here
Contents
1. File i Upgrade Firmware Via URL Enter URL address example http 192 168 2 10 xxx bin and then click Apply AP button to upgrade Firmware Upgrade Via HTTP URL URL To prevent data loss during firmware upgrade please backup current settings before proceeding 2 Do not interrupt during firmware upgrade including switch power on off or unplug RJ 45 cable from PoE port as this may damage managed APs 101 WMS 308N Network Access Control Gateway User s Manual 4 4 4 X Managed AP Group Managerrent Administrator specify managed APs in the same group and locate managed APs on the specified map The switch supports automatically channel assignment and power setting for managed APs real time wireless clients limitation in the same group managed APs Please click on AP Management Group Setup Management the Group Setup Management page will appear fit Group Setup Management AP Group List Create New Group Group Name Description Actions Mo items in the list B Create New Group Click on Create New Group button the group setup page will appear Group Setup Ma nacgemert Gl oup amp Lupe IHew t Host Hane MAC Address IF Address Dos O Group Setup v Group Name Specify desired name for group v Group Description Enter appropriate text2. Save amp Reboot 107 WMS 308N Network Access Control Gateway 4 4 5 Group Status User s Manual This section provides visual graph of network traffic and online users on real time Please click on AP Management Traffic Monitor the Traffic Monitor page will appear Traffic Monitor Group Overview Show 1 2 Description Devices Clients Packet RX TX Group Test Testl 3437 3 14454 7731 4214 2678 18668 10409 Group Test 2 1 1 Total Auto Refresh Interval 10 Seconds Apply Total RX Group Test RX Group Test 2 RX Wen Total TX Group Test TX Group Test 2 TX Total Client Group Test Client Group Test 2 Client Bytes RX TX 1 02 MB 1 19 MB 360 18 KB 463 13 1 37 MB 1 64 MB B Auto Refresh Interval The interval is bigger than 10 and set in unit of seconds The default value is 10 minutes During every interval the system automatically gets network traffic and online users on the respective group or AP B Apply Click this button to save changes B Show Click this option to add specific group on visual graph of network traffic and online users B Denote the name of the group B Description Denote the additional information of group B Devices Denote the current connected AP and total AP in the group B Clients Denote the number of clients connected to this group
3. Disable O statici Dynamic IP OprrrP Username __ E Password NEN User Name Enter User Name for PPPoE connection Password Enter Password for PPPoE connection MTU MTU stands for Maximum Transmission Unit For PPPoE connections may need to set the MTU setting in order to work correctly with your ISP Default is 1492 bytes PPTP The Point to Point Tunneling Protocol PPTP mode enables the implementation of secure multi protocol Virtual Private Networks VPNs through public networks WANT Setup Q Disable statici Dynamic IP pppoe Username Password PPTP Server IP My WAN IP MyWANIPNetmask MTU MPPE Encryption LI 40 128 Username Enter User Name for PPTP connection Password Enter Password for PPTP connection PPTP Server IP The IP address of the PPTP server My WAN IP The IP address of the WAN port My WAN IP Netmask The Subnet mask of the WAN port MTU default it s 1460 bytes MTU stands for Maximum Transmission Unit Consult with WISP for correct MTU setting v MPPE Encryption Microsoft Point to Point Encryption MPPE encrypts data in Point to Point Protocol PPP 25 WMS 308N Network Access Control Gateway User s Manual based d
4. nennen nnn nnne nnn nnn nnns 24 AVS Network Redutement ssec ca vedi ts 24 4 12 Conltigure WAN POP e eoo tul 24 Z9 wonigure vVVAN Taille sooo ttr oot ipe mS tuve erus aM A o tet RUNDE 27 4 14 Contigtite Dynamic e 29 4 1 5 Configure Local LAN VLAN Network cccccccccseecceeeceeeeeeeeseeeceeeseeeeseeeseeeseeesauseseeteeeeseeeaes 30 42 Manage the System us oes tenen 36 421 Conigure System 2 bU E Doc te dua da Sie REED Ia en 36 4 2 2 COontgure Matrragdelriehibs so tes a 37 2 9 UbODNgure SNMP oremus endo eoe E b oo loo dett 40 4 2 4 Backup Restore and Reset to 41 42o PEMWa Upgrade abut 42 426 Network TERI UT Tm 43 427 USB Storage Selup soeictas ense neenon as Dies ded 44 42 0 d obnaub3alidDdse u i Den a ERU unte ole tens aie 45 2 05 looo er 46 4 3 Access To External Network With Service Domain ccccccceccccecece cece eeceeeeeeeeteeeeaeeeseeeseeeseueeaneeaeeeeas 47
5. Static Lease Hostname IP Address 192 168 2 MAC Address Add Host Name IP Address MAC Address Actions 1 Justin NB 192 168 2 50 3c 07 54 06 83 e3 Delete gt Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 35 WMS 308N Network Access Control Gateway User s Manual 4 2 Manage the System 4 2 1 Configure System Tine System time can be configured via this page where manual setting and NTP server configuration are both supported Please click on System gt Time Server and follow the below setting amp Time Server Setup System Time Time Display Format Tirer 2012 o6 Z i ed Disolay Format 9 1 Setup Time Use NTP Description Default HTF rrer bel Birr gee ber Pore OB Beijing Hang King Singapane Taipei Saving Tire Duae User Setup 41 System Time Denote the current time of the system Setup Time Use NTP Enable Network Time Protocol NTP to synchronize the system time with NTP server gt Default NTP Server Select the NTP Server from the drop down list Time Zone Please set a time zone from where the accurate time can be supplied GMT 08 00 Taipei for example Daylight saving time Enable Daylight saving time from where the accurate time needed If Time s
6. div id CW_MSG gt lt div gt lt Main Login Form Content gt lt div id CW_INFO gt lt span id CW_HELP gt lt span gt lt div gt lt Main Help Content gt lt div id WALLED gt lt div gt lt Walled Garden gt lt hHotspot_footer_title gt lt body gt lt html gt If login page need insert images or css file please include path upload vlan0 upload vlan7 the vlanO vlan7 indicate Service Server Domain7 below depicts an example for insert image001 gif image file to login page of Service DomainO img src upload vlanO image001 gif gt Below depicts an example for div id WALLED gt lt div gt content di v cl 5 ad gt lt a href ww googl e cont title target _bl ank gt Googl ed gt di v gt You only can modify div class ad gt here is define CSS content for div class ad gt ad float left display inline block text align center 51 WMS 308N Network Access Control Gateway User s Manual width 100px margin 5px padding 5px background fff font size 14px font weight bold text decoration color ad hover ad a hover ad a active background 333333 color blue 52 WMS 308N Network Access Control Gateway User s Manual 4 3 2 Configure Authentication WMS 308N support 6 types of authentication Pregenerated Tickets On Demand Users Loc
7. gt m LAN WLAN AN3 Auth Type Pregenerated Ticket On demand Local Users Remote RADIUS Server LDAP Server POP3 Server WAN Port Auto IP PnP Service off Guest Service off Schedule Always Run Redirect URL ink Login Domain domaln3 login Name og Login Page Template Page Step 3 Configure VLAN on VLAN 1 VLAN3 Setup page set VLAN1 s tag to 101 VLAN2 s tag to 102 and VLAN3 s tag to 103 VLAN VLAN TaatlD 101 Step 3 Configure Port Setup on VLAN1 VLAN3 Setup page enable Port 1 and set VLAN TAG Mode to Tagged Port Setu Port 1 Port 2 Port 3 Port 4 Port s s s VLAN TAG Mode Untagged Tagged eo o Step 4 Configure Port Setup on VLAN2 Setup page enable Port 4 and set Port 4 to Untagged Port Setup Part Port 2 Port 3 Port 4 Fort Is s VLAN TAG Mode Untagged e 148 Tagged 9 WMS 308N Network Access Control Gateway User s Manual Step 5 Configure Port Setup on LAN Setup page enable Port 4 and set Port 4 s PVID to VLAN2 102 Port Setup Port PVID 802 1P Priority Port 1 o Port 2 o Port 3 LAN v o Port 4 VLAN2 102 o Step 6 Reboot System Step 7 Verify Wireless clients can connect WAP 954GP and WAP 854NP with correct authentication type 149 WMS 308N Network Access Control Gateway User s Manual Apoendx G Use T
8. 1 Lease Time 600 99999999 default is 86400 Hostname Length 1 32 0 9 A Z a z Space _ lt gt MAC Address MAC Format WAN Manual MAC Address 12 HEX characters IP Address A B C D IP Format IP Netmask 128 0 0 0 255 255 255 255 IP Gateway A B C D IP Format PPTP Server A B C D IP Format My WAN IP A B C D IP Format My WAN IP Netmask 128 0 0 0 255 255 255 252 Hostname Length Up to 32 0 9 A Z a z G _ lt gt 5 User name Length Up to 32 0 9 A Z a z Password _ lt gt MTU 576 1492 Primary Secondary DNS A B C D IP Format 128 WMS 308N Network Access Control Gateway User s Manual Table A Web GUI Valid Characters continued Block Field Valid Characters DDNS Hostname Length Up to 32 0 9 A Z a z _ User Name Length Up to 32 0 9 A Z a z Password _ lt gt Management System Name Length 1 32 0 9 A Z a z Space _ lt gt Description Length Up to 50 characters Space Location Length Up to 32 0 9 A Z a z Space _ lt gt New Password Length 4 30 0 9 A Z a z IORS e S Check New Password Length 4 30 0 9 A Z a z _ lt gt 5 Port 1 65535 IP
9. JD I hr 1 Paci 2 00 n amp Faci T hie 5 E T F i 10 00 Paci 7 i 0 040 H Paci i il Pau I B Thermal Printer Setup gt Service By default it s Disable To Enable to activate this function IP Address Enter the IP address of SR 120X serial server Command Port Enter the command port of SR 120X serial server COM Port Select the COM port of SR 120X serial server to connect to thermal printer Balance Date Enter balance date for statement printing from thermal printer Thermal printer can print Current Balance or Early Balance statement Below depicts an example for balance date Balance Date 6 17 23 59 Current Date Early Balance Current Balance A 6 17 00 00 6 17 23 59 6 18 00 00 6 18 20 00 Description Enter additional information for this Thermal Printer B Billing Plan Setup List Enable Select specified the billing plan for this thermal printer Plan Denote the name of billing plan Type Quota Denote the billing type and quota of billing plan Price Denote the price charged of billing plan Information Click this button to view accounts information for PayPal 69 WMS 308N Network Access Control Gateway User s Manual After configuring thermal printer general setting administrator must select specified billing plan for this thermal printer Change these settings
10. Privilege IP MAC Address Setup gt gt Device Name Enter the name of the workstation IP Address Enter the IP address or IP address Mask of the workstation Permitting specific IP addresses to have network access rights without going through standard authentication process MAC Address Enter the MAC address of the workstation Permitting specific MAC addresses to have network access rights without going through standard authentication process Description Enter appropriate text to denote this workstation Click Save button to add new rule all of rules can be edited and deleted Privilege IP MAC Address List gt Vvv v Device Name Denote the name of workstation IP Address Denote the IP address or IP address Mask of workstation MAC Address Denote the MAC address of workstation Description Enter appropriate text to denote this workstation Actions Click an action button to perform the appropriate action Y Delete Click this option to remove the specified item v Edit Click this option to edit the specified item 81 WMS 308N Network Access Control Gateway User s Manual 4 3 4 X Configure Walled Garden This function provides certain free services or advertisement web pages for users to access the websites listed before login and authentication Up to 20 rules can be defined in this list User without the network access right can still have a chance to experience the actual network serv
11. amp Firmware ipa rade i E Brews upgrade From time xn time the producer may release new verians of rhe vestem s fimwarne You eas elick Check Firmware Burton check and sownload up to date firmware and eie Brower burton te the file frem your local huddi B Upgrade Via Local PC Click Browse button to locate the new firmware and then click Upgrade button to upgrade B Upgrade Via TFTP Server Enter TFTP Server IP address and firmware file and then click Upgrade button to upgrade B Upgrade Via HTTP URL Enter URL address example http 192 168 2 10 xxx bin and then click Upgrade button to upgrade 1 To prevent data loss during firmware upgrade please backup current settings before proceeding 2 Do not interrupt during firmware upgrade including power on off as this may damage system 3 Never perform firmware upgrade over wireless connection or via remote access connection 42 WMS 308N Network Access Control Gateway User s Manual 4 2 6 Network Utility The administrator can diagnose network connectivity via the PING utility Please click on Utilities gt Network Utility and follow the below setting Network Utility Ping Result Traceroute Lookup IP Ping This utility will help ping other devices on the network to verify connectivity Ping utility using ICMP packets detects connectivity and latency between two network nodes As result of th
12. hia ies Cash gre a 3 JBDYNBTM 0 0 0 0 00 00 00 00 00 00 0 0 OB OB erede d erede oe Cash bee cree 1 3 LOGIN XMMN9W7C 192 168 3 10 E4 CE BF 4B C2 9E 0 0 Gre Cash Mp m n i 3 prai XMMNOW7C 192 168 3 10 2 9 146258 80276 201 165 3 376MB grade a Cash 2 sers s a LOGIN FAE7CMCS 192 168 3 10 E4 CE BF 4B C2 8E 0 0 OB OB ger gd ir Cash pei se a 3 Scu FAE7CMCS 182 168 3 10 E4 CEBF 4B C2 9E 15119 8054 20 684MB 355 3KB E ems zi Cash Lei one de 3 LOGIN FAE7CMCS 182 168 3 10 4 8 4 2 9 0 0 OB OB Bee ae h Cash tem ries cea 3 LOGOUT FAE7CMCS 192 168 3 10 4 8 2 9 1549 1295 1 723MB 145 5KB ei 7i Pis xu zd Cash 2 3 LOGIN FAE7CMCS 192 168 3 10 8 2 9 1 2 52B 104B oe gere dn Cash en greed E 3 KICK FAE7CMCS 192 168 3 10 4 8 4 2 9 3799 4879 2 008MB 577 6KE emm A E 2 a Cash pn pops iere FAE7CMCS 0 0 0 0 00 00 00 00 00 00 0 0 OB 0B asd d a Ernie bs Cash Mp pepe E 3 6CG6RW3FC 0 0 0 0 00 00 00 00 00 00 0 0 OB 0B gen zs eric in Cash i arre 3 LOGIN 6CGRW3FC 192 168 3 10 E4 CE BF 4B C2 9E 0 0 OB gerere inn Qr at Cash pr Showing 1 to 17 of 17 entries Passcode Username Denote the user s passcode or username IP Denote the user s IP address MAC Denote the user s MAC address Packets In Denote the current user s packets in Bytes In Denote
13. B Packet RX TX Denote the transmitted and received packet of data by the group B Bytes RX TX Denote the transmitted and received bytes of data by the group Click specific hyperlinks on Name of Group the network traffic of managed APs will be displayed as illustrated 108 WMS 308N Network Access Control Gateway User s Manual Traffic Monitor Auto Refresh Interval 10 Seconds Apply 1000 Group Test RX 800 192 168 2 61 RX 600 192 168 2 60 RX 400 192 168 2 62 RX 200 Bps 0 EE Group Test TX 192 168 2 61 TX 192 168 2 60 TX 192 168 2 62 TX He j KBps 0 ES Group Test Client 192 168 2 61 Client 1 BH 192 168 2 60 Client 192 168 2 62 Client Group Overview Group Test Show IP Address MAC Address F W Version F W Date Status Clients Packet RX TX Bytes RX TX Actions 1 B 192 158 2 61 003A50 00 8728 Cen AP N2H1 V1 1 3 ERAS 43 10 Online 1 5419 2329 19 87 ud Locate Reboot 2 V 192 168 2 60 00 1 50 00 87 2 Cen AP N2H1 V1 1 3 rs ru 43 11 Online o 3242 1799 778 84 ul ELS Locate Reboot V 1921682 62 00 14 50 17 30 08 Cen CPE G2H5 2012 05 15 42 39 Online 0 3516 2293 795 04 KB 353 31 Locate Reboot V2 1 5 16 27 03 KB Total 3 3 1 12177 6421 poe B IP Address Denote the IP address of the AP MAC Address Denote the MAC address of the AP B F W Version Denote the firmware version of the AP B
14. WMS 308N Network Access Control Gateway User s Manual Tickets List Show all tickets in this database gt y y Vv yyy File ID Denote the identity number of the database Code User can used Passcode of ticket for access Internet Type Quota Denote the billing type and service quota on this ticket Status Denote the status of ticket There three types of status Unused Used and Expired Create Time Denote the ticket create time Open Time Denote the time of the first time used on this ticket Start Time Denote effective starting time on this ticket End Time Denote effective ending time on this ticket Last Login Denote the last login time on this ticket Price Denote the price of the charged on this ticket Currency Denote the currency of the charged on this ticket Actions Click an action button to perform the appropriate action v Delete Click this option to remove ticket from this billing plan When administrator click this option the alert message will appear as below Message from webpage Eg 2 Do vou want bo delete the ticket Click Refresh button to reload the page After you login system via Pregenerated authentication the timer page will appear Don t close Timer page Because the Logout button on this page If Timer Page doesn t appear in the browser please enter http s domainO login to open Timer Page see section 4 3 1 58 WMS 308N Network Access Control Ga
15. 126 WMS 308N Network Access Control Gateway User s Manual 4 6 3 Event Log The Event log displays system events when system is up and running Also it becomes very useful as a troubleshooting tool when issues are experienced in system amp System Log Time Facility Se werity Mig sag Time The date and time when the event occurred Facility It helps users to identify source of events such System or User 5 5 17 B Severity Severity level that a specific event is associated such as info error warning etc m Message Description of the event m Refresh Click this button to renew the log Clear Click this button to clear all the record 127 WMS 308N Network Access Control Gateway User s Manual Web GUI valid Characters Table A Web GUI Valid Characters Block Field Valid Characters VLAN Tag 1 4094 Aner ene A B C D IP Format IP Netmask 128 0 0 0 255 255 255 252 IP Gateway A B C D IP Format Total Max Upload Download 0 102400 0 is unlimited default is 512 Individual Upload Download 0 102400 0 is unlimited default is 512 Group Upload Download 0 102400 0 is unlimited default is 512 Session Limit per IP 10 500 O is unlimited Start End IP A B C D IP Format DNS1 DNS2 WINS IP A B C D IP Format Domain Length Up to 32 0 9 A Z a z lg 96
16. Auth Type There will shows 7 types of authentication Pregenerated On Demand Local Users Local RADIUS Users Remote RADIUS LDAP POP3 and Guest Status There will show 10 types of status as below v v v LOGIN Denote the user login to the hotspot service LOGOUT Denote the user logout to the hotspot service IDLE TIMEOUT Denote the user idle time is over timeout setting of Service Domain the system will logout user automatically USE UP Denote the quota of time of user is over SESSION TIMEOUT Denote the user session timeout for connecting to remote RAIDUS VOLUME USE UP Denote the quota of volume of user is over KICK Denote the system kick out the user TIME OUT OF RANGE Denote the service time out of range Passcode Username Denote the user s passcode or username IP Denote the user s IP address MAC Denote the user s MAC address Packets In Denote the current user s packets in Bytes In Denote the current user s bytes in Packet Out Denote the current user s packets out Bytes Out Denote the current user s bytes out B On Demand Log As shown in the following figure each line is traffic history record consisting of 15 fields Date Location Status Passcode Username IP MAC Packets In Bytes In Packets Out Bytes Out Start Time End Time Plan Payment Type and Cost 86 WMS 308N Network Access Control Gateway User s Manual Slate Type Cost 2012 02
17. B0 Batre i Password Last Update Time actions TET 00 11 54 Cony te template Dawnlnad ta PC Recovery assess 3010 01 0100 1230 Copy te template Downlosd to C Hines Save Setup 5 WAP 854NP A s profile to template and set name to WAP 854NP Template MAC 00 1 AS O 00 6 7 28 Copy to template File Please inputtemplate name WAP B854MP Template ALA Step 6 Configure WAP 854NP B and WAP 854NP C with WAP 854NP A s template Click Restore button on the WAP 854NP B and WAP 854NP C the AP Profile Restore page will appear 151 WMS 308N Network Access Control Gateway User s Manual Select Load From Template Profile in Restore Type setting field Select WAP 854NP Template in the Template Profile List then click Restore button amp Discovery gt AF Profile Restore Step 7 Verify WAP 854NP B and WAP 854NP C settings The VAPO s ESSID will be WAP 854NP A All settings will be the same with the WAP 854NP A in addition to IP address remains unchanged Prafra zh AP Profile Management z Status Hast Wane Address IP Part waril Lasy Update Time Az toss Delete All e WARS BP as 192 1 amp 8 2 50 amp n Downed ta PE Resbare Delgi BARRA UALS 2E 192 160 2 b2 Ud ate eO 1 01 000920 Download ta PE Restore Delete WAPS5AMP 001465000 192 168 2 61 0 LEE
18. By default it s Disable To Enable to activate MAC filter control in the same group APs the system will automatically assign block MAC address of the wireless clients for group managed APs after the Sync Interval Please see section 4 4 2 MAC Filter Control ES X Service Enable Disable MAC Address Address Actions it MAC Address Actions 00 14 50 17 00 01 v Address Enter MAC address in this field There are maximum 20 clients allowed in this MAC Filter List The MAC Address of the wireless clients can be added and removed to the MAC Filter List using the Add and Delete button 104 WMS 308N Network Access Control Gateway User s Manual You also can add specify MAC address form Group Online Users page Please see section 4 4 6 When these services enabled the switch will automatically control channel txpower maximum clients and MAC filter during every Sync Interval Please see section 4 4 2 B Group List Display created group in the list AP Group List Create New Group Group Name Description Actions Group Test Map Location Edit Delete Group Denote the name of group Description Denote the additional description of group Actions Click an action button to perform the appropriate action v Edit Click option to configure settings of the respective group in the list Y Delete Click option to configure settings of the respective gro
19. In the On Demand Information page Administrator may create and delete on demand users Safran Service Domain gt Billing Plans Setup gt On Demand information PlanQ Information Statistics Srv Erable Ticket Cty Plan Mame Package 0 Used Tikka Gey 0 Frsce LO OO USO Expired O Iwnitormation APUO Total Prices 120 LEO KEY 1224306 7890 Dec rigtion Tickets per day Type and cues elie End Tig 7 Emake Srarr Time 0 Das Heures 0 Minutes Effecihee End Time 5 Days 0 Hours Minutes Prin JUL Ad ie PE Type Lua Time Time End Tire Lagin prm En LN Unlimited Lineal bed Tire Lined 017 OF eh 04 75X OL ht POL LI re a n USD Eier n EG RESI OE Lnlimiped Unzil Ered Time fo Looe 10 201207 OG 100610 EOLZIOTILL 10706 10 10 00 USD Unlimited bee Time JO1JZJ DIJ OWU Lah ae D AK PULZPUTITA LR USD Eier Unlimited iil Ere Time Unie ss 18 25 53 PO1l2 07 09 LE 265 01207 18 26 53 10 usn Dele ToT MAB A Unlimited agil Ered Tira 2012 57 05 18 25 59 5012 07 09 18 26 55 s012 07 14 18 26 50 15 00 usn Delili D Linlimiped Unzil Ere Tire Unused fe 7003 LOl2 07 609 18 27 03 E012 07 14 18 2703 10 00 usn Deere Unlimited Ered Tira 2012 57 05 1327 08 5012 07 09 18 27 65 S0
20. SNMP ro user Set a community string to authorize read only access 2 SNMP ro password Set a password to authorize read only access SNMP rw user Set a community string to authorize read write access gt SNMP rw password Set a password to authorize read write access m SNMP Trap Events such as cold start interface up amp down and association amp disassociation will report to an assigned server 2 Community Set a community string required by the remote host computer that will receive trap messages or notices send by the system IP Enter the IP addresses of the remote hosts to receive trap messages Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 40 WMS 308N Network Access Control Gateway User s Manual 4 2 4 Restore and Reset to Factory Current settings on the system can be backed up or previous backed up settings can be restored as well as resetting the system back to factory default can be performed via this page Please click on Utilities gt Profile Setting and follow the below setting Profile Save Profile Save save Settings To PC Load Settings From PC Browse Upload Reset To Factory Default Default In this page YOU Can Save your current configuration restore a previously saved configuration or restore all of the settings in the system to the factory default settings
21. Select Local Radius for Service DomainO s Authentication Type Click Save button Step 5 Add Local Radius Accounts User s Manual Click Service Domain gt Authentication gt Local Radius Accounts the Local Radius Accounts Management page will appear amp Service Domain gt Local RADIUS Accounts Management Group Setup Lente Mame Add Group List GCrnup Mame Arras Oi None RADIUS Accounts Setup Liserrname Pastweand MAC Desrriptien Crean Mans c Local RADIUS Accounts List Group Sherwall Das bebe show i ELT m 5 Se Te 1 Det 1 Showing 1 to 1af 1 entries MAL Pddness renee Acreunegs File File Feman Account File Expert Anew account can be added into the Local Radius Database To add a account here enter the Username e g test1 Password e g 11111 MAC Address optional to specify the valid MAC address of this account and Description gt More accounts can be added by clicking the Save button Step 6 Restart WMS 308N gt Click Reboot button to start the restarting process amp Reboot Reboot 21 When the Home Page appears it means the restart process is now completed WMS 308N Network Access Control Gateway User s Manual 3 2 3 Access Internet To verify whether the configuration of the new Local Radius accounts created via the Quick Configuration ha
22. nmm men l ia Mode Dynamic IP Mode Status Renew gt MAC Address D0 TA 50 00 74 4 IP Address Metmask Gateway ae lt ii Sut Online Users Domain Auth Guest Domain 0 Domain 1 0 Domain 2 0 Domain 3 Domain 4 Domain 5 Domain amp a Domain 7 0 Total Oo WMS 308N Network Access Control Gateway User s Manual 3 2 2 Quick Configuration WMS 308N provides wireless and wired network service with authentication required for clients in Service Domain Clients in the each Service Domain are isolated with each other WMS 308N supports 8 Service Domains Domain 0 to Domain 7 Administrator can select authentication type on each Service Domain If Authentication Required is enabled the clients are required to get authenticated successfully before access the Internet Configuration Steps Step 1 Change Root s Password gt Click System gt Management the Management Setup page will appear Enter a New Root Password for the Root account ad retype in the Check Root Password field 4 30 alphanumeric and specific characters not support Space Click Save button Root Password New Root Password Check Root Password 6 For security concern it is strongly recommended to change the Root password Step 2 Select Connection Type for WAN1 Port and Set DNS Server gt Click System gt WAN the WAN Setup page will appear gt Select the
23. 0 Bps 0 Local Radius 0 Domain 4 0 ss 14 50 00 74293 3 Total 0 15841 Domain 5 0 IP Address 192 168 2 754 x Hetmask 155 755 755 0 Used Space D Domain 7 D D TX Bytes 79909 System Information Display the information of the system m Networking Information Display the information of the network m DHCP Clients Information Display the information of the DHCP clients Service Domain Information Display the information of the Service Domain 124 46 2 Extra Info WMS 308N Network Access Control Gateway User s Manual Administrator could pull out information such as Route table ARP table MAC table Bridge table or STP available in the drop down list from system The Refresh button is used to retrieve latest table information amp Extra information Extra Information Information MEA Information Metstat Information Protocol Ete Tiree 2 End F amp TABLISHETS 119 WANT 5 15 srelP sr Pori amp B 2 43 155b 9 1 ER 2 157 TTT 130632 B baie 108 92 1 1 1 1 2 052 i F l6 Bid LG i25 Fi 1 EB 2 1 F LE Ed 3 1 1 3 gt Netstat Information Select NetStatus Information on the drop down list the connection track list should show up NetStatus will show all connection track on the system the information include Protocol Live Time Status Sour
24. 4294967295 Distribute RIP over OSPF Allow RIP routes will redistributed into OSPF RIP Settings Service By default it s Disable To Enable to activated RIP routing service Side Devices Specify desired interface WAN1 WAN2 LAN or VLAN1 VLAN7 for sending and receiving of RIP packets Distribute OSPF over Allow OSPF routes redistributed into RIP 122 WMS 308N Network Access Control Gateway User s Manual Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes Routing Rules Service Click Enable to activated static routing Destination Net Mask Specify desired destination IP network address with format of A B C D M Via Select a next hop of Gateway or Interface to the destination IP network B Protocol Set static routing rule to RIP or OSPF network Select RIP to associate specific network on RIP routing process Select OSPF to associate specific network with the specified area on OSPF routing process Click Save button to add Routing rule to List There are maximum 20 rules allowed in this List All rules can be edited or removed on the List Click Reboot button to activate your changes Routing Rules List Status Denote the current status of rule Destination Net Mask Denote the destination IP network address with mask Via Denote the next hop of Gateway or Interface to the destination IP network
25. Denote the quota of volume of user is over KICK Denote the system kick out the user TIME OUT OF RANGE Denote the service time out of range ADD OD ACCOUNT Denote the system add On Demand user account DELETE OD ACCOUNT Denote the system delete On Demand user account Passcode Username Denote the user s passcode or username Denote the user s IP address MAC Denote the user s MAC address Packets In Denote the current user s packets in Bytes In Denote the current user s bytes in Packet Out Denote the current user s packets out Denote the current user s bytes out Start Time Denote the start time on this users End Time Denote the end time on this users 87 WMS 308N Network Access Control Gateway User s Manual Plan Denote the current user s billing plan Payment Denote the current payment type there were show Cash or PayPal Cost Denote the current service charge B Session Log The system can recored connection details of each user accessing the Internet and sent out to a specified Syslog Server or E Mail based on defined interval time As shown in the following figure each line is traffic history record consisting of 10 fields Date Time Session Type Username Service Domain Source IP Source Port Destination IP Destination Port MAC 2011 02 15 12 25 22 NEW testi Local Radius TCP dm 0 zrc 192 168 1 10 sport 3676 dst 122 116 218 88 dport 80 MAC 00 1A 92 9F A4
26. Edit Click this option to edit Wireless Information and Description in selected tickets database v Delete Click this option to delete selected tickets database 55 WMS 308N Network Access Control Gateway User s Manual Below depicts an example for information of Pregenerated tickets databases when you click Info option Ticket Information Wireless Lafarge Effecihee Start Time Piedi End Time aud Cua Passcode Type Export Tickets PUD EPR TPO L T DO COMUE ee alice Wel End Tiene kis Desi Lerner lupa Service Domain gt Pregenerated Tickets DA gt Tickets Manager 13 0Q GMT 40S DU Passcede Length B Quantiry 599 Prec 1 AUL Export Mode Export BIN Expat TAT Printable Expined T t l Price Statistics File ID 244951 Titket Gey 57H Used Ticker Gry 0 chet Ory 0 3599 AL Ea o EE ale T Len Tire Cauca Time End Time Lati Ligin Pree Cunency 1 Lintil End Tire Lined RIF GT 15 49 7 OT PS PUA 255 HEGN 19 1 ALES 00001 1 amp 7O41MO Unlined Umil End Time Unused 2012 07 03 15 49 28 2012 07 03 15 00000 2013 07 03 15 00 00 AUO 1 Ms Lintil End Firme 1549 2 PUTSPUFIPOS 25H LM 1 ALES 00001
27. IP Plug and Play the WMS 308N supports IP PnP for the respective Server Domain At the user end a static IP address can be used to connect the system Regardless of what the IP address at the user end is authentication can still be performed through WMS 308N IP PnP only supports on NAT mode Guest Service By default it s Disable To Enable to activated guest service limitation the Guest button will appear on the login portal window Below depicts an example Guest Service NAC Gateway Access Controller amp Username Local Radius Log Farmoni Please input Passcode Username and Password then you can use our Internet Barvita Thanks Guest Count Limit Enter maximum number of guest to a desired number in the range of 1 100 The default value is 5 For example while the number of the guest is set to 5 only 5 guest are allowed to connect to Internet via controller at the same time JL Guest Time Enter maximum free service time for guest user within 24 hours The default is 10 Minutes the range is between 1 to 720 Minutes 49 WMS 308N Network Access Control Gateway User s Manual Expired Login Guest Time 720 Minutes t Block tI Freee Sl i eee 6 17 00 00 6 17 12 00 6 18 00 00 B Custom Pages Configure Custom pages for this Service Domain Administrator can select Template Page or Upload Customize Page Template
28. In Packets Out Bytes Out Start Time End Time Plan Payment Type and Cost Date Denote current event s date and time gt Status There will show 10 types of status as below v v LOGIN Denote the user login to the On Demand service LOGOUT Denote the user logout to the on demand service IDLE TIMEOUT Denote the user idle time is over timeout setting of Service Domain the system will logout user automatically USE UP Denote the quota of time of user is over VOLUME USE UP Denote the quota of volume of user is over KICK Denote the system kick out the user TIME OUT OF RANGE Denote the service time out of range 91 WMS 308N Network Access Control Gateway User s Manual v ADD OD ACCOUNT Denote the system add user account on On Demand service v DELETE OD ACCOUNT Denote the system remove user account on on demand service amp On Demand Log Show entries Search i a af af af af af af i a Status code Username IP Address MAC Address In Out Bytes In Out End Time Plan esp E 1 Pears QEJEGNGS 0 0 0 0 00 00 00 00 00 00 0 0 OB OB a at Cash ee 3 Fen KPE3YG6S 0 0 0 0 00 00 00 00 00 00 0 0 OB 0B E c germs ri Cash M 3 E Z7CWKZ73 0 0 0 0 00 00 00 00 00 00 0 0 S gree ES Cash ree 3 ACID XMMN9W7C 0 0 0 0 00 00 00 00 00 00 0 0 OB OB rw im n a Cash nl arre FAE7CMCS 0 0 0 0 00 00 00 00 00 00 0 0 OB
29. Page Choose Template Page to make a customized login page Click select to pick up a color and then fill in all of the banks You also can use Color Template for your template If you use Color Template please click Apply button to change all color You can change the text as your wish After finishing the setting Click Save button and Preview button to see the result gt Upload Page Choose the Upload Page selection and click Upload button to upload the designated page and photo The upload files will be listed on the File List field Below depicts an example for upload File List The file name of upload page must be login html Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 50 WMS 308N Network Access Control Gateway User s Manual Example for Upload Page Here the codes are supplied Please note that the red part is for the login feature can t not modified the green part can be modified freely by administrators meta name apple mobile web app capable content yes gt lt Auto Login for Apple s product gt lt meta names apple mobile web app status bar style contentz black gt lt Auto Login for Apple s product gt html head title hHotspot main title title JAVASCRIPT lt head gt lt body gt lt h1 gt lt hHotspot_main_title gt lt h1 gt p hHotspot sub title p
30. Primary WAN Interface If Connection Detection is disabled and the PHY s connection is Green Status Port Link Info the system will detect remote Gateway IP address of Primary WAN on every 5 seconds When system detect failure 3 times the traffic of package will routed via Secondary WAN Interface When Primary WAN Interface detect 1 time success the traffic of package will routed via Primary WAN Interface Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 28 WMS 308N Network Access Control Gateway User s Manual 4 1 4 Configure Dynamic DNS Dynamic DNS allows you to make an assumed name as a dynamic IP address to a static hostname Please click on System DDNS and follow the below setting Dynamic DNS Setup DDNS Service O Enable 9 Disable Serivce Provider Hostname Username Password Save m Service By default it s Disable To Enable to activate this function Each time your IP address for WAN is changed the information will be updated to DDNS service provider automatically Service Provider Select the correct Service Provider from the drop down list here included are dyndns dhs ods and tzo embedded in the WMS 308N m Hostname This field represents the Host Name you register to Dynamic DNS service and expect to export to the world m User Name amp Password User Name and Passwo
31. SBAOXMFX Unlimited Umil End Time Unused 2012 07 03 15 49 28 2012 07 03 15200000 2013 07 03 15 00200 1 AUD 00001 TEXGAFAN Unlisted Until End Tie Unused 2012 07 03 15 45 28 2 07 03 15 00 00 2013 07 03 15 00 00 l Delete 00001 D3BY4D2O Unlimited Umil End Time Unused 2012 07 03 15 49 28 2012 07 03 15200000 2013 07 03 15 00200 1 au 00001 WRENIWPR Umil End Tiene Unused 2012 07 03 15 40 28 12 07 03 150000 2013 07 03 15 00 00 AUD 00001 701KY7Y Unlimited Until End Time Unused 2012 07 01 15 49 28 2012 07 03 15 000 00 2013 07 03 15 00 00 1 AUO 00001 IVTODPR Unlisted Until End Tiene Unused 2012 07 03 15 45 28 2 07 03 190000 2013 07 03 15 00 00 Delete 00001 S9ISDG7KS Unlimited Until End Time Unused 2012 07 03 15 49 28 2012 07 03 15 00000 2013 07 03 15 00 00 1 AUO Delete Showing 110 10 of 599 Eun B Ticket Information Show the ticket information in this database gt File ID Denote the identity number of the database Wireless Information Denote the wireless information on the ticket Description Denote additional information on the ticket Effective Starting Time Denote the effective starting time on the ticket Effective Ending Time Denote the effective ending time on the ticket Type and Quota Denote the billing type and service quota on the ticket VV y V ve V y Y Price Quan
32. Search Time Denote the specified search time range Name Denote the name of billing plan On Demand Denote the quantity of ticket from manually created Payment Gateway Denote the quantity of ticket from payment gateway created gt gt gt gt Thermal Printer Denote the quantity of ticket from thermal printer created Amount Qty Denote total quantity of created ticket of billing plan Unit Price Denote the unit price of billing plan Subtotal Denote the total price of billing plan gt Total Denote the total price and quantity on all billing plan 73 WMS 308N Network Access Control Gateway User s Manual Click on Service Domain gt Authentication gt On Demand to enter the Ticket Customization page Administrator can edit text on printed ticket on this page 4 32 characters supported on these text setting field amp Service Domain gt Billing Plans Setup gt Ticket Customization Setu Ticket Customization Setup Passcode Passcode Price Price Type Quota Quota Create Time Create Time Start Time Start Time End Time End Time Wireless ESSID Wirless ESSID Wireless Key Wireless Key A uU Description Description Preview Save Change these settings as described here and click Save button to save your changes Click Preview button to preview ticket in the Billing Plan 0 Below depicts an example for previewing ticket Click Cl
33. System Up Time Denote the system up time of the AP B Status Denote the currently connected status of the AP B Clients Denote the number of clients connected to the AP B Packet RX TX Denote the transmitted and received packet of data by the AP B Bytes RX TX Denote the transmitted and received bytes of data by the AP B Actions Click an action button to perform the appropriate action Locate Click this button to locate the AP the LED on the AP will flash so that you can place it in the correct location on the map The LED will flash around 10 seconds Reboot Click this button to restart the selected AP 109 WMS 308N Network Access Control Gateway User s Manual 4 4 6 Group Status This section provides detailed informations of group on Location Online Users and Device Syslog can be reviewed via this page Please click on AP Management Group Status the Group Status page will appear amp Group Status Map Building 2 Refresh Label io ren ia P Address Host Name B Group Select a specific group of managed APs to get group status Location Show current managed AP s location on the respective group The green flag mark indicates the AP can be accessed and double click to view the respective System Information the question mark indicates the AP can not be accessed gt Map If multiple maps have been uploaded you can select which map
34. T WMS 308N Network Access Control Gateway User s Manual 4 3 2 5 Configure Remote Radius Server WMS 308N provide remote Radius server authentication Please click on Service Domain gt Authentication gt Remote Radius Server the page of Remote Radius Server Setup will appear amp Service Domain gt Remote Radius Server Setup Radius Server Service Enable Disable Primary Server IP Secondary Server IP Authentication Port Accounting Part Secret Key Accounting Service Enable Disable Authentication Save B Service By default it s Disable To Enable to activate this function B Primary Secondary Server IP Enter the IP address of the Authentication RADIUS server Authentication Port The port number used by Authentication RADIUS server Use the default 1812 or enter port number specified B Accounting Port The port number used by Accounting RADIUS server Use the default 1813 or enter port number specified B Secret Key The secret key for system to communicate with RADIUS server Support 1 to 64 characters B Accounting Service Select this to enable or disable the Accounting Service for accounting capabilities B Authentication Type Select the desired authentication type from the drop down list the options are CHAP and PAP Change these settings as described here and click Save button to save your changes Click Reboot bu
35. appropriate Connection Type for WAN1 port there are four types of WAN1 connections to be selected from Static IP Dynamic IP PPPoE Client and PPTP Client Enter the IP Address of a DNS Server provided by your ISP Internet Service Provider Contact the ISP if the DNS IP Address is unknown gt Click Save button A WAN Setup Eee E 4 1 19 Step 3 Choose System s Time WMS 308N Network Access Control Gateway User s Manual gt Click System gt Time Server the Time Server Setup page will appear gt Select the appropriate setting and Click Save button amp Time Server Setup System Time Local a Setup Time Use NTP Default HTF Sap ree Tire Dore Daylight Saving Time Diable User Setup Date Set Time Set Time Eirrsar s Bel Ei rum gry baw oe bee CMIT ORB Ov Beijing rang King Singapane Taigeei Time Display Format Forma tteee es Ihe dba Th year dd a number The month i decimal numt E The minube as decemal mumier range The d a decima number Dinge C En 39 Display Fenmat he day of rhe i Be DHE eae Weel Fi E She ty Se full papery ier pr the current bale Non bt treated ax and middmight AM Pee hir ak a decimal rrurmber uina A The hour as decimal rrumber using a 14 Yer Red HM eS CRY Pn Pd Descripcion number Wit
36. as described here and click Save button to save your changes Click Reboot button to activate your changes Click Info button to enter Thermal Printer Information page In the Thermal Printer Information page administrator may generated and delete ticket manually amp Service Domain gt Billing Plans Setup gt Thermal Printer Setup gt Printeri Information Thermal Printerd Information Statistic E donee j like Lx Ticket C Pur aia Frige 1 Date Daily Tickers Chart show o oir ds Emr T Port HE Lnlimined End Time 20 10 28 30 201 1 017 20 We 2S do 2011 01 25 10 i 191 0 Celene Wa a Mulbale Times 8 H Lrg aad 18 23 24 Sat 21 20 10 28 24 1 Delete GO Hinati ungted O ed 1 0 28 18 2011 91 20 Pee dd 1 01 1 1 Delete Lise EA Velim e 31000 ME 2011 01 50 10728703 201 1 701720 10 28 03 2011 0025 T r 5305 5 o pr Delare ZES37RH One Tue 10 Minutes Lina 2011 01 20 150 27 53 1011 01 20 10 27 Se 2811 01 25 10 27 58 1 8 un Delete AUYE EUI Time IO Hingbet TE 2011 01 19 11 13 53 iig 147 ie 7 Delere BL PEHZED Unlimimed End Tim Unused SOV UFOS IG 11 13 37 201 1 01 19 11 13237 2 11 13 37 Tre Delare Fad Time Lii ed 2511 01 18 112813 l 1 28 17 l 12 Delete l EX Mulbpl amp Times GO Minutes 15 59
37. below setting amp MAC Filter Setup MAC Rules MAC Filter List RET HE z F MAC Address Se hard ale Ac F MAC Address Sa hard ule Pvc ons Always Han Action Select the desired access control rule the options are Only Deny List MAC or Disable define certain clients in the list which will have denied access to the Access Point while the access will be granted for all the remaining clients Access Control Type is set to Reject m MAC Address Enter MAC address in this field There are maximum 20 clients users allowed in this MAC address list m Schedule Select specified time period for this rule Click Save button to add MAC filter rule to List There are maximum 20 rules allowed in this MAC Filter List All rules can removed on the List Click Reboot button to activate your changes 117 WMS 308N Network Access Control Gateway User s Manual 4 5 4 Virtual Server Port IP Forwarding A certain area in the network can be exposed to the Internet in a limited and controlled way for on line game or video conferencing via this page Please ensure the internal port to be used is not occupied by other applications Please click on Advance Virtual Server and follow the below setting amp Virtual Server Setup Virtual Server Virtual Server List B Service Description Protocol Privase Public Port Priwame Port WAN Schedule Actions Away Aun 4 c
38. glossary Payment status Details Order status Actions Gross Completed Details HT 1 TWO Completed HT 1 TWO Products amp Services m e Payment Fram SHEN CHUN Helied Transaction Sent to SHEN CHUN TE Email Unceshengyahoo com Total Amount HT 1 TWD Fee amount NT TWO Net amount NTO TWD Date Jun 17 2010 Time 21 40 42 GMT 48 00 Status Completed 146 Refunded Details HT 1 TWD HT 1 TWD HT o TWD Cand NTO TD WMS 308N Network Access Control Gateway User s Manual poendx F Example of AP Device Connection With VLA This section is to show independent Hotspot owners how to setup different Service Domain for AP device with VLAN tagged or untagged The Figure shows an example for AP device with VLAN tagged and untagged connect to different Service Domain On Demand Pregenerated Local RADIUS Gateway WMS 308N NAC Gateway WAP 954GP The WMS 308N create three Service Domains Domain 1 use On Demand authentication with VLAN tag 101 Domain 2 use Pregeneraged Tickets authentication with VLAN tag 102 Domain 3 use Local RADIUS accounts authentication with VLAN tag 103 The WAP 954GP connect to WMS 308N s LAN1 port and create three VAPs with different VLAN tag 101 102 and 103 and the wireless clients can connect Internet via WAP 954GP with different authentication The WAP 854NP connect to WMS 308N s LAN4 port and
39. in Keyword setting field Protocol Content Filter Keyword Add Remove 119 WMS 308N Network Access Control Gateway User s Manual B Local Port Specify local port LAN port range required for this rule B Destination Port Specify destination port range required for this rule B Service Domain Select specified Service Domain for this rule B Schedule Select specified time period for this rule B Service Check Enable button to activate this rule and Disable to deactivate Click Save button to add control rule to List There are 20 rules maximum allowed in this Blacklist All rules can be removed or edited on the List Click Reboot button to activate your changes 120 WMS 308N Network Access Control Gateway User s Manual 4 5 6 DMZ The Demilitarized zone DMZ can be enabled and used as a place where services can be placed such as Web Servers Proxy Servers and E mail Servers such that these services can still serve the local network and are at the same time isolated from it for additional security DMZ is commonly used with the NAT functionality as an alternative for the Virtual Server IP Port Forwarding while makes all the ports of the host network device be visible from the external network side Please click on Advance gt DMZ and follow the below setting DM Setup WAN DMZ WAN2 DMZ ze B Service Check Enable button to activate
40. m Save Settings To PC Click Save button to save the current configuration and database to a local disk File Download Do you want to save this find a program online to open it z Mame config bin Type Unknown File Type From 192 168 272 254 While files fram the Internet can be useful same files can potentially harm your computer IF vou do nat trust the source do not find program to open this file or save this file what s the risk Load Settings from Click Browse button to locate a configuration file and database to restore and then click Upload button to upload The system will restart after uploading configuration and database Reset To Factory Default Click Default button to reset back to the factory default settings The system will restart after uploading configuration and database 1 Do not interrupt during Profile upload or Reset to Default including power on off as this may damage A system 2 While Profile upload or Reset to Default the Power Status Green LED will change to Amber LED 41 WMS 308N Network Access Control Gateway User s Manual 4 2 5 Firmware Upgrade The administrator can download the latest firmware from website and upgrade the system here It might take a few minutes before the upgrade process completes and the system needs to be restarted to activate the new firmware Please click on Utilities Firmware Upgrade and follow the below setting
41. n IPv6 Format for 6to4 WAN Type Lease Time 0 9999999 default is 60 IP Filter source Destination Address A B C D IP Format source Destination Mask 0 32 source Destination Port 1 65535 MAC Filter MAC address MAC Format 12 HEX characters Virtual Server Description Up to 32 characters Private IP A B C D IP Format Private Public Port 1 65535 Blacklist Name Length 1 32 characters Space MAC Address MAC Format Local IP Destination IP A B C D IP Format Local Port Destination Port 1 65535 Keyword Length 1 64 0 9 A Z a z G _ lt gt 5 IP Routing Destination Net Mask Net A B C D IP Format Mask 0 32 OSPF Area 0 4294967295 DMZ IP Address A B C D IP Format Time Policy Start From End To Time Format hh mm Start From End To Service Domain Login Timeout 1760 default is 10 Redirect URL URL Format 130 WMS 308N Network Access Control Gateway User s Manual Block Field Valid Characters Guest Count Limit 1 100 default is 5 Guest Time 1 720 default is 10 Table A Web GUI Valid Characters continued Block Field Valid Characters Authentication Service Name Length 1 32 characters Management space Description Length Up to 64 characters Space Pregenerated File ID 1 32767 Price 1 7 digit number Currency 1
42. oO Off Line Denote the current managed AP unable detected and accessed v Unauthorized Denote the current managed able detected but unable accessed a If Status shows Unauthorized it indicates the Password is incorrect You need change correct password and click Save button v e Changed Indicate the current managed AP s settings changed The switch will automatically download profile after the Auto Download Profile Interval v Upgrading Indicate the system upgrade on current managed AP B Host Name Denote the current system name of the respective managed AP B AP MAC Address Denote the current MAC address of the respective managed AP B IP Address Port Denote the current LAN IP address and port of the respective managed AP If the managed AP s IP Address and Port changed after importing profile Administrator need change IP address and port then click Save button to activated Otherwise the switch unable access managed AP B Password The default password is default while administrator import managed AP s profile Enter the correct password of the respective managed AP to access 96 WMS 308N Network Access Control Gateway User s Manual B Last Update Time Denote the last update time of the respective managed AP B Actions Click an action button to perform the appropriate action v Copy To Template Click Copy button to save profile of the desired managed AP
43. s Manual Appendix System Manager Privileges There are three system management accounts for maintaining the system namely the root admin and operator accounts are with different levels of privileges The root manager account is empowered with full privilege to Read amp Write while the admin manager account is Read only Main Menu Sub Menu Group Admin Privilege Ope ivile Sa ore Nor NANTraffic oo None None CaN an Rem amp Wie Noe Service amp Wie None Read amp Write None regenerated Read amp None Billing Plan Setup Read amp Write None Create Accounts Read amp Wnte Read amp winie ment Panier Setup Read amp Read Billing Pian Repot Read amp Write Read amp Write ee S E E wate _ Authentication Remote RADIUS _ Read Pu authentication LDAP Read amp Write None _ Authentication POp3 Read amp Wnte None C None 134 WMS 308N Network Access Control Gateway User s Manual 135 WMS 308N Network Access Control Gateway User s Manual Appendix C Create PayPal Business Account This section is to show independent Hotspot owners how to configure related settings in order to accept payments via PayPal making t
44. specified in meters by default but you can switch to kilometer feet or mile using the drop down selection menu on Scale Unit setting field Click Save button to save your changes Map Name i Building 2 Scale Unit 110 Meter Save Set Map Scale 6 Enter the distance of this line to set the scale of this map Distance 15 m Cancel Confirm 10m v Location Use this option to place managed AP s on the map Drag managed APs icon from the Device List on the left to the appropriate location s on the map Move your mouse on managed APs icon the Hostname and IP address information will be displayed as illustrated 106 WMS 308N Network Access Control Gateway User s Manual amp Group Setup Management gt Location Setup 0 Building 1 Building 2 Building 3 m 0 1 50 00 87 28 m ao 15 50 00 87 2bE Hostname WAP 854HP IP 192 158 2 560 OO 1A SO Oo ef 28 am Double click on managed APs icon the basic management setting page will appear Specify desired System Name Description Location HTTP Port and Telnet Port then click Save amp Reboot button to activate your change on managed APs MAC 00 1A 50 00 87 28 Management Setup System Information System Name WAP 854NP Description 8 amp 02 11n Industrial Access Point Location Login Methos HTTP Port 80 Enable Telnet vf Port 23
45. template Download to FC Recovery Step 2 Replace WAP 854NP D to WAP 854NP C Step 3 Click Recovery button on the WAP 854NP C 00 1A 50 00 87 2B Step 4 The Scanning Available AP window will appear reesen O Scanning Available AP 153 WMS 308N Network Access Control Gateway User s Manual Step 5 The WAP 854NP D 00 1A 50 00 87 31 will display on the Available Recovery AP List and the status show Available Use amp Device Discovery gt AP Profile Auto Recovery _Rescan iF Fass word tatuz Pro TE fivailalls ose Eacouaeng Step 6 Select WAP 854NP D and click Recovery button then the WAP 854NP D will reboot SUCCESS Recovery Success then dewice is reboot now Close Step 7 The WAP 854NP D 00 1A 50 00 87 31 will on the AP Profile Management List and the configuration will be the same with the WAP 854NP A A AP Profile Managonmaornt Status o Host Mame Address IP AddressiFosrt Fass word Las1 Update Time Ac thom Delete All CWARSSANP 192 160 2400 t0 Copy to template Download ta Restore Recovery Delete WAPBSANP OolASsOOoST 31 192 168 2 52 80 Cony to template Download tn PC Restore Delete OOD1ASODUORTSE 192 168 2 61 Copy to template Download to Restore Recovery Delete 154
46. to WMS 308N via LAN ports 14 WMS 308N Network Access Control Gateway User s Manual Rear Panel 1 Power SOCKET 12V DC Attach the power socket here 15 WMS 308N Network Access Control Gateway User s Manual 3 13 Hardwere Installation Please follow the steps mentioned below to install the hardware of WMS 308N 1 Place the WMS 308N at a best location The best location for WMS 308N is usually at the center of your wireless network 2 Connect WMS 308N to your outbound network device Connect end of the Ethernet cable to the WAN1 WAN port of WMS 308N on the front panel On your environment connect the other end of the cable to the external Internet The WAN1 WANZ2 LED indicator should be ON to indicate a proper connection 3 Connect WMS 308N to your network device Connect one end of the Ethernet cable to LAN port of WMS 308N on the front panel Connect the other end of cable to a PC for configuring the system The LAN LED indicator should be ON to indicate a proper connection 4 Connect the DC power adapter to the WMS 308N power socket on the rear panel a Please only use the power adapter supplied with the WMS 308N package Using a different power adapter may damage this system Now the hardware installation is completed a To double verify the wired connection between WMS 308N and your switch router hub please check the LED status indication of these network devices 16 WMS 308N Networ
47. to denote this group AP List Select available AP for group Dynamic Channel Allocation By default it s Disable To Enable to activated dynamic channel allocation function and select desired channels with specify RSSI Threshold and High Low Power Level the system will automatically assign suitable channel and TX power for group managed APs after the Sync Interval Please see section 4 4 2 Figure 4 3 depict flow chart for dynamic channel allocation RSSI Threshold 940 indicates 95 dbm on WAP 954GP and WAP 854NP RSSI Threshold 96100 respectively indicates 35 dbm and 1 dbm on WAP 954GP and WAP 854NP 102 WMS 308N Network Access Control Gateway User s Manual Dynamic Channel Allocation Service 9 Enable Disable Country US Band Mode 2 4GHz ae Free Channel Move Select Channel 1 2 412 Ghz 2 2 417 Ghz 3 2 422 Ghz e 4 2 427 Ghz gt 5 2 432 Ghz 6 2 437 Ghz 7 2 442 Ghz B 2 447 Ghz em 9 2 452 Ghz somm m i RSS Threshold 40 High Power Level Level 9 Low Power Level Level 3 Get all site survey in the same group APs Sort group managed APs scaning list No Select maximum scanimg list Free Select Channel Assigned AP s RSSI RSS Threshold No Assigned current Select Channel to AP with High Power Level Assigned current Select Channel to AP with Low Power Level Apply group managed APs Fi
48. to template database The alert window should be appear then enter desired template s name and click OK button to save Below depicts an example for copy profile to template Template is a mechanism that keep one AP as a standard profile then other APs can share the same Template without repeatedly keying all the parameters Explorer User Prompt Script Prompt Ok MAC UD 11 83 1 B 3bE D 3 Copy to template File Please input template name Cancel D011831B3ED3 WAP 854NP Download To Click Download button to save profile of the desired managed AP to local PC gt Restore Click Restore button to restore profile to managed AP the AP Profile Restore page will appear amp AP Profile Management gt AP Profile Restore AP Information v AP Information Display the MAC and IP address information of the selected managed AP s profile v Restore Type Select desired profile type for selected managed AP to restore The switch supports three types of restore method Load From AP Profile Load From Template Profile and Load From Upload File Click Restore button to change current managed AP with the selected profile Load From AP Profile Select desired profile from AP Profile List All imported profiles will be on the AP Profile List the system use MAC address 12 hex characters of the respective managed AP for profile s name Load From Template Template is a me
49. wired or wireless networks Hotspot technology allows Internet providers to offer Internet access to customers while applying certain Internet use rules and limitation It is convenient for Internet cafes hotels airports schools and universities The Internet provider gets complete tracking records of per customer time spent on the network data amount sent received real time accounting and more To begin browsing a client must go through a registration process with the provider and then enter a Passcode Username of access ticket in a browser Login window that appears on the attempt to open a webpage Hotspot technology proposes providers to establish and administrate a user database which can be useful for enterprise such as airports hotels or universities that offer wireless or Ethernet Internet connectivity to employees students guests or other groups of users Pregenerated Account OnDemand Account Database Database Load Balancing Rogue AP X j ii r E WMS 308N NAC Gateway b rt otras ore a POPS Server LDAP Server RADIUS Server Managed AP WMS 308N Network Access Control Gateway User s Manual 2 3 Specification gt Access Point Management and Support WMS 308N Network Access Gateway Controller Support B 120 Access Points per Controller B 500 wireless client per Controller B Provide
50. xir Favorites 5k LrreeHetmal 4 v E Certificate Error Navigation Blocked There is a problem with this website s security certificate The security certificate presented by this website was not issued by a trusted certificate authority The security certificate presented by this website was issued for a different website s address Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server We recommend that you close this webpage and do not continue to this website Click here to close this webpage Continue to this website not recommended More information Click Continue to this website to access the WMS 308N s GUI The WMS 308N s Home page will be appear 39 WMS 308N Network Access Control Gateway User s Manual 4 2 3 Configure SNMP SNMP is an application layer protocol that provides a message of format for communication between SNMP managers and agents By enabling SNMP function the administrator can obtain the system information remotely Please click on System gt SNMP Setup and follow the below setting a SNMP 5 SNMP v2c Enable Check to enable SNMP v2c gt rocommunity Set a community string to authorize read only access gt rwcommunity Set a community string to authorize read write access SNMP v3 Enable Check to enable SNMP v3 SNMPv3 supports the highest level SNMP security gt
51. you want to view location Refresh Click this button to reload the page Label Displays the name applied to the AP on the map B Online Users Display a list of users that are connected to the managed AP of the respective group amp Group Status IP AGdress SSID Acdress MAC Address RSSI TX RXSIQ TX RXDytes Connect Tene Actionis 197 165 2 61 APUD ge Lane Tae v ce BI Abico 39 IHIH 147155658 w215 01 00 Mock 110 y VV ve ve oV WMS 308N Network Access Control Gateway User s Manual Refresh Click this button to reload the page IP Address Display the IP address of the AP that the client is connected to ESSID Display the ESSID of the AP that the client is connected to AP MAC Address Display the MAC address of the AP that the client is connected to Client MAC Address Display the MAC address of the connected client RSSI Display the signal strength from the AP to the client TX RX Rate Display the transmitted and received data rate by the client TX RX SEQ Display the transmitted and received sequence of package by the client TX RX Bytes Display the transmitted and received bytes of data by the client Connect Time Display the total time the client has been connected for this session Actions Click an action button to perform the appropriate action v Block Click this button to block a specific client from accessing the AP of the respective group T
52. 0 192 1858 1 10 192 158 1 10 192 158 192 158 1 10 OB AB JEDE OF i 1 0 SSH Auth Type There will shows 6 types of authentication Pregenerated On Demand Local Users Local Radius Users Remote Radius LDAP and Guest WMS 308N Network Access Control Gateway User s Manual gt Status There will show 10 types of status as below v v v t y V VV LOGIN Denote the user login to the hotspot service LOGOUT Denote the user logout to the hotspot service IDLE TIMEOUT Denote the user idle time is over timeout setting of Service Domain the system will logout user automatically USE UP Denote the quota of time of user is over SESSION TIMEOUT Denote the user session timeout for connecting to remote RAIDUS VOLUME USE UP Denote the quota of volume of user is over KICK Denote the system kick out the user TIME OUT OF RANGE Denote the service time out of rangeule Passcode Username Denote the user s passcode or username IP Denote the user s IP address MAC Denote the user s MAC address Packets In Denote the current user s packets in Bytes In Denote the current user s bytes in Packet Out Denote the current user s packets out Bytes Out Denote the current user s bytes out B On Demand Log As shown in the following figure each line is traffic history record consisting of 14 fields Date Status Passcode Username IP MAC Packets In Bytes
53. 05 Gohlgure te aoi a 119 45050 121 PROUN m Mp ER 122 AG loai MN eI LS S UE 124 25 MEE GUI EE 124 EAO 125 zt rcd OG 127 Appendix A Web GUI valid Characters Appendix B System Manager Privileges 2 Sero o pe Coi Co pe oa neo aer etes Appendix D Examples of Making Payments for End Users Appendix E Issue Refund for pi nennen nennen Appendix F Appendix G Appendix H Example of AP Device Connection With VLAN Use Template to setup Managed Use Auto Recovery To Setup Managed Chgoter 1 Before You Start 11 Preface The WMS 308N is a full featured Network Access Control Gateway Controller that aggregates up to 120 access points APs built in 5000 local accounts on demand accounts and delivers centralized control and security for wireless deployments The WMS 308N is designed for applications in which
54. 12 07 14 15 77 08 15 00 usn d ZB HHE xY Unlimited Until bred Time E r LA ila 1B 27 13 10 00 WD Ede SBCYTWEE Unlimited End Time Uru 2012 87 10 15 79 13 P012 07 10 15 39 13 2012707715 15 39713 10 00 usn 2305 19g Unlimited End Tim ZIOLZ Q7 I0 15 39 18 P539 1B ZUlZIUF 15 15 39 1B 10 00 WD Eee Mersing 1 1o LO of 12 eerie B Plan Information Show plan information for this billing plan Service Denote the current status of billing plan Plan Name Denote the plan name of billing plan Price Denote the price charged of billing plan Wireless Information Denote the wireless information of billing plan Description Denote additional information of billing plan Type and Quota Denote billing type and service quota of billing plan Effective Starting Time Denote effective starting time of billing plan t y y V V V y Effective Ending Time Denote effective ending time of billing plan Click Preview button to preview ticket in the billing plan Below depicts an example for previewing ticket Click Close button to close window 62 WMS 308N Network Access Control Gateway Package 0 P Passcode ee 10 00 USD D Type Unlimited Until End Time B Create Time 2012 07 10 15 52 49 itm Start Time 2012 07 10 15 52 49 End Time 2012 07 15 15 52 49 ESSID APOO gt Wireless Information KEY 1234567890 o D
55. 13 14 19 27 USD 2 00 2012 02 13 14 19 37 150 2 00 2012 02 13 14 19 45 USD 2 00 2012 02 13 14 19 53 USD 2 00 2012 02 13 14 20 24 USD 2 00 2012 02 13 14 20 43 USD 10 00 2012 02 13 14 37 24 USD 2 00 2012 02 13 14 42 46 USD 2 00 2012 02 13 14 43 42 USD 2 00 2012 02 13 14 55 54 USD 2 00 2012 02 13 15 04 13 USD 2 00 2012 02 13 15 05 02 USD 2 00 2012 02 13 15 05 52 USD 2 00 2012 02 13 15 15 56 150 2 00 2012 02 13 15 15 56 USD 2 00 2012 02 13 15 17 47 USD 5 00 Location Status Username IF Packets In Bytes In ADD OD ACCOUNT UEJIeGNGS n g n 00 00 00 00 00 00 0 OF ADD OD ACCOUNT EFESYG6 3 0 0 0 0 00 00 00 00 00 00 0 OF 0 ADD OD ACCOUNT ZUCWEESS 0 0 0 0 00 00 00 00 00 00 0 OF ADD OD ACCOUNT CELTS 0 0 0 0 00 00 00 00 00 00 0 OF ADD OD ACCOUNT FAE7CDHCE 0 0 0 0 00 00 00 00 00 00 0 OF 400 OD ACCOUNT 0 0 0 0 00 00 00 00 00 00 0 OF LOGIN ALOT SS 192 166 3 10 E4 CE SF 4B 02 9E 0 OF USE UP XESS 192 166 3 10 E4 CE BF 4B C2 9E 146256 201 165 80276 LOGIN 4 192 166 3 10 E4 CE SF 4B 02 9E 0 OF IDLE TIMEOUT 5 192 168 3 10 E4 CE SF 4B 02 9E 15119 20 654 5054 LOGIN FAE7CDHCE 192 166 3 10 E4 CE SF 4B 02 9E 0 OF LOGOUT FAE7CDHCE 192 166 3 10 4 4 1549 1 723HEB 1295 LOGIN 4 5 192 165 3 10 E4 CE SF 4B 02 9E 1 TAE a EICE 5 192 166 3 10 E4 CE BF 4B C2 9E 3799 2 0 4879 DELETE 00
56. 2618 IEEE802 1X user authentication of controller management on controller Telnet and console sessions Multiple access privilege levels Hierarchical management and password protection for management interface EAP offload for AAA server scalability and survivability otateful 802 1X authentication for standalone APs SSID and Location based authentication Multi SSID support for operation of Multiple WLANs Simultaneous Centralized and distributed WLAN support Identity Based Security 802 1X Authentication with WPA WAP2 and 802 111 Local Accounts of 802 1X Authentication gt WMS 308N Network Access Control Gateway User s Manual B Support RADIUS LDAP POP3 for AAA server m User Name and encryption key binding for strong network identity creation B Local User Data Base for AAA fail over protection Wireless Roaming Support B Inter AP roaming B Fast roaming B L2 roaming User Management VVUVVV Vv vv V V Support 500 simultaneous authentication users Max 5000 Pregenerated On Demand Local RADIUS authentication users Users Session Management Configurable user Black list with schedule Allows MAC address and user identity binding for local user authentication Authentication methods supported Pregenerated On Demand Local RADIUS LDAP and Remote RADIUS and POP3 SSL protected login portal page Session and account expiration control User Log and traffic statistic notification via automatically email
57. 3 letters characters Quantity of Tickets 1 3069 Passcode Length 8 31 default is 8 Wireless Information Up to 512 characters Description Up to 32 characters Space Time Quota 1 366x24x60 default is 60 Volume Quota Default 10 Max is 102400 Effective Start End Time Date Time Format MM DD YYYY HH MM otart Time End Time Billing Plan Plan Name Up to 32 characters Price 1 7 digit number Currency 1 3 letters characters Passcode Length 8 31 default is 8 Wireless Information Up to 512 characters Description Up to 100 characters Space Paypal Description Up to 100 characters Space Time Quota 1 366x24x60 default is 60 Volume Quota Default 10 Max is 102400 Thermal Printer IP Address A B C D IP Format Command Port 1 65535 default is 5000 New Lock Password 4 8 digit number Confirm Lock Password 4 8 digit number Balance Date Time format HH MM Description Up to 32 characters Space 131 WMS 308N Network Access Control Gateway User s Manual Table A Web GUI Valid Characters continued Block Field Valid Characters Local RADIUS Group Length 4 16 0 9 A Z a z Username Length 4 16 0 9 A Z a z _ lt gt Password Length 4 16 0 9 A Z a z _ lt gt MAC Address MAC Format 12 HEX charac
58. 3SRZC2KY 10 00 USD e Tvpe Unlimited Until End Time fa Create Time 2012 07 10 15 55 30 m Start Time 2012 07 10 15 55 30 e End Time 2012 07 15 15 55 30 ESSID APOO Wireless Information KEY 1234567890 o Description Print Close Click Print button to print On Demand Tickets from Thermal Printer Type Quota Denote the billing type and service quota on this ticket Status Denote the current status on this ticket There three types of status Unused Used and Expired Create Time Denote the time of create on this ticket Open Time Denote the time of the first time used on this ticket Start Time Denote the effective starting time on this ticket End Time Denote the effective ending time on this ticket Last Login Denote the last login time on this ticket Price Denote the price of the charged on this ticket Currency Denote the currency of the charged on this ticket y V VV V v yyy Actions Click an action button to perform the appropriate action 71 WMS 308N Network Access Control Gateway User s Manual v Delete This will delete the ticket individually When administrator click Delete button the alert message will appear as below Message from webpage E Do vau want to delete the ticket Click Refresh button to renew this page On this List it only shows all of generated tickets from Thermal Printer After you login system via On Demand authentica
59. 4 371 Contigure Service DOMAIN jazi iuo siia 48 4 3 2 Configure Authentication cece nennen nnne 53 4 3 2 1 Authentication nennen nnne nnn nens nnns o3 4 3 2 2 Configure Pregenerated Tickets 54 4 3 2 3 amus 59 43231 Create Biling 60 4 3 2 3 2 Create On Demand Users uua Mi eed 62 4 3 2 3 3 Configure External Payment 65 4 3 2 3 4 Configure Thermal PFIDter ero E EL Ov ee o evt 68 49 2 99 Bling Plan SebOE auti entendre E MER made tud uet 13 A 3 2 3 0 Ticket Customization oco dried tape cede 74 4 3 2 4 Configure Local Radius 75 4 3 2 5 Configure Remote Radius 78 4320 Conrqure L DAR Server is verse acta ae cate ena 79 AO ACOMUGUIC POPS SerVelodanioted een ui NA 80 43 9 oh gure Privilege BIS aloe te actos aes eee nae eee 81 ASA Configure Walled Garden e ed a t tea s xv ted pape tutto uda doi boul 02 4395 C
60. 41 WMS 308N Network Access Control Gateway User s Manual Step 5 After clicking Pay Now button the process of paying confirm will appear Please don t close this window NAC Gateway Access Controller Paying now Step 6 After paying confirm the system will create Passcode for end users login Click Login button to enter Login page Write down your Login Passcode before you click Login button Create Success Login Passcode MC7MK667 Fu Invoice Number 100600001 Price 1 TWD lel Type sors Time 60 a Create Time 2010 06 17 21 18 24 Starting Time 2010 06 17 21 18 24 e Ending Time 2010 06 22 21 18 24 FUE Wireless ESSID APOO Test Wireless Key Description Login Access Controller Passcode 142 WMS 308N Network Access Control Gateway User s Manual goendix Issue Refund for PayPal Step 1 Click on Service Domain gt Authentication gt On Demand gt Payment Gateway Setup and then click Information button on the Billing Plan Setup List to enter Payment Gateway Information page Click on selected passcode s hyperlinks for viewing this ticket s Invoice Number EL EL EL E E EL EL EL Plan Code Type Quota Status Create Time Open Time Start Time End Time Last Login Pr
61. 42 i Lot 1 i H Delete 5BIRZSFZ ome Time Hinum 2z011 01 17 15 597 57 17 17 1 J Delere SOT 1 1007 Thermal Printer Information Show setting information in this Thermal Printer Status Display Thermal Printer status currently IP Address Denote IP address for this PSS 120 Command Port Denote command port for this Thermal Printer COM Port Denote COM port for this PSS 120 Date Denote balance date for this Thermal Printer Description Denote additional information for this Thermal Printer Click Edit button to enter Thermal Printer Setup page 70 WMS 308N Network Access Control Gateway User s Manual gt Statistic Show on demand users statistic information for this billing plan Ticket Qty Denote ticket s quantity in this Thermal Printer Used Ticket Qty Denote used ticket s quantity in this Thermal Printer Expired Ticket Qty Denote expired ticket s quantity in this Thermal Printer Total Price Denote total ticket s price and currency in this Thermal Printer Tickets per day Show the bar chart of quantity of the ticket from thermal printer Tickets List Show tickets information Plan Denote billing plan for this ticket Code User can used ticket s Passcode for access Internet Clicking hyperlinks to view this ticket information as below Click Print button the ticket will print from Thermal Printer again Package 0 P Passcode
62. 9B 2011 02 15 12 25 22 NEW testiGLocal Radius TCP dm 0 192 168 1 10 sport 3688 dst 122 116 218 88 dport 80 00 1 92 9 4 2011 02 15 12 25 22 NEW testi Local Radius TCP dm 0 192 168 1 10 sport 3690 dst 122 116 218 88 dport 80 00 1 92 9 4 2011 02 15 12 25 22 NEW testi Local Radius TCP dm 0 2rc 1932 168 1 10 sport 3691 dst 202 89 225 189 dport 443 00 1 92 9 4 9 2011 02 15 12 25 23 NEW testi Local Radius dm 0 zrc 182 168 1 10 sport 3694 dst 122 116 218 88 dport 80 MAC O0O0 1A 82 9F 4A4 2011 02 15 12 25 23 NEW testi Local Radius TCP dm 0 zrc 192 168 1 10 sport 3695 dst 122 116 218 88 dport 80 MAC O00 1A 92 9F A4 9B 2011 02 15 12 25 38 NEW testi Local Radius dm 0 192 168 1 10 sport 3725 dst 119 160 246 241 dport 80 00 1 92 9 4 9 2011 02 15 12 25 38 NEW testi Local Radius TCP dm 0 zrc 1982 168 1 10 sport 3732 dst 119 160 254 215 dport 80 00 1 92 9 4 9 2011 02 15 12 25 38 NEW testi Local Radius TCP dm 0 192 168 1 10 sport 3733 dst 119 160 254 215 dport 80 MAC 00 1A 92 9F A4 9 2011 02 15 12 25 38 NEW testi Local Radius TCP dm 0 192 168 1 10 sport 3736 dst 119 160 254 215 dport 80 00 1 92 9 4 9 B Billing Report The log 2612 62 14 11 88 88 Mame On Demand Payment Gateway Thermal Printer Amount Qty Unit Price Subtotal A Plani 19 A B 19 146 88 198 88 USD 1 Plan2 18 A B 18 14 412 USD 2
63. ACCOUNT FAEVCHCS 0 0 0 0 00 00 00 00 00 00 0 OF 0 ADD OD ACCOUNT BCOBEC g g 0 00 00 00 00 00 00 0 OF 3 S 76HE E 325 3EB 0E 145 5EB 1045 2U7 6KB E 2012 02 15 14 19 27 2012 02 13 14 19 37 2012 02 13 14 19 45 2012 02 13 14 19 53 2012 02 13 14 20 24 2012 02 13 14 20 43 2012 02 13 14 19 53 2012 02 13 14 19 53 2012 02 13 14 20 24 2012 02 13 14 20 24 2012 02 13 14 20 24 2012 02 13 14 20 24 2012 02 15 14 20 24 2012 02 13 14 20 24 2012 02 13 14 20 24 2012 02 13 15 17 47 2012 02 15 14 19 27 2012 02 18 14 19 37 2012 02 18 14 19 45 2012 02 15 14 19 53 2012 02 18 14 20 24 2012 02 18 14 20 43 2012 02 15 14 19 53 2012 02 18 14 19 53 2012 02 18 14 20 24 2012 02 15 14 20 24 2012 02 18 14 20 24 2012 02 18 14 20 24 2012 02 15 14 20 24 2012 02 18 14 20 24 2012 02 18 14 20 24 2012 02 15 15 17 47 Cash Cash Date Denote the current event s date and time Location Denote the current device s location gt Status There will show 10 types of status as below v v v t y y V ve V MV y v IP Bytes Out LOGIN Denote the user login to the hotspot service LOGOUT Denote the user logout to the hotspot service IDLE TIMEOUT Denote the user idle time is over timeout setting of Service Domain the system will logout user automatically USE UP Denote the quota of time of user is over VOLUME USE UP
64. AN Port The bonding interface for the respective Service Domain Ticket On demand Local Users Remote Radius Server LDAP and POP3 page pop up 47 WAN Port Denote the outgoing traffic for the respective Service Domain Redirect URL The redirect URL for this Login page of Service Domain 1 IPPnP Service Denote status of IP PnP service for the respective Service Domain Guest Service Denote status of Guest service for the respective Service Domain User s Manual Domain 3 pg LAN Port vL ANS P Auth Ty pas WAH Fort IPPRP Service B Guest Service D Tune Policy Redirect URL amp B tag iri Page Demain 7 E LAH Port F Auth Type z WAN Port dr IPPrP Service g Guest Service D Poliry gf Redirect URL B Login Page Schedule Denote the schedule of authentication service on the respective Service Domain Preganersbad Takat On demand Loral users Raermate Radius Serer LOA Serer POPS Server eut el oft alee fun Link Template Page VLANT Pregenerakted Cin damand Loca Lud Rantala LDAP Sara BERS Saree Auto an el Almays Run Lirik Template Page Auth Type The authentication type for the respective Service Domain There are Six types Pregenereated Login Page Denote the custom page for this Service Domain There are two types Template page or Upload Click tools icon on the top right corner of each Doma
65. Address Domain A B C D IP Format or Domain IP Address to Ping A B C D IP Format Ping Interval 60 3600 default is 300 Startup Delay 60 3600 default is 300 Failure Count To Reboot 1 99 default is 3 SNMP RO RW community Length 1 32 0 9 A Z a z _ lt gt 7 i RO RW user Length 1 31 0 9 A Z a z _ lt gt RO RW password Length 8 32 0 9 A Z a z _ lt gt i Community Length 1 32 0 9 A Z a z _ lt gt i IP A B C D IP Format 129 WMS 308N Network Access Control Gateway User s Manual Table A Web GUI Valid Characters continued Block Field Valid Characters IPv6 WAN1 Primary Secondary DNS n n n n n n n n IPv6 Format IPv6 Address n n n n n n n n IPv6 Format Subnet Prefix Length 0 128 default is 64 Default Gateway n n n n n n n n IPv6 Format Remote IPvA4 Address A B C D IP Format Relay IPv6 Address n n n n n n n n IPv6 Format with 0 128 Prefix Length Local IPv6 Address n n n n n n n n IPv6 Format with 0 128 Prefix Length 6to4 Address n n n n n IPv6 Format 6to4 Relay n n n n n n n n IPv6 Format IPv6 LAN VLAN IPv6 Address n n n n n n n n IPv6 Format n n n n n IPv6 Format for 6to4 WAN Type IPv6 Address Range Start n n n n n n n n IPv6 Format n n n n n IPv6 Format for 6to4 WAN Type IPv6 Address Range End n n n n n n n n IPv6 Format n n n n
66. BB z1 2f 2f Bc iab 88 WMS 308N Network Access Control Gateway User s Manual 4 3 6 Monitor Online Users The administrator can view status of all online users on each Service Domain Please click on Service Domain gt Online Users the page of Online Users will appear Below depicts an example for Online User Information There provided information of Passocde IP Address MAC Address Login Time Packets In Out and Bytes In Out amp Online Users Show En F entries Ph el Ph P me ut Auth Type Passcode Username MAC Address Login Time Packets In Out Bytes In Out Logout Local Users testi 197 168 1 11 00 16 D4 33 32 6B 2010 11 22 13 15 51 1703 2318 376 9KE 4565 7 KB Logout Pregenerated ECPX FIT 192 168 101 10 00 15 AF 16 73 3D 2010 11 22 13 25 55 15 20 FJUKB 1 7KE Logout Showing 1 to 2 of 2 entries Auth Type Denote the current user s authentication type m Passcode Username Denote the current user s passcode or username m Address Denote the current user s IP address m MAC Address Denote the current user s MAC address Login Time Denote the login time on this user B Packets In Out Denote the current user s packets in and out m Bytes In Out Denote the current user s bytes in and out B Actions Click Logout option to logout online users Click Refresh button to renew this page 89 4 3 7 Log Information WMS 308N Network Access
67. Choose a Value Taiwan Mew Dollars Customer Service Phone 4886 e 1 Business URL optional fF Secure Transaction e Your Business Information Please enter ihe information lor your group onganizalion government nonrprolit individual business or pariners hip Please enter ihe tull email address lor example name gpdomain com This email address will be shared only with 1hose who purchase irom you H will be provided buyers during payment so hat they can contact you il needed You will be asked erter an email address for your Pay Pal profile on ihe next page 11 can be ihe same or diferent trom your Customer Service Email Please enter your Business URL lor example www businessname com PPP PPP Step 2 Edit NECESSARY settings in API Access Please click on Profile gt API Access in the Account Information PayPal My Account Send Money Request Money Merchant Services Products amp Services EH Owerview Add Funds Withdraw History Resoution Center Profie Summary Name Justin Shen Secure hlerc hari Account ID To edit your Profile information please click on a link below Account Information Email Street Address Phone Password Nol Fications Language Preference Time Zone iManage User API Access Business Information Additional Owners Glose Account Identification Preferen
68. Control Gateway User s Manual The WMS 308N can record authentication traffic history or On Demand event and the system will automatically send out the history information via notification service See Notification page The history of each day will be saved separately in the DRAM for 3 days and sorted by time the traffic provides all login and logout activity of specific date Other informations include Passocde Username IP Address MAC Address Packets In Out and Bytes In Out Please click on Service Domain gt Log Info the page of Log Info will appear amp Log Traffic Log 2011 On Demand Log 2011 02 15 02 15 The all history log are saved in the DRAM if you need restart system and also keep the history please manually copy and save the informations before restarting B Traffic Log As shown in the following figure each line is traffic history record consisting of 10 fields Date Auth Type Status Passcode Username IP MAC Packets In Bytes In Packets Out and Bytes Out Traffic Loe Premeneraren TIME OUT OF RAMCE GEDRDRE Local LOGIN est cal User nau Cin Demand LOCIS XKFL HPA T ge d IME OUT Of RANGE XKECHEA b ues Quei LIP On Denand LOGIN THUNK FEL Demang DLE TIMEOUT EE On Demand LOGIN ZWBHXTEE Uer d USL LIF Pregeneraced LOGIN UTCA Showing 1 to 1 of 15 enhies Date Denote that current event s date and time 12 168 11 1
69. D will change to Amber LED 45 WMS 308N Network Access Control Gateway User s Manual 4 2 8 Reboot v This function allows administrator to restart system with existing or most current settings when changes are made v Click Reboot button to proceed and take around three minutes to complete Please click on Utilities Reboot v follow the below setting amp Reboot Sometimes it may be necessary to reboot the system if it begins working improperly Rebooting the system will not delete any of your configuration settings Click reboot button to reboot the system A reminder will be available for remaining time to complete If power cycle is necessary please wait till completion of the reboot process Please Wait ystem is restarting please wait for 75 seconds The Home page appears upon the completion of reboot 46 WMS 308N Network Access Control Gateway 4 3 Access To External Network With Service Domain WMS 308N supports 8 Service Domain administrator can quickly setup via this page amp Service Domain Setup Trim I 2 m E LAN IPrart LAH Aioth aem WAH Port FP PaP Service i Guest Service D Policy S Redirect URL Lagin Page Pregecqnersted Cin demand Lora sers Remote Radius Gerver LDAP Server BDPS Server Palo el etf Ahay Hin Lirsk Template Page p LAN Port 8 Auth Type i WAN Po
70. Done button to finish process View or Remove API Signature Enck to Profile Summary For preconfigured shopping carts and paste the API usemame password amd into your shopping conigurti n or admanes tration screen For building custom shopping carts Store ihe following ceedential in a eecure locaton with limited access Sigmiure AP Userrmme pst apt pheenet com bh PHEA M MEXEXXNEXXEXIXXXNEXNMXENENPJEXE Signature Ay lw AWOyzbHC vFaSagH Un II P LAaATbgeOPgT WwkeDROT1WW yigEC 7 Wum Jun 7 2010 17 55 47 GMT Paeguest Date E 139 WMS 308N Network Access Control Gateway User s Manual Appendix D Examples of Making Payrrents for End Users Step 1 Click the link below the login window to pay for the service by credit card via PayPal NAC Gateway Access Controller Passcode Internet service Step 2 Select service package and Click Buy Now button to send out this transaction There will be a connecting message as below NAC Gateway Access Controller Price Type Effective Time Range USD 10 00 Unlimited O days O hrs 0 mins to 5 days 0 hrs 0 mins USD 5 00 Multiple Times 60 Mins 0 days hrs mains to 5 days 0 hrs 0 mins USD 3 00 One Time 60 Mins O days O hrs 0 mins to 5 days 0 hrs 0 mins USD 5 00 Volume 3000 MB days hrs mins to 5 days 0 hrs 0 mins NAC Gateway A
71. ERR P Amd AP 192 168 2 60 255 255 255 0 192 168 2 1 Saves Reboot AP aat USF LER 7 61 1 i Cenk RO V1 9 SOUP PGT IIE 18 27 25 16B8 2 61 SES 255 255 0 197 168 7 1 Same 1 a2 165 2 64 18 y Prete rat 1 Ler AP MIH IAYLI 1 5 3012 07 21 18 07 25 Ap ba 65 Poe Boe ET Loe LES 1 LAN Setup System Message 192 168 260 Increment IP Address MAC Address E B Discover Click Discover button to search managed AP device on your network B Get Info Click Start button to get current informations of the selected managed AP Select desired managed AP and click Import to database button to import respective managed AP s profile to system then the success message Import to Database will be displayed on System Message field Up to 120 managed APs can be imported to system If the managed AP s IP address are the same or already exist in the profile list the system can t import profile to database please use LAN Setup to configure different IP address of the respective managed AP before you import profile to system B Source IP Denote the current IP address of the respective managed AP B MAC Address Denote the current MAC address of the respective managed AP Password Enter the specified the password in the password field of the top of the list and click Discover button to access managed AP the system u
72. Local Account 5000 AP Management Control Monitoring B Centralized AP Management v NN SN S S AP Group management maintain a set of setting templates that simplify the task to assign the same setting to multiple APs AP Automatic configuration and provisioning by WMS 308N Locally maintained configuration profiles for managed APs Auto discovery for managed APs Automatic recovery of APs in case of system failure Central firmware Upgrade Select multiple APs and upgrade their firmware at the same time including bulk upgrade Remote Firmware upgrade Zero Configuration technology to restore defective AP s setting onto the replacement AP B Central AP Control v v v Provides MAC address Control list of client stations for each managed APs Access Filter Time based AP access control Single Ul for upgrading and restoring managed APs firmware WLAN Partition if enabled WLAN clients are not allowed to exchange data through the AP WAP 854NP WAP 954GP WAP 1954NP WAP 1954NP C CPE 2010G CPE 2000GN 1 WLO 15814N WLO 15802N WLO 12400N WLO 12410N Max allowed APs Support Roaming Intra Switch Inter band Inter Switch B Central AP Monitoring NN NS S S S S Monitor AP Status The number of associated clients to the AP The AP RF information Associated Station List Monitoring IP List Load balancing based on number of users Load balancing based on utilization WM
73. N Traffic The section is for administrators to configure the control over the entire system s traffic though the WAN interface WAN1 and WAN2 ports amp WAN Traffic Semp m Traffic Setup Primary WAN Interface Select desired primary WAN interface for system Traffic Mode There are three types None Load Balance and Backup v Load Balance Outbound load balancing is supported by the system When enabled the system will allocate traffic between WAN1 and WAN2 dynamically according to designed algorithms based on the Bandwidth e WAN1 Max Bandwidth Specify the maximum download and upload bandwidth that can be shared by clients of the port e WAN2 Max Bandwidth Specify the maximum download and upload bandwidth that can be shared by clients of the WAN2 port On the Load Balance traffic mode the primary WAN port is WAN1 When the WAN1 connection is down the WAN 2 will backup automatically v Backup When primary WAN interface is WAN1 and WAN is available WAN1 s traffic will be routed to WAN2 when WAN 1 connection is down When WAN 1 connection is up the route traffic will be connected back to WAN1 automatically Connection Detect The connect detect sets the WMS 308N Device to continuously ping a user defined IP address it can be the Internet gateway for example If it is unable to ping under the user defined constraints the WMS 308N device will change Primary WAN interface to secon
74. OSPF Denote the static routing rule to OSPF RIP Denote the static routing rule to RIP yy y V y v Actions Click an action button to perform the appropriate action v Edit Click this option to edit selected static routing rule v Delete Click this option to delete selected static routing rule 123 WMS 308N Network Access Control Gateway User s Manual 46 Observer the Status 46 1 Overview Detailed information on System Network DHCP Clients and Service Domain can be reviewed via this page System Service Domain AP Management Advance Utilities Status amp Overview EN E MEN E System Info Bx Port Link Info Gh x WANT Monitor Host Name WMS 308N 125 00 System Infa parent cae WANT WAN 100 00 Port Link Info CPU Info Description Network Access Control Gateway 75 00 Memory Info Firmware Version Cen AC W003 50 00 Firmware Date 2011 03 24 12 30 58 25 00 LAH1 LAN LANS LANA Device Time 2011 03 28 02 55 59 etm ea one i eie 1 li namie once System Up Time 24 03 DE erence tr Mod Primary DNS Status Renew Secondary DNS MAC Address 00 1A 50 00 74 54 IP Address Hetmask Gateway ww il m LAN Monitor Gu Ticket Count a x Online Users Network 1000 00 Auth Tickets Domain Auth Guest DHCP Clients 800 00 Pregenerared Domain 0 0 0 600 00 On Demand 0 Domain 1 0 D Service Domain TE 400 00 Payment Gateway J Domain 2 0 200 00 Thermal Printer 6 Domain 3 o
75. Plans 8 A B 2 HB 16 88 USD Plant 1 A B 18 2 HBH 2 HH USD 4 Package 4 A A B a 4 88 4 88 USD Package a A A 8 88 8 88 usp 6 Package 6 a A A 8 88 8 88 usp 7 Package 7 a A A 8 88 A A usp 8 Package 8 A A A B na usp 9 Package 9 A A A A B ng usp 47 A 47 276 48 usp B Monitor IP Report The log record unreachable monitor IP report As shown in the following figure each line is a Monitor IP report record consisting of Date Time URL 2012 08 06 13 42 41 http 192 168 2 60 offline 2012 08 06 13 42 44 http 192 168 2 61 offline 2012 08 06 13 42 47 http 192 168 2 64 offline 2012 08 06 13 44 08 http 192 168 2 60 offline 2012 08 06 13 44 10 http 192 168 2 61 offline 2012 08 06 13 44 13 http 192 168 2 64 offline B AP Status The log record unreachable managed APs or detect rogue AP As shown in the following figure for unreachable each line is a AP Status record consisting of Date Time Host Name IP address MAC address 281278806 12 38 39 APOEBPX 192 168 27 61 ARAZEFCTCABH off Line enlz na B 6 12 38 39 APOEBPX 192 1568 2 8604 HH11531B3ED4 aff Line 281278806 12 38 42 APOEBPX 192 168 27 60 AAS 1 FeEFRCAB off Line As shown in the following figure for detecting rogue AP each line is a AP Status record consisting of Date Time ESSID MAC address 2612 66 25 Ha 29 12 Rogue AP Detection Test AP
76. S 308N Network Access Control Gateway User s Manual AP User Statistic Maintain all wireless clients connection history and depict statics in diagrams Support Monitor IP on third party APs System alarms and status reports on managed APs Topology Monitor list monitored device periodically updates devices status AP life check real time tracking monitors APs status AP Health Checking NN NS S S S Provide centralized remote management via HTTP SNMP interface v SYSLOG support including remote servers Radio Resource Management E H EH EH EH EH EH NH EH ES NH EH EH EH EH EH NH NH NH NH NH NH NE E Automatic Channel Assignment and power setting for controlled APs Simultaneous air monitoring and end user service Self healing coverage based on dynamic RF condition Dense deployment options for capacity optimizations Multiple BSSID per Radio 8 Hot Standby at AP mode supports fail over as a standby AP Load Balance with another available AP Real time users limitation Radio Management Coverage interference detection ireless Encryption WPA personal and enterprise WPA2 personal and enterprise AES CCMP 128bit FIP 197 WEP40 64 and 104 128 bit TKIP RC4 40 SSL and TLS RC4 128 bit and RSA1024 and 2048 bit EAP TLS EAP TTL MSCHAPv2 ireless Security IEEE802 1X network login user authentication EAP MD5 TLS TTLs EAP over LAN EAPoL transport with PEAP and EAP TLS authentication RADIUS server authentication RFC
77. STI infe for root frem 1942 12 Ga 10d J000 03 01 00 06 01 243 inie Authankieabiem puceessful fer root rem 192 168 272 259 d000203201 00 06 03 System Enfa gucoeskfiul for root from 192 168 2 100 Devices Select a specific managed AP to get system log Refresh Click this button to reload the page Time The date and time when the event occurred Facility It helps users to identify source of events such System or User 5 11 Severity Severity level that a specific event is associated such as info 5 11 error warning etc Message Description of the event 111 WMS 308N Network Access Control Gateway User s Manual 4 4 7 Rogue AP Detection Wireless networks extend wired networks and increase worker productivity and access to information However an unauthorized wireless network presents an additional layer of security concerns Less thought is put into port security on wired networks and wireless networks are an easy extension to wired networks Therefore an employee who brings his or her own Access Point AP into a well secured wireless or wired infrastructure and allows unauthorized users access to this otherwise secured network can easily compromise a secure network Rogue detection allows the network administrator to monitor and eliminate this security concern This section provides rogue AP detection the system can detect the AP is not in the managed AP l
78. TE 201 ji OO 2C Copy to template Restere Delete In a 152 WMS 308N Network Access Control Gateway User s Manual Appendix H Use Auto Recovery To Setuo Managed AP WMS 308N supports centralized management of each AP When the system has failed AP the administrator needs to replace the AP and set the same as before Using WMS 308N to quickly configure new AP the new AP s setting will be the same as before Below depicts an example for Auto Recovery function Environment Description In this case the WMS 308N control three managed APs and one of managed AP is failed We replace new AP and use Auto Recovery to quickly setup 1 Four WAP 854NP managed APs e WAP 854NP A 00 1A 50 00 87 28 e WAP 854NP B 00 1A 50 00 87 2E e WAP 854NP C 00 1A 50 00 87 2B e WAP 854NP D 00 1A 50 00 87 31 2 Replace WAP 854NP D to WAP 854NP C Step 1 The WMS 308N can t detect WAP 854NP C on AP Profile Management page AP Profile Management Status Host llame MAC Address IF Addrezz Fort Password Last Update Time Ac thons Delete All Wahai 001450005728 192168 2 50 80 essensa 2010 01 01 000 1 Recovery WAPSHIRP wQUIOACHILDO E 1 Z lbH z bl 00 Freee ARRU G I A01 UO Ug oo la ternplasue Download le store Recovery pee WARS Bee 00 SO FE 192 168 2 6 eo SO OA ii 09 12 Copy to
79. a compact cost effective all in one networking solution is required The WMS 308N included a policy forced firewall Intelligent Dual WAN Load balance Wireless LAN controller IP sharing and 4 Port Giga Ethernet switch in a desktop mount enclosure This device centrallized configuration and management model enables the controllers to be deployed monitored and controlled without local IT staff 12 Package Contents B WMS 308N x 1 B CD ROM With User Manual and QIG x 1 B Power Adapter DC 12V 1 5A x 1 B RJ 45 Ethernet Cable x 1 a It is highly recommended to use all the supplies in the package instead of substituting any components by other suppliers to guarantee best performance Chapter 2 System Overview 21 Introduction of WMS 308N The WMS 308N applies to public access network such as WiFi Hotspot network management guest access hospitality deployments which requires reliability efficiency and security It combines an IP Router Firewall Multi WAN QoS enforcement and Access Controller for use in wireless environments One single WMS 308N can serve up to 500 simultaneous users takes control over authentication authorization accounting and routing to the Internet as well as to the operating central Built in AAA system allows the owners set up public access services without extra RADIUS server 22 System Concept WMS 308N Network Access Gateway Controller provides authentication authorization and accounting for a
80. al RADIUS Accounts Remote RADIUS Server and Remote LDAP Server and POP3 This section depicts to configure the settings for pregenerated tickets on demand users and authentication server If authentication does not selected the clients can access Internet without authentication 4 3 2 1 Authentication Management The WMS 308N supports multiple login for one accounts and administrator can configure alias name of the respective authentication type on login page Please click on Service Domain Authentication Authentication Management and follow the below setting amp Authentication Management Multiple Login Service Enable Disable Auth Type Alias Auth Type Service Name Description Pregenerated Ticket Pregenerated Ticket Po Remote Radius Server LDAP Server m Multiple Login Click Enable button to activate multiple login service and Disable to inactivate multiple login service Auth Type Denote authentication type of the system m Service Name Enter desired alias name of the respective authentication type on login page Description Enter desired description name of the respective authentication type Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 5 WMS 308N Network Access Control Gateway User s Manual 4 3 2 2 Configure Pregenerated Tickets This section is for administrators to pregenerated authe
81. an Denote the billing plan on this ticket Code User can used Passcode of ticket for access Internet Type Quota Denote the billing type and service quota on this ticket Status Denote the current status on this ticket There three types of status Unused Used and Expired Create Time Denote the time of create on this ticket Open Time Denote the time of the first time used on this ticket Start Time Denote effective starting time on this ticket End Time Denote effective ending time on this ticket Last Login Denote the last login time on this ticket Price Denote the price of the charged on this ticket Currency Denote the currency of the charged on this ticket Actions Click an action button to perform the appropriate action v Delete Click this option to remove ticket from this billing plan When administrator click this option the alert message will appear as below Message from webpage E 22 Do you want bo delete the ticket Click Refresh button to renew this page The list only shows generate of the ticket by clicking Add Account button After you login system via On Demand authentication the timer page will appear Don t close Timer page Because the Logout button on this page If Timer Page doesn t appear in the browser please enter http s domainO login to open Timer Page see section 4 3 1 64 WMS 308N Network Access Control Gateway User s Manual 43233 Configure External Paym
82. appear as below Message from webpage E Do you want bo delete Ehe ticket Click Refresh button to renew this page b On this List it only shows all of generated tickets through External Payment Gateway After you login system via On Demand authentication the timer page will appear Don t close Timer page Because the Logout button on this page If Timer Page doesn t appear in the browser please enter http s domain0 login to open Timer Page see section 4 3 1 If administrator wants to refund transaction please see Appendix E Issue Refund for PayPal 67 WMS 308N Network Access Control Gateway User s Manual WMS 308N can generate ticket of on demand users manually or automatically from Thermal Printer Please click on Service Domain gt Authentication gt On Demand gt Thermal Printer Setup to enter the Thermal Printer List page In the Thermal Printer List page Administrator may configure Thermal Printer setting and generate tickets manually and delete tickets amp Service Domain gt Billing Plans Setup gt Thermal Printer Setup Thermal Printer List Status IP Address Command Port COM Port Date Description Edit Info 0 Off 5000 COMI 23 59 Edit Info Off 5000 COM 23 50 Edit Info 2 Off 5000 COM 23 5 Edit Info 3 Off S000 COM 23 50 Edit Info Off S000 COM 23 59 Edit Info 5 5000 COMI 23 59 Edit Info 6 Off S000 COM 23 59 Edit Info 7 Off 5000 COM 23 50 Edit Inf
83. at packet loss and latency time are available in the Result field while running the PING test Destination IP Domain Enter desired domain name i e www google com or IP address of the destination and click ping button to proceed The ping result will be shown in the Result field Times By default it s 5 and the range is from 1 to 60 It indicates number of connectivity test B Traceroute Allows tracing the hops from the WMS 308N device to a selected outgoing IP address It should be used for the finding the route taken by ICMP packets across the network to the destination host The test is started using the Start button click Stop button to stopped test Destination Host Specifies the Destination Host for the finding the route taken by ICMP packets across the network MAX Hop Specifies the maximum number of hops max time to live value traceroute will probe B Lookup IP This utility will covert a host or domain name into IP address The test is started using the Start button click Stop button to stopped test Domain Specifies the host or domain for converting gt Count By default its 10 and the range is from 1 to 99 It indicates number of converting test 43 WMS 308N Network Access Control Gateway User s Manual 4 2 7 USB Storage Setup This function allows administrator to setup USB storage device for save more e map custom portal login page and managed AP s profile Please click on U
84. ccess Controller Connecting to PayPal 140 WMS 308N Network Access Control Gateway User s Manual Step 3 You will be redirected to PayPal website to complete the payment process You can pay service fee via Paypal account or use your credit card Click continue checkout hyperlinks PayPal is the safer easier way to pay PayPal Secure Payments PayPal securely processes payments for Cenwell Hotspot Pay with PayPal in a couple of clicks You can use your credit card without exposing your card number ta the seller Log in to PayPal You can speed through checkout without stopping ta enter your card number or address Emai Don t hawe proble Password Cancel and return to Cenwell Hotspot Forgot email address or password Step 4 After login Paypal The payment information will appear Click Pay Now button to get passcode Review your payment PayPal amp Secure Payments If the information below is correct click Pay Now to complete your payment Learn more about how PayPal withdraws funds Description Amount Item total Add special instructions to merchant Itern total MTEI Total HT 1 TWO Enter dift certificate reward or discount Payment Methad PayPal Balance PayPals exchange rate as of Jun 17 2010 1 LI S Dollar 31 4421 Taiwan New Dollars More funding options Contact Information jundeshen yahoo com Cancel and return ta Hotspot 1
85. ce Merchant Fees Financial Information Cedi Debi Gars Bank Accounis Gurmency Balances fis and Dicounis Account State menis Recurring payments dashboard preappibved payme nis 137 selling Preferences Auctions Regional Tax Shipping Galulations Saved Buttons Payment Receiving Preferences Insiani Payment Nolficalion Preferences Reputation Customer Service Message Website Payment Preferences Encrypied Payment Settings Cusiom Payment Pages Invoice Templates Language Encoding WMS 308N Network Access Control Gateway User s Manual After click API Access on Account Information the API Access setting will appear Click Request API credentials in Option 2 Request API credentials to create your own API username and password PayPal d My Account Send Money Request Money Merchant Services Products amp Services Cverview Add Funda Withdraw History Resolution Center Profile API Access An API Apaication Programming Interlace allows PayPal soliware communicate with your odine store or shopping Setting up permissions and credentials C hocee one ol the ldlowing oglio 1o intecrate your PayPal payment sotution with your online store or shopping Option 1 Gran permissions 1o a third pany 1o use certain PayPal APIs on Option 2 Request API credentials create your own username and your be hall pase word Ghocee this oplion il This
86. cel Destination IP address and Port Route Information Select Route Information on the drop down list to display route table WMS 308N could be used as a L2 or L3 device It doesn t support dynamic routing protocols such as RIP or OSPF Static routes to specific hosts networks or default gateway are set up automatically according to the IP configuration of system s interfaces When used as a L2 device it could switch packets and as L3 device it s capable of being a gateway to route packets inward and outward r Route Information Destination 1232 168 101 0 192 168 102 0 182 168 1030 192 108 2 0 192 168 1 0 192 168 104 0 192 165 105 0 192 168 106 0 182 168 107 0 Gateway aonad 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 D 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 125 Netmask 55 255 255 0 255 255 25510 25525525510 255 255 255 0 465 255 7550 255 255 25510 LL DEL uu interface etn1 101 gth1 102 etn1 103 WMS 308N Network Access Control Gateway User s Manual ARP Table Information Select ARP Table Information on the drop down list to display ARP table ARP associates each IP address to a unique hardware address MAC of a device It is important to have a unique IP address as final destination to switch packets to ARP Table Information IP Address MAC Address Interface 192 168 272 254 00 11 22 66 88 50 eth 192 1658 1 44 00 14A 92 90F A4 OB 1 0
87. chanism that keep one AP as a standard profile then other APs can share the same Template without repeatedly keying all the parameters Select desired profile from Template Profile List All saved template profiles will be on the Template Profile List Click Delete button to remove template file on the list Template Profile List Template Profile List 9014501B3ED9 WAP 954GP bin n 001A502F0CAB WAP 854NP_bin Delete Template File Delete 97 WMS 308N Network Access Control Gateway User s Manual Load From Upload File Select desired profile from local PC Upload File From PC Load Profile From PC Browse B Auto Recovery Click Recovery button to upload profile to new or unlist managed AP the AP Profile Auto Recovery page will appear amp AP Profile Management AP Profile Auto Rec oven Reszcan est ee ced STAT v Information Display the MAC and IP address informations of the selected managed AP s profile Y Available Recovery AP List All of available managed AP will display in the list These managed APs not yet imported to profile list Denote the current IP address of the respective available managed Denote the current MAC address of the respective available recovery Password The default password is default Enter the correct password of the respective managed AP to access Status Denote the current status o
88. d in the DRAM if you restart system the all of history log will empty Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes If the history E mail has been entered above Notification settings after Sending Interval the system will send History E mail to receiver s E mail address automatically Traffic Log As shown in the following figure each line is traffic history record consisting of 10 fields Date Auth Type Status Passcode Username IP MAC Packets In Bytes In Packets Out and Bytes Out 85 WMS 308N Network Access Control Gateway User s Manual ee mice E a F ezname IT H Packt B mam EMO UE UON mm mm mum m gre nd 5 5 P Ae 294 208 Ai aan cmand CE ae 1 1 292 269 5410 A oF Aa ner KEETE i i52 3m Piat 1 uu i Berg zh EB 0 thi I i5 emand LOGIN 15H Rt 2E 2 na Es FX TET E a AT ral PE TE om 9 Frias I eme aced OUI AZ E 15 2E mJ mn aT Les Lid Fi ed i 120 SOR GAs 0 ra nd LOGI OITER 158 ISP rads 28 4 TIHE T OF RAS LE 4 A F e 4 1 E tr i68 D Loon 168 IFA mirand DLE x x ra 1 m H K hah 6 i L HE IDA TZ uu mit Emamd GF eS ELE E ri m Y y y y v gt Date Denote the current event s date and time
89. dary WAN interface automatically This option only for Load Balance or Backup traffic mode 2 WMS 308N Network Access Control Gateway User s Manual gt Service By default it s Disable To Enable to activate this function v IP Address To Ping specify an IP address of the target host which will be monitored Ping Interval specify time interval in seconds between the ICMP echo requests are sent Default is 60 seconds gt Startup Delay specify initial time delay in seconds until first ICMP echo requests are sent The value of Startup Delay should be at least 60 seconds as the network interface and wireless connection initialization takes considerable amount of time if the device is rebooted Default is 60 seconds Failure Count specify the number of ICMP echo response replies If the specified number of ICMP echo response packets is not received continuously the primary WAN traffic will be routed secondary WAN If Connection Detect is disabled on Load Balance or Backup the system will use default value If Connection Detection is disabled and the PHY s connection status shows Red Status Port Link Info the system will detect PHY on every 5 seconds When system detect failure 1 times the traffic of package will routed via Secondary WAN Interface When Primary WAN Interface detect 1 time success the traffic of package will routed via
90. dedrezs Im 290 44 aia oe PT le 102 162 2 1 ons Nan Qs ere many pr dome Fu 150 LAM Sering Ar dans falc way IF Address 9216021 bet AP 255 255 0 192168214 SavebRebeotaP 300 start 1921082250 oxrasoooerae seme 1 11 2011 10 08 12 10 89 192 1602250 255 255 295 0 19216821 SavetiReboot LAW Set tion Hetast Gateway Message WMS 308N Network Access Control Gateway User s Manual Step 3 Import profile of the respective managed AP Select all managed AP Click Import to database button to import the profile setting to database Device Discowery Source IP Mac Address vl Stat 212 Eo 2 le Start 192 105222 00 1A 50 00 087 2E sf Start 122158251 c14500037 2E Adel 102 155 2 8 PH 255 265 255 0 157 155 2 1 8 s Fair T a th Fass word Hs nil ame FW Version FW Dane loads Ae thems amp edekdad Addres Hetmiask Gateway Pore ee AAP OSIM nerfERAPMZEHI e 18 15 31 P 1 bH z bl eas be 92 108 2 1 AP 211 YILD ADi 1a TOS 12 002595 AF 192 168 2452 z55 55 2550 132 155 2 1 Save AF ar BESNP H1 0 8 1 122 158 2 5 755 755 755 152 155 2 1 AP kd la iAut
91. detection time 113 WMS 308N Network Access Control Gateway User s Manual 4 4 6 Website Monitor WMS 308N will send out a packet periodically to monitor the connection status of the IP addresses on the list If the monitored IP address does not respond the system will send an e mail to notify the administrator that such destination is not reachable After entering the related information click Add button and these settings will become effective immediately Green light means online and red light means offline The system provides 50 monitor IP address fields on the Website Monitor List Please click on AP Management Website Monitor the Website Monitor page will appear amp Website Monitor Hee On each monitored item with a WEB server running administrators may add a link for the easy access by selecting a protocol http or https and click the Add button After clicking Add button the IP address will become a hyperlinks and administrators can easily access the host by clicking the hyperlinks remotely Click Delete to remove the setting in the list Click Refresh button to renew status 114 WMS 308N Network Access Control Gateway User s Manual 4 5 Restrain the Users and Sharing Your Internal Service 4 5 1 Configure Tine Policy Administrator can define time policy for Service Domain IP Filtering MAC Filtering and Virtual Server There are 10 policy can be defined Please click on Advance gt Time Po
92. device management purpose DNS2 server IP address is optional It is used as the fail over in case the primary DNS server will become unresponsive WINS IP Enter IP address of the Windows Internet Name Service WINS server this is optional Domain Enter the domain name for this network Lease Time The IP addresses given out by the DHCP server will only be valid for the duration specified by the lease time Increasing the time ensure client operation without interrupt but could introduce potential conflicts Lowering the lease time will avoid potential address conflicts but might cause more slight interruptions to the client while it will acquire new IP addresses from the DHCP server 34 WMS 308N Network Access Control Gateway User s Manual Static Lease If you want a computer or device to always have the same IP address assigned you can create a Static lease The system will assign the IP address only to that computer or device There are maximum 50 rules allowed in this list B Hostname Enter the hostname of the computer or device B IP Address Enter the IP address you want to assign to the computer or device This IP Address must be within the DHCP IP Address Range B MAC Address Enter the MAC address of the computer or device B Actions Click an action button to perform the appropriate action B Delete Click this button to remove the lease for a specific LAN device and free an entry in the lease table
93. e Enik B Description Enter appropriate text to denote this virtual server B Private IP The corresponding IP address of the LAN port used for the respected service Enter the LAN IP address of the assigned host B Protocol Type The communication protocol of session Select an appropriate protocol type either TCP or UDP protocol Private Port The private port s required for this rule A single port may be given or a range may be given as start end which will match all ports from start to end inclusive m WAN Interface Select specified WAN interface where forwarding of incoming packets is processed m Public Port The public port s required for this rule A single port may be given or a range may be given as start end which will match all ports from start to end inclusive m Schedule Select specified time period for this rule B Service Check Enable option to activate this rule and Disable to deactivate The Private Port and Public Port can be different but the port range need the same example Public Port is 10 to 20 the Private Port can be 30 to 40 or other 10 ports range Click Save button to add Virtual Server rule to List There are maximum 20 rules allowed in this List All rules can be edited or removed on the List Click Reboot button to activate your changes 118 WMS 308N Network Access Control Gateway User s Manual 4 5 5 Configure Black
94. e Domain the clients will connect to Internet via specific outgoing WAN port This function only activate on Load Balance Mode on WAN Traffic page NAT Service By default it s Enable to activated NAT service To Disable to unactivated NAT service B Pregenerated Ticket When Pregenerated Tickets selected in Auth Type field the Tickets DB will appear Select desired tickets database for Pregenerated authentication after creating the tickets database on the 48 WMS 308N Network Access Control Gateway User s Manual Pregenerated Tickets page See Section 4 3 2 2 Login Options When authentication type selected in Auth Type the Login Options setting field will appear Login Timeout Enter Idle timeout for this Service Domain If users has idled with no network activities the system will automatically logout the users The Login Timeout can be set between 1 to 60 minutes and the default timeout is 10 minutes Redirect URL Enter the specified website to redirect when users log in successfully the pop up page will directed to the specified URL Login Domain Name Enter the specified URL to display login page If you close the login page and cause you can t click Logout button to stop service you can enter specified URL on browser to display login page Schedule Select desired scheduling of the respective Service Domain for authentication service Scheduling setting is on Time Policy page IP PnP Service
95. e Inzrememui iipit AN amp AP Profile Management status Mott MAC Address wARUSAHP GO LA SO 97 28 d WAPR SAMP OO A EOE 28 ay WAP BS HP DO 1A SD OC RT E IF Address Port 172 168 2 00 132 162 2 62 20 192 158 27 61 E0 HAT Addis Wha ayer Woe 158232250 87 28 Change 132 145 3 1582250 AP 3E Change 1 122 1588 251 e 1 AS 2B Change 1 132 158252 192 158 2 50 DO 1450003728 anit database 552 12 it SP EB lnigort la 1 8 251 DO 14 SCHODE AT 2E Pact word Last Update Time hc tiges Delete all ELLELE 2109 01 01 OO 1 54 Download te PC Restore Recovery Delete asaaaad 2000 01 01 0 00 29 Dewnlaad te PC estore Decovery Delete 1 PET TET Cepy bho bersplabe to Pc Cir liri J uy M M Step 4 Configure WAP 854NP A managed AP set VAPO s ESSID to WAP 854NP A The Status of WAP 854NP A should display es before system automatically download WAP 854NP s profile to database AP Profile Management Status Heat lame MAC Address l act WAP S545 E e WAP DLE A EO 20r A En TIE DO WaPo IF AdldlressiFart 192 16 amp 8 2 60 B LYE LeU ee 192 1 amp 8 2 61
96. ed use firmware version 2 1 6 or higher the WLO 15814N WLO 15802N need use firmware version V1 1 8 or higher 95 WMS 308N Network Access Control Gateway User s Manual 4 4 2 Managed AP s Profiles Managerrent After administrator import profile of the respective managed AP the each managed AP s profile will saved in the database of switch and listed status on AP Profile Management page Up to 120 managed APs can be imported to system This section provides profiles management of the respective managed AP Administrator can copy profile to template database download profile to PC restore or auto recovery profile for managed AP Please click on AP Management Device Discovery the AP Profile Management setting field will appear on bottom of Device Discovery page Erie amp AP Profile Management Sus Hea Mame MAC Address IP Per Last Updare Time Deere AAP Saye 1 50 A 192 160 2 60 o 2010 01701 00 03 20 Copy Recovery Delete So 14 i 193 158 261 In n idR 000 01701 00 01 29 Cony To templar To amp espone Recovery Deelene WAP ASM i 1B F 193 168 2862 2005 01 01 50 03 11 Copy t T mglabe t PC Restore Recovery Delete B Status Denote the current status of the respective managed AP The following three status v o On Line Denote the current managed AP able detected and accessed v
97. ee ntury range OO ba Sah ric Deed 5 Eh ce nEuns er range 01 bo 12 abbneyiabgid month n d j ba Ehe ncn m ict DL current loca d dec b ra me according to the current locale me accordimg to the current locale PM arcosding m he ghan rime vali ae rhe eorrespiaesedina sinas fos 1 34 he ur cEwk range 00 te hour chock range 01 ta 17 UO t 3I a Before Hotspot service active make sure the Local Time is correctly Step 4 Select Authentication Type for Service Domain gt Click Service Domain Service DomainO the Service DomainO Setup page will appear for each Service Domain authentication type can be selected in Pregenerated Ticket On Demand Local RADIUS Remote RADIUS Server LDAP Server and POP3 and select one authentication type for Default Auth Type Below depicts an example for Local RADIUS Service Domain Service Domain Setup FP KARIUS wl Pon WAN tralie must be specliled to Lead Balance ie 10 il hike rr pl Senet oS I 3 1 able Wha HAT is disabled en eae of Service Domain F FaF will disabled r 1 120 20 jr d bod cbr a AiAi Chnbeellar aries ti Please input Passeade Lisermame and Password then yeu ean use eur niternet service Thanks Cegpright hy PhaaN et Corpr Colar fr2b2b2b EAM WMS 308N Network Access Control Gateway
98. elected managed APs The default NTP Server is switch s LAN IP address The local time of managed APs will follow WMS 308N s local time Setup Time Use NTP NTP Enable Disable Default NTP Server Customize Time Server optional Time Zone Daylight Saving Time Disable i Wireless Basic Setup Specify Band Channel and Tx power for selected managed APs Wireless Basic Setup Band Mode 802 11b gt Country US Channel 9 Auto Assign Q One Channel 1 2 412 Ghz 2 2 417 Ghz 3 2 422 Ghz 4 2 427 Ghz 5 2 432 Ghz 6 2 437 Ghz 7 2 442 Ghz 8 2 447 Ghz 9 2 452 Ghz 10 2 457 Ghz 11 2 462 Ghz Tx Power Level 9 If you configure wireless basic setting for WLO 15814N WLO 15802N you need select in Wireless Basic Setup WLO 158xx series option 100 WMS 308N Network Access Control Gateway User s Manual VAP Setup Specify ESSID and Security Type for selected managed APs VAP Setup ID VAPO ESSID Auto Increment VLAN ID Tag DomainO VLAN ID Security Type Disable If you configure VAP setting for WLO 15814N WLO 15802N you need select VAP Setup WLO 158xx Series option Firmware Upgrade Via TFTP Enter TFTP Server IP address and firmware file and then click Apply AP button to upgrade Firmware Upgrade Via TFTP Server TFTP ServerIP _ m g 7
99. ell securely Express Checkout Payment Received Urique Transaction ID 55 492669W 4196426 Name SHEN CHUN TE The sender of this payment is Non U S Verified Email junides hen ya hoo com Payment Sent to 1 SCRE ERE RRR e Total Amount NT 1 TWD Fee amount NT 1 TWD Net amount NT 0 TWD Issue a refund kj You have up to 60 days to refund the payment and get the fees back Item amount NT 1 TWD Sales Tax NT O TWD Shipping NT O TWD Handling NT O TWD Quantity 1 Order Description MC7MK66Z Invoice ID 100600001 Date Jun 17 2010 Time 21 18 28 GMT 08 00 Status Completed Payment Type Instant 144 WMS 308N Network Access Control Gateway User s Manual Step 4 Click Continue button to next page PayPal My Account Send Maney Request Maney Merchant Services Products amp Services Overview Add Funds Withdraw History Resolution Cemer Prolile Issue Refund You can issue a lull or partial relund tor GO days aller ihe original payment was seni When you issue a relund PayPal redunde ihe lees including partial lees 1or partial payrneri To issue a refund emer ihe amount in ihe Refund Amount field and click Continue Name SHEN CHUN TE Email Transaction ID SSC 490659041 96425 Original payment NTI TWD Relund amour 1 H Inveice Number optional Hole 1o buyer optional 255 characters le
100. ent Gateway This section is for merchants to set up an external payment gateway to accept payments in order to provide access service to end customers who wish to pay for the service on line Service Domain gt Billing Plans Setup gt Payment Gateway Setup External Payment Gateway Billing Plan Setup List Ae kirip E mmi im i Inter malin Enable Plan Name Price PayPal Payment Page Confiquration 19 00 200 LAD Signature Package Tire 16 00 Package 4 Walim ed Uni End Tire 10 00 Client s Purchasing Record Package 5 Jedim ted Until End Time 10 009 usn Starting Ire Number 00001 05505 j IA 0 Number 120700001 Inno usn Package Lili reed Ln Tim 15620460 Package Y Uni End Time 10 090 LD Select Paypal to enable External Payment Gateway Before setting up PayPal it is required that the merchant owners have a valid PayPal API Username API Password Please see Appendix C Accepting Payments via PayPal Appendix D Examples of Making Payments for End Users for more information about setting up a PayPal Business Account relevant maintenance functions and example for end users The Paypal payment gateway does not support Customize Currency option on Billing Plan After opening a PayPal Business Account the merchant should find the API Signature of thi
101. erplate to setyo Managed APs The system supports LAN setting Time setting Wireless Basic setting Wireless Security setting and Firmware Upgrade if administrator want to configure more managed APs with same settings such as Time Server HTTP Port Wireless Advanced Setup etc The administrator can use template to configure Below depicts an example for configuration managed APs with Template Environment Description 1 Three WAP 854NP managed APs e WAP 854NP A 00 1A 50 00 87 28 e WAP 854NP B 00 1A 50 00 87 2bE e WAP 854NP C 00 1A 50 00 87 2B 2 Set WAP 854NP A s profile to template Step 1 Click on AP Management Device Discovery and click Discover button to search managed AP Device Discovery Passus z Gen lata IP MAC Address T Version T Dare Made ETLE IF Aalders 212 200 UOXIATOUOS28 artit WAPRSLDANP CareAPRNZHI VILIS 2012 07 23 DIG 192 160 2 250 295 250 205 0 du 192 1583 2 250 Oe ae APBSSANP CerAPN2HIVI LS 2012 07 23 18 10 31 192 168 2 250 25525 Step 2 Change the managed AP to specify IP address Select all managed APs Enter specify IP address in LAN Setup setting field Click Save amp RebootAP button to assign IP address to each managed AP Device Discovery Pats werd Get Info Pearce IF MAC Address bet tame FW Were iden F W Date Made P amp sdress 192 162 2 60 Auta Incremeenti IF Address HAC A
102. erver The default is 110 A Sometimes POP3 server use Port 110 for STARTTLS encryption and Port 995 for SSL TLS encryption Connection Type Some POP3 server need encryption linking for authentication The system provides STARTTL and SSL TLS encryption for external POP3 server m POP3 Server List Service Denote the current status of POP3 server Host Port Denote the Host IP address and port number to connect to external POP3 server Type Denote the encryption type to connect to external POP3 server Actions Click an action button to perform the appropriate action v Edit Click this option to edit the respective billing plan There are 8 POP3 server can be edited Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 80 WMS 308N Network Access Control Gateway User s Manual 4 3 3 Configure Privilege List This function provides local device can access Internet without authentication If there are some workstations belonging WMS 308N that need to access to network without authentication enter the IP or MAC address of these workstations in this list Up to 50 rules can be defined in this list Please click on Service Domain Privilege IP MAC Address the page of Privilege IP MAC Address Setup will appear Privilege IP MAC Address Semp Device Name IP Address MAC Address Delete Edi
103. erver setting selected in Setup Time User NTP please verify system s Default Gateway and DNS setting first B User Setup Administrator can set Time manually Click Set Time button and Save button to change Local Time Time Display Format Administrator can set system s time format Enter a desired time format or use the default provided Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 36 WMS 308N Network Access Control Gateway User s Manual 4 2 2 Configure Managerrent The administrator can later obtain the geographical location of the system via the information configured here The administrator also can change system password and configure system login methods Please click System gt Management and follow the below settings Management Setup Be hr Ek Irol Gabi dn m Gas IploadKery System Information System Name Enter a desired name or use the default provided gt Description Denote further information of the system gt Location Enter related geographical location information of the system administrator manager will be able to locate the system easily m Root Password Log in as a root user and is allowed to change its own Root user also can change admin user s and operator user s password Click Save button to activate the new password gt New Password Please input the new passwo
104. escription Close User s Manual Click Add Accounts button the create page will appear as below Click Cancel button to close window Package 0 Yes Price 10 00 USD e Type Unlimited Until End Time B Create Time 2012 07 10 15 54 32 m Start Time 2012 07 10 15 54 32 End Time 2012 07 15 15 54 32 ESSID APOO gt Wireless Information KEY 1234567890 o Description Create Cancel Click Create button to add new account for this billing plan Below depicts an example for creating ticket Package 0 P Passcode 3SRZC2KY vus Price 10 00 USD e Type Unlimited Until End Time Create Time 2012 07 10 15 55 30 Start Time 2012 07 10 15 55 30 e End Time 2012 07 15 15 55 30 ESSID APOO gt Wireless Information KEY 1234567890 o Description Print Close B Statistic Show on demand users statistic information for this billing plan gt gt gt gt Ticket Qty Denote ticket s quantity in this billing plan Used Ticket Qty Denote used ticket s quantity in this billing plan Expired Ticket Qty Denote expired ticket s quantity in this billing plan Total Price Denote total ticket s price and currency in this billing plan 63 WMS 308N Network Access Control Gateway User s Manual B Tickets per day Show the bar chart of quantity of the ticket in this billing plan B Tickets List Show tickets information gt y VV ve ve oV v Y Pl
105. ess Remote Management via Telnet and SSH Remote firmware upgrade via the Web Utilities to backup and restore the system configuration Full Statistics and Status Reporting Real time traffic monitoring Ping Watchdog Vv Vv VV Vv v 11 gt Network Management gt Event Syslog Status monitoring of on line users IP based monitoring of network devices Interface connection status Support Syslog for diagnosing and troubleshooting User traffic history logging User s session log can be sent to Syslog server Remote Syslog reporting to external server Traffic Analysis and Statistics SNMP v1 v2c v3 SNMP Traps to a list of IP Addresses Support MIB II NTP Time Synchronization Administrative Access HTTP HTTPS 12 WMS 308N Network Access Control Gateway User s Manual WMS 308N Network Access Control Gateway User s Manual WMS 308N Hardware Specifications Base Platform 32 bit MIPS24K Processor CPU Clock Speed 680 MHz Serial Port 1 DB 9 USB Port 1 Optional 3G interface radio with major brands ODM only Reset Switch Built in Push button momentary contact switch Ethernet Configuration 10 100 1000 BASE TX auto negotiation Ethernet port x 6 RJ 45 connector WAN 2 LAN 4 DRAM On board 256Mbytes On board 32 Mbytes CF Socket 1 reserved for option Built In LED Indicators 1 Power 1 Status 1 Net Status This is for AP manage
106. f the respective managed AP If the status shows Available Use the managed AP can used if the status shows 401 Unauthorized the managed AP can not accessed The correct password must be entered on Password field and Click Test button to access Click Rescan button to scan available managed AP gt Delete Click Delete button to remove profile on the list Sync Interval The interval in the range of 1 14400 and set in unit of minutes The default value is 5 minutes During every interval the system automatically download profile or configure setting from the respective AP 98 WMS 308N Network Access Control Gateway User s Manual 4 4 5 Managed AP Batch Setup WMS 308N supports batch configuration of the managed APs for automatically assigning IP addresses from a range of IP addresses to the selected managed APs for configuring wireless general and security settings to the selected managed APs for upgrading firmware to the selected managed APs amp Batch Setup Management Available AP Profile List Batch Setup Er z Select terup LAN Serup Sarl d Hes Hame MAC IP Address Pri S EaEun LAN Setup IP Address 102 168 2 60 dure 192 158 24 54 iP Nermask 255 255 255 0 152 16 285 B Available AP Profile List All managed AP s profiles will be displayed on the list Group Select a specific group of managed APs for batch configuration Select Select desired ma
107. ft core Step 5 Click Refund button to refund this payment PayPal My Account Send Money Request Money Merchant Services Products amp Services Overview Add Funds Withdraw History Resculion Gemer Profile Review and process refund Conlin ihe relund details and then click Issue Refund To make changes click Edit Name SHEN GHUN TE Email Hundes hen yahoo com Transaction ID 58C 482655 41 9654236 Crigirnal payment NT TWO Amount Relunded by Seller ATO TWD Fees Relunded by PayPal NTI TWO Total Retund Amount HT i TWD Source ol Funds Balance Note you don have enough money in your PayPal account 1o cover ihis relund well use your primary bank account tor all of the redund Deme Core 145 Step 6 My Account and verify Transaction Details My recent activity Payments received Payments sen My recent activity Lasi 7 days Jun 10 2010 dJun 17 20100 Archive Whars this a Date Dm Type Name Email Jun 17 2010 Fee Reversal From Cancelled Fee 4 Jun 17 2010 Relund SHEN CHUN TE PayPal Merchant Services Send Money EN My Account Request Money Overview Add Funds Withdraw Resolution Center Pralile History Transaction Details Refund Unique Trarsaction ID 847 234108 3814237 See related 55C 482559 4196426 Original Transaction WMS 308N Network Access Control Gateway User s Manual View all ol my irarsactions Payment status
108. gged the port need set PVID instead of port For example if you need untagged s clients connect to Server Domain1 VLAN 1 via Port 1 the Port 1 need set to Port based VLAN The Port 1 need enabled and select PVID in VLAN1 on LAN Setup page then the Port 1 select Untagged in VLAN TAG Mode on VLAN1 Setup page 33 WMS 308N Network Access Control Gateway User s Manual Port Setup Port PVID Port 1 VLANI 101 Port 2 LAN Port 3 LAN Port 4 LAN Port Setup VLAN TAG Mode Port Untagged Tagged Port 1 Port 2 9 Port 3 is Port 4 n Port Indicate the system s RJ 45 interface port By default it s enabled To disable to unactivated LAN s or VLAN s port PVID Port VID Select desired default VLAN ID on the respective port all untagged packets arriving at the device are tagged with the port PVID VLAN TAG Mode Select Tagged or Untagged on the respective port m DHCP Server gt Service Check Enable to activate DHCP Server on VLAN LAN port Start IP End IP Specify the range of IP addresses to be used by the DHCP server when assigning address to clients DNS1 DNS2IP The Domain Name System DNS is an Internet phone book which translates domain names to IP addresses These fields identify the server IP addresses where the DNS requests are forwarded by the WMS 308N DNS1 server IP is mandatory It is used by the DNS Proxy and for the
109. gure 4 3 Dynamic Channel and Tx Power Allocation Flow Chart Maximum Clients Control By default it s Disable To Enable to activated maximum wireless clients limitation in the group the system will automatically assign maximum clients limitation for group managed APs after the Sync Interval Please see section 4 4 2 103 WMS 308N Network Access Control Gateway User s Manual Maximum Clients Control Service Enable Q Disable RXThreshold 10240 kBps TX Threshold 10240 JKBps Group MAX Sevice Clients 32 v Rx Threshold Rx Threshold is in the range of 0 120400 and set in unit of KBps The default value is 10240 KBps Specify desired receive bandwidth for wireless clients limitation in the same group of each managed AP The wireless clients unable connect to managed AP when bandwidth of receive achieve limitation v Tx Threshold Tx Threshold is in the range of 0 120400 and set in unit of KBps The default value is 10240 KBps Specify desired transmit bandwidth for wireless clients limitation in the same group of each managed AP The wireless clients unable connect to managed AP when bandwidth of transmit achieve limitation Group MAX Service Clients Enter maximum number of clients to a desired number in the range of 0 256 The default value is 32 For example while the number of client is set to 32 only 32 clients are allowed to connect with all managed AP in the this group MAC Filter Control
110. he Hotspot an e commerce environment for end users to pay for and obtain Internet access using their PayPal accounts or credit cards As follows are the basic steps to open and configure a Business Account on PayPal Sign Up Process Step 1 Sign up for a PayPal Business Account and Login Here is alink https www paypal com cgi bin webscr cmd 7 registration run PayPal Create your PayPal account Secure 7 Your country or region Taiwan Your language Engish Already have a PayPal account Upgrade mow Personal Premier Business For individuals who shop online For individuals who buy and sell For merchants who use company or online group name um coed Learn about low PayPal lees Click Get Started button to create PayPal Business Account on Business field the Account Sign Up page will appear 136 PayPal WMS 308N Network Access Control Gateway cho User s Manual ose Enterinformaten Confirm Dona Account Sign Up Business Account Business Mame Category Address Line 1 Address Line 2 optional City State Province Region Postal Code Country Of Registration Date of Registration Business Type Primary Currency Customer Service Email Choose a category Please enter your address in Erxjish as shown in ihe example sar Bi 1000 Sec 1 Dunhua 5 A Taipei fF LJ fF Taiwan
111. his will add the client to the MAC Filter List of the respective group Please see section 4 4 4 v Disconnect Click this button to reconnect a specific client from accessing the AP of the respective group B Devices Syslog Display a list of recent events by the AP of the respective group t y y V Vv v Groep Tau amp Group Status Dei veg Devic WABPOESAaNPE amp Heleesh Tima Facility Laverty Moaaage 01 Saar inia bubul for root from 192 168 2252 000 021 WL UO 01 24 ay stem ine Futhenkicatker bucatu fer root from 192 2 6G 15 T000 01 01 0001 48 Star inie Aushantieatienm gureeszful fer root fram 127 0 0 1 T000 20301 00 01 40 Tyria Enfa Authentication for root from 197 168 2 100 ZOQU 02 01 0 01 47 System Enfa Authentication successful for root from 15 2 162 2 253 ZO 01 401 OO 04 04 Sytem Authentication successful for root from 192 168 2252 ZOGU 01 401 System Ira AR entiation sucorsshul for root from 192 166 2253 4000 03 01 00 07 39 Sytem Enfe Authentication fer root fram 192 1568 2 100 T000303201 00 03 25 Tyria Enfa Authentication gucoesefiul Tor root from 192 168 2 252 ZO0QQ 03 01 00 03 41 yan infia successful for root om 192 1268 2 1090 DUDU 02 401 go OA 45 Syston Auth nticabio n for root trom 192 168 2252 ZODU 01 401 00 09 08 Sytem Authentication successful for root from 159 155 2 253 Val We ay
112. ial up connections or Point to Point Tunneling Protocol PPTP virtual private network VPN connections 128 bit key strong and 40 bit key standard MPPE encryption schemes are supported MPPE provides data security for the PPTP connection that is between the VPN client and the VPN server m DNS Select No Default DNS Server or Specify DNS Server IP option as desired to set up system DNS gt Primary The IP address of the primary DNS server gt Secondary The IP address of the secondary DNS server B Clone The MAC address is a 12 digit HEX code uniquely assigned to hardware as identification Some ISPs require you to register a MAC address in order to access to Internet If not you could use default MAC or clone MAC from a PC 2 Keep Default MAC Address Keep the default MAC address of WAN port on the system gt Clone MAC Address If you want to clone the MAC address of the PC then click the Clone MAC Address button The system will automatically detect your PC s MAC address a The Clone MAC Address field will display MAC address of the PC connected to system Click Save button can make clone MAC effective gt Manual MAC Address Enter the MAC address registered with your ISP Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 26 WMS 308N Network Access Control Gateway User s Manual 4 1 3 Configure WA
113. ice Currency Delete One Time 60 2010 06 17 2010 06 17 2010 06 17 2010 06 22 2010 06 17 iode Minutes Used 21 18 24 21 19 49 21 18 24 21 18 24 21 19 49 Tar Delete Showing 1 to 1 of 1 entries Package 2 DANT Print Step 2 Please login in PayPal and click on History gt Find a transaction Then enter Invoice Number in Invoice ID and specify the time period for search Click Search button to view the transaction details PayPal My Account Send Money Request Money Merchant Services Products amp Services Owerview Add Funds Withdraw History Resolution Center Profile History Hecerd Activity All activity Find transaction 6 1 Two In Mtwo M usp Mau 5 18 2010 jo _ Search 143 WMS 308N Network Access Control Gateway User s Manual Step 3 View the transaction detail and click Issue a refund PayPal ax My Account Send Money Request Money Merchant Services Products amp Services Overview Add Funds Withdraw History Resolution Center Prolile Transaction Details e m OK to complete the transaction Payment Status Completed What should 1 do now Seller Protection Not Eligible e Contact the buyer to confirm the purchase e Save all correspondence with the buyer bris have no shipping address on ile Following these guidelines can help protect you if a claim is filed for an unauthorized payment or items not received Tips to s
114. ice Telnet Port Please input 1 65535 value to set Telnet Port default value is 23 Enable SSH Select Enable SSH to activate SSH Service SSH Port Please input 1 65535 value to set SSH Port default value is 22 Click GenerateKey button to generate RSA private key The Display the host key footprint gray blank will be show content of RSA key E main SMTP Relay Select Enable Service to activate Email SMTP Relay function Enter SMTP relay server in IP Address Domain field The configure of SMTP server can t set encryption and authentication The IP address of SMTP server can t set on LAN s subnet m Ping Watchdog The ping watchdog sets the WMS 308N Device to continuously ping a user defined IP address it can be the Internet gateway for example If it is unable to ping under the user defined constraints the WMS 308N device will automatically reboot This option creates a kind of fail proof mechanism Ping Watchdog is dedicated for continuous monitoring of the particular connection to remote host using the Ping tool The Ping works by sending ICMP echo request packets to the target host and listening for ICMP echo response replies If the defined number of replies is not received the tool reboots the device gt gt Service Click Enable to activated Ping Watchdog Tool IP Address To Ping specify an IP address of the target host which will be monitored by Ping Watchdog Too
115. ice free of charge Please click on Service Domain gt Walled Garden the page of Walled Garden Setup will appear amp Walled Garden Serup Walled Garden Walled Garden List IP Ad dreds Dom ain Name 9 Fula m Walled Garden Name Enter a descriptive name for this rule for identifying purposes IP Address Domain Enter the IP address Domain of the workstation Homepages Enter the MAC address of the workstation gt Description Enter appropriate text to denote this workstation Click Save button to add new rule all of rules can be edited and deleted m Walled Garden List 1 Name Denote the name of workstation 2 IP Address Domain Denote the IP address or IP address Mask of workstation 3 Actions Click an action button to perform the appropriate action e Delete Click this option to remove the specified item e Edit Click this option to edit the specified item After add website on the list the Walled Name will appear on Login page Below depicts an example for Walled Garden 82 WMS 308N Network Access Control Gateway User s Manual NAC Gateway Access Controller 2 Username SO Password 83 WMS 308N Network Access Control Gateway User s Manual 4 3 5 Configure Notification WMS 308N can automatically send the notification of Traffic Log On Demand Log Session Log Monitor Report and AP Status to 3 particular E mail addresses The notification of AP Status is
116. in settings window the Service Domain page will WMS 308N Network Access Control Gateway User s Manual 4 3 1 Configure Service Domain Administrator can configure Service Domain with different authentication service type specified outgoing traffic IP PnP service guest free service idle time redirect URL scheduling authentication service and customization login page Click on Service Domain gt tools icon or Service Domain gt Service Domain to enter Service Domain Setup page Service Service Domain Se Lup EF e m a OE i rm LET d E a app 1 HL ES wii POPII ow racio MAE Pregenerated Ticket i MEAM Aubo teallic mesi be zpeciliecl to Load Ealanee jir Blair HAC Cha ir a eral Or Access Controlla F Fate Ber Fa an uve nit r by PI rrbrbzh AM La I of Y Fri F RTD niu L 1 Where WAT i5 disablesl am dar of c Domain IF Paf will disabled er ie Authentication Options Select authentication type for the respective Service Domain The system supports multiple authentication in the respective Service Domain Auth Type Select desired authentication type for this Service Domain each Domain support multiple authentications Default Auth Type Select default authentication type for the respective Service Domain Specify WAN Port By default it s Auto Select desired WAN port for the respective Servic
117. ist Please click on AP Management Rogue AP Detection the Rogue AP Detection Setup page will appear Roque AP Detection setup E a RJ Roque AP Summary Nest Masse Loot MAC Address Changel Mede SME Conflict Intranet Valid BEEF IL WAP Fo HP m Rogue AP Detection Setup Service By default it s Disable To Enable to activated rogue detection Scan Time Interval The default value is 60 and set in unit of minutes During every interval the system will automatically detect rogue AP from the signal coverage of all managed APs m Rogue AP Type Select what kind of rogue AP is particularly mared into the list Any Uncontrolled AP Click this option the system will find out the rogue AP within the signal coverage of the managed APs v Only When SSID Conflict Click this option the system only find out the rogue AP with the same ESSID of the all managed AP and particularly mark into the list 112 WMS 308N Network Access Control Gateway User s Manual Ad hoc Nodes Click this option the system will find out the Ad hoc rogue AP within the signal coverage of the managed Aps Uncontrolled AP connected to intranet Click this option the system will find out the intranet rogue AP within the signal coverage of the managed APs and particularly mark into the list m Valid AP List Assign specified uncontrolled AP into the valid list the system will particularly mark in the Rogue AP Summary gt Y
118. iven or a range may be given as start end which will match all ports from start to end inclusive B Destination Address Mask Enter the desired destination IP address and netmask the mask must be a plain number i e 192 168 1 10 32 B Destination Port The destination port s required for this rule A single port may be given or a range may be given as start end which will match all ports from startto end inclusive m In Out This option used for specialized packet alteration The system support In INPUT for packets coming into the interface itself or Out FORWARD for altering packets being routed through the interface B Protocol This option allows you to select protocol type The system support TCP UDP or ICMP B Listen Enable Yes to match TCP packets only with the SYN flag Policy Enter Deny to DROP specialized packet Pass to ACCET the specialized packet m Interface Select specified interface where filtering of the incoming passing through packets is processed m Schedule Select specified time period for this rule Click Save button to add IP filter rule to List There are 20 rules maximum allowed in this IP Filter List All rules can be edited or removed on the List Click Reboot button to activate your changes 116 WMS 308N Network Access Control Gateway User s Manual 45 3 MAC Filter The administrator can setting MAC Filter via this page Please click on Advance gt MAC Filter and follow the
119. k Access Control Gateway User s Manual 3 2 Software Configuration 3 21 Getting Start Step 1 Once the hardware installation is done set DHCP in TCP IP of the administrator s PC to get an IP address automatically Connect the PC to the LAN port of WMS 308N An IP address will be assigned to the PC automatically via the WMS 308N 2 Launch a web browser to access the web GUI of WMS 308N by entering http 192 168 2 254 in the address field f PheeNet Mode WMS 308N Windows Internet Explorer G ye i htt 192 168 2 254 2 3 The following Administrator Login Page will appear Enter root in the Username field and default in the Password field Click OK button to login Connect to 197 168 7 754 The server 192 168 2 254 ak WMS 30BN requires username and password Warren Thes server i5 requesting that your username and password be sent in an insecure manner basic pia without a secure connection User root Remember my password o c If you can t get the login screen you may have incorrectly set your PC to obtain an IP address 6 automatically from LAN port or the IP address used does not have the same subnet as the URL Please use default IP address such as 192 168 2 x in your network and then try it again 17 WMS 308N Network Access Control Gateway User s Manual You can login as root admin or operator The default username and password as fol
120. l Ping Interval specify time interval in seconds between the ICMP echo requests are sent by the Ping Watchdog Tool Default is 300 seconds 38 WMS 308N Network Access Control Gateway User s Manual Startup Delay specify initial time delay in seconds until first ICMP echo requests are sent by the Ping Watchdog Tool The value of Startup Delay should be at least 60 seconds as the network interface and wireless connection initialization takes considerable amount of time if the device is rebooted Default is 300 seconds Failure Count To Reboot specify the number of ICMP echo response replies If the specified number of ICMP echo response packets is not received continuously the Ping Watchdog Tool will reboot the device B Auto Reboot gt Type There are four types can be selected Disable Daily Weekly or Monthly choose either the daily weekly or monthly in your specify time to restart system Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes Without a valid certificate users may encounter the following problem in IE8 when they try to access WMS 308N s GUI https 192 168 2 254 There will be a Certificate Error because the browser treats WMS 308N as an illegal website Certificate Error Navigation Blocked Windows Internet Explorer Oe jv JE 192 168 2 254 v Fille Edit View Favorites Tools Help
121. l Gateway User s Manual SMTP Auth Some SMTP server need authentication username and password for sending E mail The system provides authentication for sender s SMTP server Username The sender s authentication username for STMP server Password The sender s authentication password for STMP server Sand Test Success Receiver E mail 1 testibpheenet com Receiver E mail 2 Receiver E mail 3 sender From pheenet gmail com SMTP Server smtp gmail com Port 465 Encryption SSL SMTP Auth 1 Username gmail com Notification E mail Setup gt Receiver E mail Address es Up to 3 E mail address can be set up to receive the notification These are the receiver s E mail address Sending Interval The time interval in minute to send the E mail report Default is 1440 minutes the range is between 10 to 4200 minutes For Billing Plan Report the send interval between 1 and 24 hours Billing Report Time The start time of sending e mail For example the Billing Report Time is 14 00 and Sending Interval is 6 hours the system will send report on 20 00 SMTP Sending Test Click Send button to verify Notification E mail settings Below depicts an example for success sending test Syslog Setup There are 3 types of Syslog supported Syslog Log On Demand User Log and Session Log Enter the specify IP address and Port number to sent report The all history log are save
122. licy to enter Time Policy Setup page Time Policy Setup Policy 1 Policy Psy 1 Rem Action Time Schedule Dry of Aek TT a kan Toe Thu Fri F Policy There are 10 Policy can be selected m Schedule Rule Select desired schedule for this policy click Save Action button to save Schedule Rule setting Time Schedule Select desired day of week and time period for this policy Below depicts an example for On Schedule and Out of Schedule On Schedule Out of Schedule Click Save button to add schedule to policy There are 10 schedule maximum allowed in the each time policy All schedule can be edited or removed in the each time policy Click Reboot button to activate your changes 115 WMS 308N Network Access Control Gateway User s Manual 4 5 2 IP Filter The administrator can setting IP Filter via this page Please click on Advance gt IP Filter and follow the below setting amp IF Filter Setup IP Rules IP Filter List re Aj faurte Addr Mask Pri Listen Pelity Inbertace Schedule Actions Address Mask Port In i C j TP Lis Fu n De br ALI S Panel uw Always Ru Source Address Mask Enter the desired source IP address and netmask the mask must be a plain number i e 192 168 100 10 32 Source Port The source port s required for this rule A single port may be g
123. list The administrator can add delete and edit blacklist for uses access If the system want to deny uses access to specified website enter the IP address URL or Keyword of these websites in this list Up to 20 rules can be defined in this list Please click on Service Domain Blacklist the page of Blacklist Setup will appear amp Blacklist Setup Rules Blacklist ame Rules Berne Any 5S rec Ds2maii ALL BlwdyiRun base Cat B Name Enter a descriptive name for this rule for identifying purposes B MAC Address Enter MAC address in valid MAC address format xx xx xx Xx xx xx and click Add button to add in the MAC group of each rule Click Remove button can remove MAC address in the group of each rule There are 10 MAC address maximum allowed in each rule B Local Destination IP Specify local LAN destination IP addresses range required for this rule If you specify local IP addresses range from 192 168 1 1 to 192 168 2 254 The matches a range of local IP addresses include every single IP address from the first to the last so the example above includes everything from 192 168 1 1 to 192 168 2 254 B Protocol Select Any or specify protocol TCP UDP ICMP Content Filter and Application from drop down list If you want to block websites with specific URL address or using specific keywords you can select Content Filter from drop down menu and enter specific URL or keywords
124. lows gt Root The administrator can access all area of the WMS 308N Username root Password default gt admin The admin can access the area under Service Domain Wireless and Advanced setting Please see Appendix B Username admin Password admin gt operator The operator only can access the area of On Demand authentication to create edit and print out the new on demand user accounts Username operator Password 1234 Please see Appendix B 4 After a successful login the Home Page will appear on the screen System Service Domain Overview AP Management System Infa Port Link Info CPU Info Memory Info b Hetwadrk DHCP Clients k Service Domain Host Mame WHhEz 308N Location 4 Description Network Access Control Gateway ak Firmware Version Cen AC V0 0_3 Firmware Date 2011 03 24 12 30 58 Device Time 2011 03 28 01 55 55 System Up Time 04 03 Primary DNS Secondary DNS Monitor 1000 00 800 00 600 00 400 00 200 00 Eps 0 MAC Address 00 14 50 00 74 93 Address 132 168 7 254 Netmask 255 755 755 0 TX Bytes 735905 Advance Utilities Status Port Link Info WAHI LAH1 LAN Ticket Count Auth Type Pregenerated On Demand Payment Gateway Thermal Printer Local Radius Total Used Space 0 005 18 Tickets 0 15841 WANI Monitor 125 00 100 00 75 00 50 00 25 00 Eps
125. ment when system can t detect managed AP Environmental amp Mechanical Characteristics Operating Temperature 55 Storage Temperature 20 C 75 Operating Humidity 10 to 80 Non Condensing Unit Dimensions 243 x 150 x 45 5 mm Width x Depth x Height WMS 308N Network Access Control Gateway User s Manual Chgoter 3 Base Installations 3 1 Installations 3 11 SystemRequirements Standard 10 100 1000Base T including five network cables with RJ 45 connectors gt All PCs need to install the TCP IP network protocol 3 1 2 Panel Function Descriptions Front Panel SN NAC Gateway ANIA 1 Power Status gt LED Green ON indicates power on OFF indicates power off gt When system restart LED Amber will flash three times after system up LED Amber ON indicate the Flash is busy For example format database create or delete accounts etc 2 Console The serial RS 232 DBO9 cable attaches here 3 Reset Press and hold the button for more than 10 seconds until Power Status LED Amber FLASH to reset the system to default configurations After you release button the LED Amber will ON and system s database will be formatted until LED Green ON to restart system 4 WANT WAN Two WAN ports are available on the system LED Green ON indicates 10 100 Mbps link is established on the port LED Amber ON indicates 1000 Mbps link is established on the port 5 LAN Clients devices connect
126. n Wireless Information Enter the wireless information for this billing plan Description Enter any additional information that will appear at the bottom of the receipt Paypal Description Enter any additional information that will appear at the list of the login page B Billing Type There are different policy for this billing plan One Time Multiple Times Volume and Unlimited Until End Time Select One Time or Multiple Times or Volume the Quota sub item should be shown up Quota Enter the time quota for One Time and Multiple Times policy the maximum volume allowed is 527040 minutes default is 60 minutes or enter the volume quota for Volume policy the maximum volume allowed is 102400 MB default is 10 MB WMS 308N Network Access Control Gateway User s Manual Effective Starting Time Specify desired effective starting time for this billing plan Effective Ending Time Specify desired effective ending time for this billing plan B Display ltem Option Select desired display item for ticket Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 61 WMS 308N Network Access Control Gateway User s Manual 4 3 2 3 2 Create On Demand Users After configuring billing plans administrator can create and delete on demand users on this section Click Info button on Billing Plans List page to enter the On Demand Information page
127. n Distribution of Bandwidth or Individual Bandwidth Even Distribution of Bandwidth Set users distribute Total Max Upload Download Below depicts an example for Even Distribution of Bandwidth set Total Max Upload or Download to 9 Mbps if one user access Internet the maximum upload or download is 9 Mbps if three users access Internet at the same time the maximum upload or download is 3 Mbps by each user v Total Max Upload The Total Max Upload is in the range of 0 102400 Kbit s 0 indicates unlimited 31 WMS 308N Network Access Control Gateway User s Manual default is 512 Kbit s v Total Max Download The Total Max Download is in the range of 0 102400 Kbit s 0 indicates unlimited default is 512 Kbit s Individual Bandwidth Set each users Individual Upload Download Below depicts an example for Individual Bandwidth set Group Upload or Download to 6 Mbps and Individual Upload or Download to 3 Mbps if one user access Internet the maximum upload or download is 3 Mbps if three users access Internet at the same time the maximum upload or download is 3 Mbps by each user Bandwidth Control Service Enable Disable Type Even Distribution of Bandwidth Individual Bandwidth Individual Upload kbit s Individual Download kbit s Group Total Limit Q Enable Disable Group Upload kbit s Group Download kbit s Guest Service Enable Disable Guest Upload kbit s Guest Dow
128. naged AP for batch configuration Host Name Denote the current system name of the respective managed AP AP MAC Address Denote the current MAC address of the respective managed AP IP Address Denote the current IP address of the respective managed AP Y y y Vv Y Status Denote the current status of the respective managed AP after click Apply AP or Reboot AP button for batching configuration The following status Save LAN Wireless VAP Error Connect Fail 1 Upgrade Firmware Error Connect Fail 1 Upgrade Firmware Error Firmware Upload ERROR Save LAN Wireless VAP Success Check Free Memery Upgrade Firmware Now Rebooting To prevent data loss during firmware upgrade please backup current settings before proceeding 1 A 2 Do not interrupt during firmware upgrade including switch power on off or unplug RJ 45 cable from PoE port as this may damage managed APs B Batch Setup Select desired for batch configuration the related setting field will appear LAN Setup Specify IP address Netmask Gateway DNS for selected managed APs Management Setup Specify desired system information administrator s password HTTP s port and Telnet s port 99 WMS 308N Network Access Control Gateway User s Manual System Information system Name fo tat Increment Root Password Login Methods HTTPPort 80 Enable Telnet Port Time Server Setup Specify correct Time zone setting for s
129. nd accounts Vy Vy Vy V Support credit card billing system by PayPal gt Support automatic email network traffic history gt Dual WAN Load Balancing B Outbound Fault Tolerance B Outbound load balance 10 WMS 308N Network Access Control Gateway User s Manual B Multiple Domain Support By Traffic Bandwidth Management by individual and distribution on different network Service Domain WAN Connection Detection gt Firewall Built in DoS attack protection Inspection Full stateful packet filter Access Control List Multiple Domain Support gt Active Firewall Session 16 000 gt Network Support NAT or Router Mode Support Static IP Dynamic IP DHCP Client PPPoE and PPTP on WAN connection DHCP Server per Interface Multiple DHCP Networks 802 3 Bridging Proxy DNS Dynamic DNS IP Port destination redirection DMZ server mapping Virtual server mapping H 323 pass through Built in with DHCP server Support Static Routing Support RIP and OSPF Dynamic Routing Binding VLAN with Ethernet interface Support MAC Filter Support IP Filter Support Layer 7 protocol Filter and Web Content Filter Support Walled garden free surfing zone Support MAC address and IP address pass through Support IP Plug and Play IP PnP Vv v vM gt System Administration Three administrator accounts Provide customizable login and logout portal page CLI acc
130. nload kbit s session Limit per IP o sessions Y Individual Upload The Individual Upload is in the range of 0 102400 Kbit s 0 indicates unlimited default is 512 Kbit s Y Individual Download The Individual Download is in the range of 0 102400 Kbit s 0 indicates unlimited default is 512 Kbit s Y Group Total Limit By default it s Disable To Enable to activate Group Total Limit 32 WMS 308N Network Access Control Gateway User s Manual e Group Upload The Group Upload is in the range of 0 102400 Kbit s O indicates unlimited default is 512 Kbit s e Group Download The Group Download is in the range of 0 102400 Kbit s O indicates unlimited default is 512 Kbit s Guest Service By default it s Disable To Enable to activate bandwidth control service for guest users v Guest Upload The Guest Upload is in the range of 0 102400 Kbit s 0 indicates unlimited default is 512 Kbit s v Guest Download The Guest Download is the range of 0 102400 Kbit s 0 indicates unlimited default is 512 Kbit s gt Session Limit per IP The number of sessions is in the range of 10 500 0 indicates unlimited default is 0 B Port Setup The port setup is different between LAN VLAN Setup page On the LAN Setup page the system manager can set each port s PVID On the VLAN Setup page the system manager can set tagged or untagged on each port Please note that the VLAN s port was set to unta
131. ntication tickets for entire external Network There are four types of policy ticket can be generated One Time Multiple Times Volume and Unlimited Until End Time Please click on Service Domain gt Authentication gt Pregenerated Tickets and follow the below setting Service Domain gt Pregenerated Tickets DB Ticket Setup Pregenerated Tickets Database List File Prite Customize Currency if File IG Price Quantity Dex riptlun eem ncn on Deler Delete Delete lt E EERE Billing Type Cin Time WB Ticket Setup File ID Enter the 8 hex digit number for identifying tickets database this setting is optional If you don t specified file ID the system will automatically generate Price The price charged for this tickets databases Currency Select currency from drop down list or enter customize currency for this tickets databases Quantity of Tickets Specify desired quantity of tickets for this databases Y y y v Passcode Type There are different passcode type for this tickets databases All Digit All Letters Mix Digit Letter Select All Letters or Mix Letter Digit the sub item should be shown up Select desired excluding letters for passcode of ticket databases Passcode Length Specify desired passcode length between 8 to 32 for this tickets databases Wireless Information Specify desired wireless information for this tickets database Descri
132. o a Off 5000 COM 23 59 Edit Info g Off 5000 COM 23 50 Edit Info If administrator wants to generate tickets from Thermal Printer system must use PSS 120 serial server to control Thermal Printer B Status Denote the current status of thermal printer B IP Address Denote the IP address of SR 120X serial server B Command Port Denote the command port of SR 120X serial server B COM Port Denote the COM port of SR 120X serial server to connect to thermal printer B Date Denote balance date of thermal printer B Description Denote the additional information of thermal printer B Actions Click an action button to perform the appropriate action Edit Click this option to edit the respective settings of thermal printer There are 10 thermal printer can be edited Each thermal printer can specified billing plan Info Click this option to view accounts list and information of the respective billing plan from thermal printer created Click Edit button to enter Thermal Printer Setup page In the Thermal Printer Setup page administrator may configure related settings 68 WMS 308N Network Access Control Gateway User s Manual Service Domain gt Billing Plans Setup gt Thermal Printer Setup gt Thermal Printer0 Setup Thermal Printer Setup Billing Plan Setup List nite imr haa Boi hor maken Ag3dnERI Enable Plan Name TRE ata Price Por 1 T TS 5 00
133. ongue NollleallOl entes EU cM emacs nated 84 A390 Montor ONNE USES iae debit boten MEO De 89 MEO CHIMMONM All OM 90 4 4 Gontrol your Managed AP Eu exa lo ex entre ee oou 93 44A Discover Managed RP al ee ee ahd te Se 93 4 4 2 Managed AP s Profiles ManagemMentt ccccccccsecceseceeeeceeeceeeceueesaeeseeeceeessueesaeeseueeeeeseesens 96 AAS Managed AP Batch Sellos erue oibus e qut ei es eid iv eee eect aha Ve eee usus 99 4 4 4 Managed AP Group Management cccccccccsececeeeceeeeeececeeeeeeeseeeeseeeseeeseueeseeeseeesseetaeeeseees 102 R49 AP GUD 108 AAO 110 AAT Rogue AP Detection uto facea esata ews 112 VVCDSIIG MONTON M 114 4 5 Restrain the Users and Sharing Your Internal Service 115 CONGUE DIME ath Aleta eet Al aie eee ea 115 45 2 AP tes 116 Er MAC RIEF c 117 4 5 4 Virtual Server Port IP FOrwarding ccccccccceeeceeeeeeeesececeeeeseeeeeeeeeeeseeeeeeeseeeeseesseeseeeeseeees 118 45
134. oplion applies 1o You are using a pre intecrated shopping hoetecd by a third pany Cusiom websites and online stores Your website is hosled and managed by thirc parlty service provider Pre indegrated shopping cans running on your crm server Gran APL permission credeniials Select Request signature and click Agree and Submit button to generate API username password and API signature My Account Send Money Request Money Merchant Services Products amp Services Request API Credentials Back 1o Profile Summary AFI credeniiala consis of three elements AN userrame An API password Biher an AFI signature or an 551 clieni sice youre using shopping or solution provider ask whether you need an API signature or a certificate Request signature il your shopping can or solution provider has Request certificate 11 your shopping or solution provider asked for an AFI username password and signature or id youre requires file based developing a custom shopping Need help deciding which credential is right Tor your needs Lear more By clicking Agree and Submit agree ihe API License Agreement and Terms of Use sos 138 WMS 308N Network Access Control Gateway User s Manual The API Username API Password and Signature will generated Click
135. ose button to close window Package 0 10 00 USD Unlimited Until End Time ESSID APOO Wireless Information KEY 1234567890 DNE NN Close Click Reboot button to activate your changes 74 WMS 308N Network Access Control Gateway User s Manual 4 3 2 4 Configure Local Radius Accounts WMS 308N provide Local Radius server authentication Please click on Service Domain gt Authentication gt Remote Radius Server the page of Remote Radius Server Setup will appear Administrator can add accounts by manual or import accounts file amp Service Domain gt Local RADIUS Accounts Management Group Setup Greugm Nares LHe rarest Group List Greup Neme Actions Group Nene AG Dep Delere Ed five Cua Local RADIUS Accounts List oho all Delet Show mnbriat La La i Pa Pat De scripaian 1 justin Coit Shawin 1 bo Lof 1 entries B Group Setup Enter the specified name on group and click Add button to create Up to 20 groups can added B Group List Display all of groups in the list click Delete option to remove group name and all of the accounts in this group will be removed click Edit option to change group name B RADIUS Accounts Setup Username Enter the username of account on local RADIUS authentication 4 16 alphanumeric and specify characters supported Password Enter
136. ote the billing type and quota of billing plan B Price Denote the price charged of billing plan B Actions Click an action button to perform the appropriate action gt Edit Click this option to edit the respective billing plan There are 10 billing plans can be edited gt Info Click this option to view accounts list and information of the respective billing plan 59 WMS 308N Network Access Control Gateway User s Manual Click on Service Domain Authentication On Demand and click Edit option on Billing Plans List the Billing Plan Setup page will appear amp Service Domain gt Billing Plans Setup gt Billing PlanO Setup Billing Flan Setup Display Item Option LUnismibed Ered Tene Price ALAALA Billing Plan Setup gt Service By default it s Disable To Enable to activate this billing plan Plan Name Enter plan name for this billing plan Price The price charged and currency for this billing plan The Paypal payment gateway does not support Customize Currency option Passcode Type There are different passcode type for this billing plan All Digit All Letters Mix Digit Letter Select All Letters or Mix Digit Letter the sub item should be shown up Select desired excluding letters for passcode of ticket databases p y y v Passcode Length Specify desired passcode length between 8 to 32 for this billing pla
137. p PheeNet Network Access Control Gateway Controller User s Manual Ver 1 0 0 WMS 308N Table of Contents Chapter TuBelore You Slat 5 hl al no enc M tI Oe ae en 5 1 2 Package CONICS wisi C ELI 5 Chapter 2 System OVEN VIC Wc oc ict eene tex 6 Zoi MWATKOGUGHOM OT VWWIMS SOGIN EI ee 6 22 SYSTCMI CONCEP we T 6 BES T 7 Chapter Base InstallallOfiS eoo donacione nandi od aee e S de ova 14 S NEL e REL 14 3 1 4 System Reguiremernts pae bo ad Dont inu 14 3 2 Panel F ncion DESCHIDUON Sins cons hi Nae eoi ee decia Vus 14 ako TE E Ie ae 16 0 27 SONWANE COMMGUI AN OM 17 SPP MEME Cio Eel END 17 3 2 2 QUICK ConflguFatloli uote etuer dau etc inte eu ue un doen dese zin bee rss vt Deu etd 19 Gruptan ciment hubo mA 22 Chapter 4 Web Interface Configuration 23 4 1 Connect WMS 308N to the external
138. p y y v ESSID Enter specified ESSID into the valid list MAC Address Enter specified MAC address of AP into the valid list Description Enter appropriate text to denote this valid AP Add Click this button to add valid AP into the list Actions Click an action button to perform the appropriate action Delete Click this button to remove the specified valid AP in the list m Rogue AP Summary List all of rogue APs within the signal coverage of the managed APs gt gt gt gt gt gt gt gt v Refresh Click this button to reload the page Host Name Denote the current hostname of the managed AP ESSID Denote the current ESSID of the rogue AP MAC Address Denote the current MAC address of the rogue AP Channel Denote the current Channel of the rogue AP Mode Denote the current mode of the rogue AP there will be AP or Ad hoc mode SSID Conflict If the rogue AP matched to Only When SSID Conflict condition there will be marked Intranet If the rogue AP matched to Uncontrolled AP connected to intranet condition there will be marked Valid AP If the rogue AP is in the Valid AP List there will be marked If you want to add valid AP from Rogue AP Summary move your mouse on specified rogue AP on the list and double click the specified rogue AP s ESSID and MAC address will display in the Valid AP List setting field Click Add button to add to list B Last Detection Time Denote the last
139. port m DHCP Denote the DHCP server status of the respective LAN VLAN B Actions Click this option to configure LAN VLAN s settings the setup page should be appear Below depicts an example for LAN 30 WMS 308N Network Access Control Gateway User s Manual IP Setup ress 192 160 2 254 PHetmask 255 255 255 0 Bandwidth Control Port Setup Port amp X X X PV DHCP Server P 1942 169 2 10 Lnd IP 1957 10508 2 70 DAS amp 8 3 DS a Lease Time 86400 Static Lease AMAT P 152 163 2 Add Pd Marne IF fddrecs Actions eme in ie liat B IP Setup VLAN Tag ID Virtual LAN the system supports 7 tagged VLAN port VLAN1 The valid values are from 1 to 4094 The default VLAN1 s tag VLAN7 s tag are from 101 to 107 IP Setup VLAN Tag lD IP Address IP Netmask 101 192 168 101 1 255 255 255 0 Some system and VLAN switch do not support VLAN tag 1 gt IP Address The IP address of the LAN VLAN port The default LAN s IP address as 192 168 2 254 and the default VLAN1 s VLAN7 s IP address as 192 168 101 1 192 168 107 1 gt IP Netmask The Subnet mask of the VLAN port default Netmask is 255 255 255 0 Bandwidth Control By default it s Disable To Enable to activate bandwidth control service Enable the desire option among Eve
140. ption Password The same Username account can t exist on different groups the Group option only for convenient management Export Accounts File Select the specified group on Group option and click Export button to save accounts of the specified group to PC The File Download window will appear 76 WMS 308N Network Access Control Gateway User s Manual File Download Do you want to save this file or find a program online to open it Mame local_radius_accounts dat Type Unknown File Type From 192 158 2 253 5 While files fram the Internet can be useful same files can potentially r2 harm your computer IF do nat trust the source do not find program to open this file save this file what s the risk B Search Enter a keyword to be searched in the text field and all matching the keyword will be listed B Username Denote the username of account on local RADIUS authentication B MAC Address Denote the MAC address of account on local RADIUS authentication B Description Enter appropriate text to denote this account B Group Denote the specified of account on local RADIUS authentication B Actions Click an action button to perform the appropriate action gt Delete Click this option to remove the specified account gt Edit Click this option to edit the specified account a These settings will become effective immediately after clicking the Save button
141. ption Enter the tickets databases description m Billing Type Type There are different billing policies for this tickets database One Time Multiple Times Volume and Unlimited Until End Time Select One Time or Multiple Times or Volume the Quota sub item should be shown up Quota Enter the time quota for One Time and Multiple Times policy the maximum volume allowed is 54 WMS 308N Network Access Control Gateway User s Manual 527040 minutes default is 60 minutes or enter the volume quota for Volume policy the maximum volume allowed is 102400 MB default is 10 MB Effective Starting Time Specify desired effective starting time for this tickets database Effective Ending Time Specify desired effective ending time for this tickets database Click Save button for create database of ticket Pregenerated Tickets Database List Shows all created ticket of database in the list gt Vvv v Import Tickets File Click this to upload the tickets of database Click Select File button to select the file for the tickets upload The Upload File message will appear Please Wait Upload File File ID Denote the identity number of the database Price Denote the price of ticket in the database Description Denote the additional information of database Actions Click an action button to perform the appropriate action Y Click this option to view information of each tickets database v
142. rd is used as an identity to login DDNS service Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 29 WMS 308N Network Access Control Gateway User s Manual 4 1 5 Configure Local LAN VLAN Network Here is the instruction for how to setup the local LAN VLAN IP Address and Netmask Please click on System gt LAN the LAN List should be appear This page shows information of LAN s VLAN s settings LAN VLAN Setup LAN VLAN List Bandwidth Control Up Down Kb VLAN No VLAN Tag ID IP Address DHCP Actions Individual Group Distribution Session LAN 192 168 2 254 0 On Edit VLANI 101 192 168 101 1 Edit VLAN2 102 192 168 102 1 0 On Edit VLAN3 103 192 168 103 1 0 On Edit VLAN4 104 192 168 104 1 Edit VLANS 105 192 168 105 1 0 On Edit 106 192 168 106 1 0 On Edit VLAN7 107 192 168 107 1 Edit m VLAN No Denote the system s VLAN port m VLAN Tag ID Denote the VLAN tag of the respective VLAN port Only for VLAN1 VLAN7 m Address Denote the IP address of the respective LAN VLAN port m Individual Denote the Individual Max Upload Download of the respective LAN VLAN port Group Denote the Group Upload Download of the respective LAN VLAN port Distribution Denote the Distribution Upload Download of the respective LAN VLAN port m Session Denote the Session of the respective LAN VLAN
143. rd of administrator gt Check New Password Please input again the new password of administrator B Admin Password Log in as admin user and is allowed to change its own Admin user also can change operator user s password Click Save button to activate the new password gt New Password Please input the new password of administrator gt Check New Password Please input again the new password of administrator B Operator Password Log in as a operator user and is not allowed to change its own Click Save button to activate the new password gt New Password Please input the new password of administrator 37 gt WMS 308N Network Access Control Gateway User s Manual Check New Password Please input again the new password of administrator Admin Login Methods The admin manager can enable or disable system login methods it also can change services port Click Save button to activate the admin login methods gt gt gt gt Enable HTTP Select Enable HTTP to activate HTTP Service HTTP Port Please input 1 65535 value to set HTTP Port default value is 80 Enable HTTPS Select Enable HTTPS to activate HTTPS Service HTTPS Port Please input 1 65535 value to set HTTPS Port default value is 443 s If you already have an SSL Certificate please click UploadKey button to select the file and upload it Enable Telnet Select Enable Telnet to activate Telnet Serv
144. rt TPP oP Service d Guest Service B Tine Policy Redirect URL fi Login Page Pregenerated Ticket Sn deena Local Radius LDAP EOT garra Aut en elf Aras Run Lir Taringlabe Page Domain 1 LAN EG on demand Local Users Remote Radius Garver LDAP Barer BOSS Sener E WAH Bort Ants IPPnP Service 2 Guest Service Qi Time Policy Redirect URL et off Ahay Fun Linie A Login Fag Template Page LAN Port Auth Type Pregenerated Ticket Local Remote Radiud Sarvcer LDAP SOS Sen irt WAN Burt Aubo TE Pa Service Guest Service i Time E alicy QAO Redirect URL alt et Always Run Lini Login rage Taemgla HT Paru Pamain 2 a LAN Part vy land JA Auth Typs Pregenerated T On demand Local Users LOAP Gerver IPD Server m WAN Pork Remote Radius Server Service of 8 Guest uere a Tims Policy Always Run F Redirect URL E nnb Login Page Template Page Domain 6 LAN Fart p Auth Type zregenerated Ticket Local Badius Sarva LOAD Sapa BOB Seer ee IAR Bart Auba Service ff i F Guest Service oj Time Policy Always Fun Redarect URL piak Login Page Template Dana L
145. s been completed successfully Step 1 Connect a client device e g Notebook with wireless interface to scan the configured ESSID of WMS 308N e g 00 and get associated with this ESSID 2 The client device will obtain an IP address automatically via DHCP from WMS 308N Open a web browser on a client device access any URL and then the DomainO s User Login Page will appear NAC Gateway Acoess Controler 2 Username testi gt Local Radius Leg JB Paseworndi esaas Please input Passcode Username and Password then you can use our Internet emma a 3 Enter the Username and Password of a Local Radius account previously generated via Quick Configuration e g test1 as the Username and 11111 as the Password then Click Login button Congratulation The Timer page will appear after a client has successfully logged into WMS 308N and has been authenticated by the system Now you are connected the network and Internet NAC Gateway Access Controller f Home Hello testi Connection Time 2011 01 05 19 32 38 Please Don t Close This Page 22 WMS 308N Network Access Control Gateway User s Manual Chapter 4 Web Interface Configuration WMS 308N provides functions as stated below where they can be configured via a user friendly web based interface OPTION System Service Domain AP Management Advanced Utilities Status WAN Ser
146. s PayPal account to continue External Payment Gateway Setup B API Username This is the Login ID E mail address that is associated with the PayPal Business Account B Password This is the Login Password that is associated with the PayPal Business Account B API Signature This the key used by Paypal to validate all the transactions B Invoice Number An invoice number may be provided as additional information against a transaction B Current No Show current invoice number B Billing Plan Setup List Enable Select specified the billing plan for this payment gateway Plan Denote the name of billing plan 65 WMS 308N Network Access Control Gateway User s Manual Type Quota Denote the billing type and quota of billing plan Price Denote the price charged of billing plan Information Click this button to view accounts information for PayPal amp Semice Domain gt Billing Pians Setup Payment Gateway Setup gt Payment Gateway Information umber 1005600004 Tickets per day C OMER T reb rimus VU Used 7010 06 17 2010 04 17 3010 04717 Jo10 08 17 Eus Hinutes Jie 21 18 24 21 19 49 21 18 24 21 18 24 21 19 45 EILLLPBARUCEESBE LL Ln B Payment Gateway Information Show current ticket s invoice number Click Edit button to enter Payment Gateway Setup page B Statistic Shows on demand users statistic information for this billing plan
147. se default password to access managed AP If managed AP can t get F W 93 WMS 308N Network Access Control Gateway User s Manual Version F W Date Mode and LAN Setting or display error message Error 401 Unauthorized on System Message field Enter the correct password on the respective managed AP and click Get Info button to get information on the respective managed AP or click Save amp Reboot AP button to change password of the respective managed AP B HostName Denote the current hostname of the respective managed AP B F W Version Denote the current firmware version of the respective managed B F W Date Denote the current firmware date of the respective managed B Mode Denote the current operating mode of the respective managed AP B LAN Setting Denote the current LAN setting of the respective managed AP the respective managed AP can configure LAN setting and click Save amp Reboot AP button to activated setting B LAN Setup Assign IP range for specify managed APs on LAN Setup field and click Save amp Reboot AP button to activated IP Address Specify Start IP address as desired to set up the managed APs Example If you select three managed APs and set start IP address to 192 168 2 60 then the three managed APs IP address range from 192 168 2 60 to 192 168 2 62 IP Netmask Specify IP netmask as desired to set up the managed APs IP Gateway Specify default gateway as desired to set up
148. service Session limit control Real Time Online Users Traffic Statistic Reporting Support local account roaming Seamless Mobility User centric networking manages wired and wireless users as they roam between ports or wireless APs Service Domain gt gt v Vv Vy V Integrating with WAP 854NP WAP 954GP and other PheeNet products to have Service Domain feature and each Service Domain can have its own settings The network is divided into maximum of 8 groups each defined by VLAN Tag Each Domain has its own 1 login portal page 2 authentication options 3 LAN VLAN interface IP address range 4 Session number limit control 5 Traffic shaping 6 IP Plug and Play IP PnP 7 Multiple Authentication Enable DHCP or not and DHCP address range Enable authentication or not Types of authentication options Local POP3 RADIUS LDAP On Demand and Pregenerated Web login logout redirected page customizable Default Policy B NAT or Route Mode B Specific Route WAN1 or WAN2 or a specified gateway B Login schedule E Bandwidth max min WMS 308N Network Access Control Gateway User s Manual gt Authentication Authentication single sign on SSO client with authentication integrated into the local authentication environment through local domain LDAP RADIUS POP3 MAC authentication Customizable Login and Logout Portal Pages Customizable Advertisement Links on Login Portal Page User authentication wi
149. set VAPO without VLAN tag the wireless clients can connect Internet via WAP 854NP with Pregenereaged Tickets authentication 147 Step 1 Verify WAN and System s Time WMS 308N Network Access Control Gateway User s Manual Step 2 Configure Service Domain set Domain 1 to On Demand authentication Domain 2 to Pregenerate Tickets authentication Domain 3 to Local Users authentication p LAN VLAN LAN r Auth Type Pregenerated Ticket On demand Local Users Remote RADIUS Server LDAP Server POP3 Server WAN Port Auto IP PnP Service off amp Guest Service off 2 a Schedule Always Run e Redirect URL Link Login Domain nali Ural Nama http domaln login Login Page Template Page Service Domaini LAN WLAN Auth Type WAN Port IP PnP Service Guest Service Schedule Service Domain2 r LAN WLAN WLAN Pregenerated Ticket Auth Pregenerated On demand E id On demand Local Users Local Users Remote RADIUS Server LDAP Server POPS Server Auto Off Off Always Run Redirect URL Link Login Domain Name Login Page domalni login Template Page Remote RADIUS Server LDAP Server POPS Server ect WAN Port Auto gt m Jo Login Domain Login Page B Schedule IP PnP Service off Guest Service off Always Run Redirect URL ink domain2 login Template Page Service Domain3 E
150. sscode list of ticket databases will be download from system Export Tickets Export Mode Export BIN 9 Export TXT printable Generate Format 9 XML O csv Generate Printable The selected ticket databases can be previewed on the screen Click Print button the tickets will be shown including the information of Passcode Price Start Time End Time and Available SSID on the screen Administrator can print tickets on the screen for customer Export Tickets Export Made Export BIN O Export TXT 9 Printable Below depicts an example for printable tickets Tansede PORL Zl Lac iud Parsee l asstede SAT Gol Price 10 LED Price EO LED Price 108 LED Price STI Start Time DOL 1 Start Tiig 2010001006 Le Start Time 2031 0108 17 02 90 Siart Timo 201 01 05 17200100 Lad Time 20210208 1700200 Ead Tims 20 1020S L7 00H00 Lad Time 202102 06 17 0000 Ead Tims 0000 05 L7 00H00 Wirte Cosa Wirless Losi Wirless Paidtede RIESANA Paiscade TCERIUXEKF SCOR Paiscad FEEL CT Price LEDS Price bid 126 Price 1 08 LEDS Price Sram Time 1 0G UI Siart Time ET 1 700 18 Sram Time 2021 0L 08 100 QU tart Time E6100 L 1300800 Ead Time 20210208 3 00 200 End 201 EG Lee Ead Time 203102 08 1 0592 End Timex 201 LOT 05 179090 Viirberi E5 ID Wirless FASI ESSID Wirless FASSIN 57
151. stem will automatically generate identity m LDAP Server List Service Denote the current status of LDAP server IP Address Port Denote the IP address and port number to connect to the external LDAP server Identity Denote the Administrator s Identity to access to the external LDAP server Actions Click an action button to perform the appropriate action v Edit Click this option to edit the respective billing plan There are 10 LDAP server can be edited Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 79 WMS 308N Network Access Control Gateway User s Manual 4 32 7 Configure POP3 Server The system supports authentication by an external POP3 authentication server Up to 8 POP3 server can be configured Please click on Service Domain Authentication POP3 the page of POP3 Server Setup will appear amp POPS Server Setup POPS Setup POP3 Server List P tet Dy Hast Pert im POP 2 i i m A A C r ics e p Ex fs Ga Click Edit to configure POP3 server the POP3 Server List m Setup gt Service By default it s Disable To Enable to activate this function Host Enter the Domain IP address of the external POP3 server Port Enter the authentication port of the external POP3 s
152. ters Description Up to 32 characters Space Remote RADIUS Primary Secondary Server IP A B C D IP Format Authentication Account Port 1 65535 Secret Key 1 64 characters LDAP Server IP A B C D IP Format Port 1 65535 Username 1 64 characters Password 1 16 characters Base DN 1 128 characters Account Attribute 1 64 characters Identity 1 128 characters POP3 Host Host name or IP address Port 1 65535 Walled Garden Walled Name 4 32 characters Space IP Address Domain A B C D IP Format or Domain Homepage URL Format Description Up to 32 characters Space Privilege List Device Name 4 32 characters IP Address A B C D IP Format or with 0 32 subnet mask MAC Address MAC Format 12 HEX characters Description Up to 64 characters Space 132 WMS 308N Network Access Control Gateway User s Manual Table A Web GUI Valid Characters continued Block Field Valid Characters Notification Sender From E mail Format SMTP Server A B C D IP Format or Domain Port 1 65535 default is 25 Username Length 1 64 0 9 A Z a z G _ Y 2 Password Length 1 64 0 9 A Z a z _ lt gt Receiver E mail E mail Format Sending Interval 10 4200 default is 1440 Billing Report Time hh mm Time format IP A B C D IP Format 133 WMS 308N Network Access Control Gateway User
153. teway User s Manual 4 3 3 3 Configure On Derrand Administrators can enable and configure this authentication method to provide clients access in a Hotspot environment Major functions include billing plans creation accounts creation accounts monitoring list thermal printer support billing report statistics and external payment gateway support There are three method to generate on demand accounts Generate by Manual Print from Thermal Printer Generate after Online Payments Click on Service Domain gt Authentication gt On Demand then the Billing Plans List page will appears fi Service Domain gt Billing Plans Setup Billing Plans List Status Plan Name Type Quota Price Actions 0 Off Package 0 Unlimited Until End Time 10 00 USD Edit Info 1 Off Package 1 Unlimited Until End Time 10 00 USD Edit Info 2 Off Package 2 Unlimited Until End Time 10 00 USD Edit Info 3 Off Package 3 Unlimited Until End Time 10 00 USD Edit Info 4 Off Package 4 Unlimited Until End Time 10 00 USD Edit Info 5 Off Package 5 Unlimited Until End Time 10 00 USD Edit Info 6 Off Package 6 Unlimited Until End Time 10 00 USD Edit Info 7 Off Package 7 Unlimited Until End Time 10 00 USD Edit Info Off Package amp Unlimited Until End Time 10 00 USD Edit Info 9 Off Package 9 Unlimited Until End Time 10 00 USD Edit Info B Status Denote the current status of billing plan B Plan Denote the name of billing plan B Type Quota Den
154. th UAM Universal Access Method 802 1X EAPoLAN MAC address Allow MAC address and user identity binding for local user authentication No Of Registered RADIUS Servers 2 Support MAC control list ACL Support Multiple Login service on one Accounts Support auto expired guest accounts Users can be divided into user groups Each group role may get different network policies in different service zones Max simultaneous user session TCP UDP limit Export Import local users list to from a text file Web based Captive Portal for SSL browser based authentication VV VV Authentication type B IEEE802 1X EAP LEAP EAP TLS EAP TTLS EAP GTC EAP MD5 RFC2865 RADIUS Authentication RFC3579 RADIUS Support for EAP RFC3748 Extensible Authentication Protocol MAC Address authentication Web based captive portal authentication v Authorization Authorization access control to network resource such as protected network with Intranet Internet bandwidth VPN and full stateful packet firewall Accounting Provides billing plans for Pregenerated accounts Provides billing plans for On Demand accounts Enables session expiration control for On Demand accounts by time hour and data volume MB Detailed per user traffic history based on time and data volume for both local and on demand accounts Support local RADIUS and external RADIUS server Contain 10 configurable billing plans for on dema
155. the current user s bytes in Packet Out Denote the current user s packets out Bytes Out Denote the current user s bytes out Start Time Denote the start time of current service users End Time Denote the end time of current service users Plan Denote the current user s billing plan y ve ve ve oV Payment Type Denote the current payment type there were show Cash or PayPal Cost Denote the current service charge Click Refresh button to reload the page 92 WMS 308N Network Access Control Gateway User s Manual 4 4 Control your Managed AP WMS 308N supports to manage up to 120 managed access points AP WLAN users are connected to the network via the managed APs and they can be configured in this section This section include the following functions Device Discovery Profile Management Batch Setup Management Group Setup Management Traffic Monitor AP Group Status Rogue AP Detection Notification and Website Monitor 4 4 1 Discovery Managed AP Use this function to detect all of managed APs in the local area network by the current discovery process Each discovered managed APs can configured Password IP address Netmask or Gateway Importing managed APs profile for Profile Management Please click on AP Management Device Discovery the Device Discovery page will appear amp Device Discovery ward LAH Sening Gad info Ure m IF HAC Are ame Venian mikt Mode Puri rni aERR
156. the managed APs DNS Specify primary and secondary DNS server IP as desired to set up the managed APs B System Message Display system message for each managed APs after clicking Save amp Reboot AP Start or Import to database button IP Address Denote the current IP address of the respective managed MAC Address Denote the current MAC address of the respective managed Message Display the current message of the respective managed AP v Error 401 Unauthorized System can t access managed APs after clicking Start or Discover button to detect and access managed AP The correct password must be entered on this field and Click Save amp Reboot AP button to activated setting Y Error Device already exist The same IP address or MAC address already exist the database Y Change IP xxx xxx xxx xxx System change IP address of the respective managed AP v Import to Database System import configuration profile of the respective managed AP to flash v Error Profile Download ERROR System can t download profile of the respective managed AP the IP address of managed AP need the same with controller 94 WMS 308N Network Access Control Gateway User s Manual Click Discover button the system will rescan managed AP To support switch discovery the WAP 954GP need use firmware version 2 0 16 or higher the WAP 854NP need use firmware version 1 1 5 or higher the CPE 2010G CPE 2000GN 1 ne
157. the password of account on local RADIUS authentication 4 16 alphanumeric and specify characters supported MAC Address Enter the MAC address of account on local RADIUS authentication optional v Description Enter appropriate text to denote this account Group Select the specified group on local RADIUS authentication default is None Click Save button to add new account all of accounts can be edited Username can not edit and deleted 19 WMS 308N Network Access Control Gateway User s Manual B Local RADIUS Accounts List Delete Select the specified group and click Delete button to remove accounts of the specified group Import Accounts File Select the specified group on Group option and click Select File button to select the text file for uploading the accounts of the specified group The Upload File message will appear Please Wait Upload File The upload file should be a text file and the format of each line is Username Password MAC Description without the quotes There must be no spaces between the fields and commas The MAC field could be omitted but the trailing comma must be retained When adding accounts by uploading a file the existing accounts in the embedded database uploading process will fail Below depicts an example for text file Password Username MAC Description test1 11111 00 11 22 33 44 55 01 the test1 user test2 22222 the test2 user Username Descri
158. this function and Disable to deactivate m IP Address Enter the IP address of the computer or server to be used as DMZ host only one DMZ host can be activate at any time period m Schedule Select specified time period for this rule Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 121 WMS 308N Network Access Control Gateway User s Manual 45 7 IP Routing The IP Routing Settings allows you to configure routing feature in the gateway The system supports RIP Routing Information Protocol and OSPF Open Shortest Path First dynamic routing and allows you to manually configure static network routes Please click on Advance gt IP Routing and follow the below setting Routing Setup OSPF Settings Routing Rules Enab p D Lio UM E nat g Reuter IE 102 168 0 254 LAN a De Bergk VLAN T Routing Rules List E Desrinarianm via SPF RIP cem IST Settings OSPF Settings Service By default it s Disable To Enable to activated OSPF routing service Route ID The router ID is typically derived by each router from its interface IP address Network Specify desired interface WAN1 WAN2 LAN or VLAN1 VLAN7 for sending and receiving of OSPF packets Area Default is 0 the range is from 0 to
159. tilities USB Storage Setup and follow the below setting amp USE Storage Setup USB Storage Setup Format USB Disk 23 Di Arten Fermar E Map Available Space 50 MB USB Storage Information Rat Vendor LEM Fl sh Disk 1 9445 B cn Used Space Available Space ex J GAHE IEICE m USB Storage Setup Select Enable Service to activate USB storage function The Upload File Space Size is in the range of 10 100 MB default is 50 MB This space size is for e map custom portal login page and managed AP s profile B Format USB Disk Click Format button to format USB storage device Please Wait S USB m device If you want to copy e map custom portal page and managed AP s profile to external USB storage you must click Format button first then Enable USB Storage Service m USB Storage Information Show detail informations of USB storage device If the status shows Off you should click Format button to activated 44 WMS 308N Network Access Control Gateway User s Manual 428 Format Database This function allows administrator to format system s database Click Format button to proceed and take around three minutes to complete Format Datebase Format Database Clear amp ccounts Tickets 1 Do not interrupt during format database including power on off as this may damage system 2 While system format database the Power Status Green LE
160. tion the timer page will appear Don t close Timer page Because the Logout button on this page If Timer Page doesn t appear in the browser please enter http s domainO login to open Timer Page see section 4 3 1 72 WMS 308N Network Access Control Gateway User s Manual Click on Service Domain gt Authentication gt On Demand to enter the Billing Plans Report page Administrator can get a complete report or a report of a particular period amp Service Domain gt Billing Plans Setup gt Billing Plan Report Search Create Time Range Search Result Search Time 2001 12 19 eee 202 011 i A Uv T misil Th Aurri Unii i Ma b 2E wi e emer al amp ubicia 12 159 2011 Cu 00 Demand Frinber CF Price I 1 2012 3 7 j Pix micah n Par 07000 TWH Tat 1 0 1 x USD Search Create Time Range B On Demand Type There are four type can be selected ALL Manually Create Payment Gateway and Thermal Printer B Start Time Specify desired search starting time B End Time Specify desired search ending time Search Selecta time period to get a period report The report tells the total income and individual accounting of each plan for all plans available for that period of time Print Administrator can print report on the screen Export CSV Administrator can download billing plan report to PC Search Result Shows search result of the specified time range
161. tity Denote the price charged on the ticket B Statistic Show the statistics of information in this database Passcode Type Denote the passcode type on the ticket Passcode Length Denote the passcode length on the ticket Denote the quantity of ticket in this database Y Ticket Qty Denote the quantity of created ticket in this database v Used Ticket Qty Denote the quantity of used ticket in this database Y Expired Ticket Qty Denote the quantity of expired ticket in this database v Total Price Denote the total ticket s price and currency in this database 56 WMS 308N Network Access Control Gateway User s Manual Export Tickets There are three methods to backup your information of ticket databases Export BIN The administrator can backup ticket database or copy to other WMS 308N Click Export button the ticket databases FilelD passcode bin will be download from system Below depicts an example for exporting tickets database File Download Do you want to save this file or find a program online to open it i Name passcode 00001 bin Type Unknown File Type From 192 168 1 254 While files from the Internet can be useful same files can potentially harm your computer IF vou do nat trust the source do not find program to open this file save this file what s the nek Export TXT There are three type of file list XML CSV and TXT only Passcode Click Generate button the pa
162. triggered by the event when a managed APs becomes unreachable during Auto Download Profile Interval period A trial email is provided by the system for validation The system also supports recording System Log On Demand User Log and Session Log via remote Syslog servers Please click on Service Domain Notification the page of Notification E mail Setup will appear and enter the related information and select the desired items and then apply the settings amp Notification Setup SMTP Server Setu D Sy slog Setup SMTP 1 SMTP 2 Notification E mail Setup Traffec Monitor IF F rail Dr mand Killing Asport i L5 n Leg pert a SMTP Server Setup There are two SMTP Server supported when two SMTP servers enabled the system use SMTP 1 for primary SMTP server and SMTP 2 for backup SMTP server Enabled Click Enabled to activated SMTP Server Sender From The E mail address of the administrator in charge of monitoring This will show up as the sender s E mail SMTP Server The IP address Domain of the sender s SMTP server Port The port of the sender s SMTP server Default is 25 A Sometimes SMTP server use Port 587 for TLS encryption and Port 465 for SSL encryption Encryption Some SMTP server need encryption linking for sending E mail The system provides encryption for sender s SMTP server 84 WMS 308N Network Access Contro
163. tton to activate your changes 78 WMS 308N Network Access Control Gateway User s Manual 4 3 2 6 Configure LDAP Server WMS 308N provide remote LDAP server authentication Up to 10 remote LDAP server can be configured Please click on Service Domain Authentication LDAP the page of LDAP Server Setup will appear Service Domain LDAP Server Setup LDAP Server LDAP Server List Service Port Edit Edit Edit lta manager Edit Edit Edit 10 Eai Hema df de p p DAF 5 CH 5 F Account Apribube lex Crib Click Edit option to configure LDAP server the LDAP Server List LDAP Server gt Service By default it s Disable To Enable to activate this function Server IP Enter the IP address of the external LDAP server Port Enter the Port of the external LDAP server default port is 389 gt Username Enter the Administrator s username to access to the external LDAP server Password Enter the Administrator s Password to access to the external LDAP server gt Base Enter the Base Distinguished Name DN in the Base DN field The base DN indicates the starting point for searches in this LDAP server v Account Attribute Enter the account attribute of the external LDAP server v Identity Enter the Administrator s Identity to access directory service Click on Auto Copy the sy
164. up in the list v Map Use this option to add maps or edit the current map s The system supports JPG JPEG PNG and GIF format amp Group Setup Management gt Map Setup 0 gene xdi Upload Map Name File Size Actions example 3 jpg 140 76 KB Preview Edit Delete example 4 jpg 268 45 KB Preview Edit Delete example 5 jpg 161 88 KB Preview dit Delete Total Use Space 571 08 KB Map Name Denote the current map s name File Size Denote the current map s size Actions Click an action button to perform the appropriate action Preview If multiple maps have been uploaded you can select which map you want to view using this option Edit Use this option to change map s name and define the scale of the map Delete Use this option to remove map 105 WMS 308N Network Access Control Gateway User s Manual Total Used Space Denote the current used storage space the total storage is 1MB for uploading e map Once you click the Edit link the Map Setup page will appear You can change Map Name and Scale Unit Use your mouse to click and hold to draw a line in the area that you want to use to set the scale of the map then the Setup Map Scale setting window will popup Enter the distance that the line represents in the Distance setting field then lick Confirm button to complete and the new scale value will be displayed at the right bottom of the map or Scale Unit setting field The distance is
165. via payment gateway created gt Ticket Qty Denote quantity of created ticket from payment gateway gt Used Ticket Qty Denote quantity of used ticket from payment gateway Expired Ticket Qty Denote quantity of expired ticket from payment gateway B Total Price Denote total ticket s price and currency from payment gateway B Tickets per day Show the bar chart of quantity of the ticket from payment gateway B Tickets List Show tickets information Plan Denote the billing plan on this ticket Code User can used Passcode of ticket for access Internet Type Quota Denote the billing type and service quota on this ticket gt Status Denote the current status on this ticket There three types of status Unused Used and Expired Create Time Denote the time of create on this ticket 66 v WMS 308N Network Access Control Gateway User s Manual Open Time Denote the time of the first time used on this ticket Start Time Denote effective starting time on this ticket End Time Denote effective ending time on this ticket Last Login Denote the last login time on this ticket Price Denote the price of the charged on this ticket Currency Denote the currency of the charged on this ticket bt y y V V V Actions Click an action button to perform the appropriate action v Delete Click this option to remove ticket from this billing plan When administrator click this option the alert message will
166. vice Domain Device Discovery DMZ Profile Setting Overview WAN Traffic Authentication Batch Setup Management IP Filter Firmware Upgrade Extra Info LAN Privilege List Group Setup Management MAC Filter Network Utility Event Log Function DDNS Walled Garden Traffic Monitor Virtual Server USB Storage Setup Management Notification Group Status Blacklist Format Database Time Server Online Users Rogue AP Detection IP Routing Reboot SNMP Log Info Website Monitor Time Policy After finishing the configuration of the settings please click Save button and pay attention to see if a Reboot message appears on the screen If such message appears system must be restarted to allow the settings to take effect All online users will be disconnected during restart 23 WMS 308N Network Access Control Gateway User s Manual 41 Connect WMS 308N to the external Network 4 1 1 Network Requirement Basically in general network environment the main role of WMS 308N is a Gateway It manages the entire network from internal network to Internet Then the first step is to prepare an Internet connection from your ISP and connect it to the WAN or WAN 2 port of WMS 308N 4 1 2 Configure WAN Port Here is instruction for how to setup the WAN There are two WAN port can selected and configured The connection types for each WAN port Static IP Dynamic IP PPPoE and PPTP Please click on System gt WAN and follow the belo
167. w setting A WAN Serun hth Eee 1 A E Static IP The administrator can manually setup the WAN IP address when static IP is available preferred WANT Setup Disable statici Dynamic IP pppoe Address 192 168 1 254 IP Netmask 255 25 2 2 22 0 IP Gate Way 1192 168 1 1 IP Address The IP address of the WAN port IP Netmask The Subnet mask of the WAN port IP Gateway The IP address of the host router which resides on the external network and provides the point of connection to the next hop towards the Internet This can be a DSL modem Cable modem or a WISP gateway router WMS 308N will direct all the packets to the gateway if the destination host is not within the local network Gateway IP address should be from the same address space on the same network segment as the WMS 308N s external network interface 24 WMS 308N Network Access Control Gateway User s Manual Dynamic IP This configuration type is applicable when the WAS 103R is connected to a network with the presence of a DHCP server all related IP information will be provided by the DHCP server automatically If the IP Address do not assigned from DHCP server the system need manual connect to DHCP server Hostname The Hostname of the WAN port PPPoE This configuration type is applicable when the WMS 308N is connected to a network with the presence of a PPPoE server WANT Setup
Download Pdf Manuals
Related Search
here hereditary heretic heredity here movie here comes the sun heretic definition hereditary meaning hereinafter heresy definition here\u0027s johnny hereby here comes the guide hereditary angioedema hereditary hemochromatosis here comes the sun lyrics heretic movie hereditary spherocytosis hereditary hemorrhagic telangiectasia herencia hereditary movie here to slay heredia costa rica heretic game heretic streaming here come the mummies