixed size 53 bytes each The cell used with ATM is relatively small compared to units used with older technologies The small constant cell size allows ATM equipment to transmit video audio and...

Страница 321: ...omes available for reassignment to another device See also Dynamic IP Address IP Address Static IP Address and TCP IP DNS Domain Name System A system that maps meaningful domain names with complex num...

Страница 322: ...ctions Transactions may include generating orders invoices and payments and submitting inquiries Also known as Enterprise ESS Extended Service Set See infrastructure mode Ethernet A Local Area Network...

Страница 323: ...ufacturer to support new protocols as they become standardized Forwarding Rate The maximum rate at which 64K packets can be delivered to their destination See also Packet Packet Switching Network pps...

Страница 324: ...followed iNAT Intelligent Network Address Translation Nomadix iNAT feature creates an intelligent mapping of IP addresses and their associated VPN tunnels allowing multiple tunnels to be established...

Страница 325: ...computer s network settings to provide them with seamless access to the broadband network Subscribers no longer need to alter their computer s settings See also Dynamic IP Address IP Address and Stati...

Страница 326: ...eripheral devices to the network Each node on a network has a distinct name On the Internet a node is a host computer with a unique domain name and IP address See also Domain Name and IP Address NTP N...

Страница 327: ...h adjust the format depending on the users viewing medium for example monitor size Ping Packet INternet Groper A program that transmits a signal to a host and expects a response within a predetermined...

Страница 328: ...d password This information is passed to a RADIUS server which checks that the information is correct and then authorizes access to the ISP system RFC Request for Comments A series of notes about the...

Страница 329: ...tifies a wireless network SSL Secure Sockets Layer A protocol developed by Netscape for transmitting private documents via the Internet SSL works by using a private key to encrypt data that is transfe...

Страница 330: ...you to the login prompt of another host that you have access rights to See also Host Throughput The net data transfer rate between an information source and its destination using the maximum packet s...

Страница 331: ...nd is calculated into UTC UTC was devised on January 1 1972 and is coordinated in Paris by the International Bureau of Weights and Measures UTC like GMT is set at 0 degrees longitude on the prime meri...

Страница 332: ...ys WPA Wi Fi Protected Access A Wi Fi standard that was designed to improve upon the security features of WEP The technology is designed to work with existing Wi Fi products that have been enabled wit...

Страница 333: ...ing subscriber interfaces 244 branding 5 bridge mode 8 225 C cautions 27 Certificate Signing Request 288 character lengths 38 CLI 9 Command Line Interface 9 inputting data 36 logging in 33 common prob...

Страница 334: ...ing 231 ICMP statistics 153 importing configuration settings 232 importing factory settings 227 iNAT 11 90 Information and Control Console 8 12 197 254 assigning banners 201 assigning buttons 200 pixe...

Страница 335: ...cture sample 24 network connections 50 Network Info menu 150 network interfaces 154 notes 27 Notifications iv NSE core functionality 6 NTP support 14 O optional NSE modules 21 Credit Card Module 22 Hi...

Страница 336: ...oxy Accounting Logs 188 RADIUS Session History 188 rebooting 237 remember me 16 remote connections 57 routes 238 239 adding 238 deleting 239 routing tables 156 S secure administration 70 secure manage...

Страница 337: ...05 user 305 Syslog History 105 106 Log Filter 104 Save file 104 SYSLOG report 270 System Administration menu 57 System menu 223 System report log 104 System report log interval 104 T TCP statistics 15...

Страница 338: ...This page intentionally left blank AG 5500 326 Index...

Результаты поиска

Содержание AG 5500

Отзывы:

Бренды по названию

Популярные бренды

Nomadix AG 5500, Руководство пользователя

Результаты поиска

Содержание AG 5500

Отзывы:

Бренды по названию

Популярные бренды