HS1200N User Manual
Contents
1. oo 80 SPAMMING Rs Rr eA U 8 ti ans A E ia meta dice T m I MTS 81 Changing BATS a arie Eo TEE ee em Pe OTt 84 Backup Restore and Reset to the Factory Default cccccsseeeeceeeeeeeeeseeeeeeeeeeceeeseaeeeeaseseeseeceaeseeaeseeaeseoasseoeneeeenessoneesoenesooes 85 NRI MN ET T c P M E 86 mit g acacia taal EIE S 86 sicing Tels decla atc te a a ia ea a ga wig EE eee ats is 87 MSs E eaters TT 87 FF ING NET Um Er 87 TAA oO e E E mm 87 ea Ae T e EE TE EE E E ES 87 So 3 19 il EIN RET 88 OT NS WV E NENNT m 88 Sy slem Staus and i e o RC assan E OO RD Dm E 90 NIG W ICU les SUG CNN TE T T Tm 90 we ciis belts ds E ME T UU m EE 90 wise EE E e EE eoe ND 92 ROUINO TADE NETT EE 96 Prucadd c 97 wcccoppE dM T 98 Balbo 98 Local User Monthly Network Usage Report sssssssssesssesseeseee nenne nennen nnn nne nni r1 21 seni EASA sae sae isa isa rais rai rai reg se sae sae sse rsen rna is 100 SV SIEM Reale DOS qu deese doa oerte qu ade E T orta ER Pica oe drei cuia d end Dodo cades ud E E di2. Main Menu gt Users gt Authentication gt Option gt Local gt Local User List gt Editing User Editing Existing User Data Username userO1 Password 123 MAC Address Applied Group Group 1 v Remark Enable Expire Time F Begin Date I i End Date l RADIUS There are two RADIUS authentication databases for configuration Click Configure for any one of RADIUS servers for further configuration The RADIUS server sets the external authentication for user accounts Enter the information concerning the primary server and or the secondary server the secondary server is not mandatory The fields with red asterisks are mandatory fields These settings will become effective immediately after clicking Apply NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 44 gt NetCommWireless External RADIUS Server Related Settings 802 1X Authentication Enable Disable LL Username Format Leave Unmodified Complete e g useri postfix Only ID e g useri NAS Identifier NAS Port Type 49 Default 19 Range 0 35 Accounting Delay Time 0 Deafult 0 Service Type 1 Default 1 Range 111 Class Group Mapping Configure DM amp CoA Settings Configure Acct Interim for users IP changed Enable Disable Acct Interim is sent when users IP are chagned if Enable Failover between RADIUS Serve
3. gt NetCommWireless Rear Panel LAN4 Console 5V 2A Restart Reset NUMBER INTERFACE DESCRIPTION Antenna Connector Attach the included WiFi antennas here The HS1200N offers 1 WiFi interface with 2 SMA connectors WAN For connecting wired external network For connecting to a wired internal network LAN 1 4 LAN 1 and LAN 2 are mapped to the Private Zone by default LAN 3 and LAN 4 are mapped to the Public Zone by default USB 2 0 Reserved for future use For connecting an RS 232 console cable to perform system management 08 Power Jack 5V 3A For connecting to the provided external power supply Siem eset I UE to restart the system Press and hold for more than 5 seconds to reset to factory default www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 9 A ZA NetCommWireless Wireless Ticket Generator Keypad Panel SAEPE TA af NetCommWireless E I i B Eat eem eA ETEEN EN K VESTS G E 2 PRAE ny M Ps ex LT XC EY ES e E LEDIN ert TIME NUMBER INTERFACE DESCRIPTION Keypad Used for entering a profile number to send to the printer for ticket generation Status LEDs Displays indicators for Power Ready Status Ethernet and WLAN Left Panel NUMBER INTERFACE DESCRIPTION 3 Ee IC TUTTO Press the button to restart the ticket generator Hold for 5 seconds and then release to restore to factory default settings TAS butto
4. www netcommuwireless com NetComm Wireless HS1200N Wireless N Hotspot FAA NetCommWireless External RADIUS Related Settings 2 D D D D D D 802 1X Authentication Enable Disable 802 1X authentication for users authenticated through this Server Username Format Select the format of the user login information required to be sent to the external RADIUS Server You may choose to send the username in Complete userlD Postfix Only ID or Leave Unmodified Please note that if the Leave Unmodified option is selected the system will send the input as is NAS Identifier This attribute is the string identifying the NAS originating the access request System will send this value to the external RADIUS server if the external RADIUS server needs this NAS Port Type Indicates the type of physical port the network access server is using to authenticate the user System will send this value to the external RADIUS server if the external RADIUS server needs this Account Delay Time This attribute adds flexibility for the gateway to process accounting requests in the time specified Default is set at O Service Type This attribute indicates the type of service the user has requested or the type of service to be provided required for some RADIUS servers that only accepts specified service types Class Group Mapping This function is to impose a Group on a RADIUS class attribute sent fr
5. 17 Configuring a billing PlaN ee eee eeseeee sence eee eeeeeeeeeaeeeea eases esseaeeeeaseeeaneeeeaeeseaeeseaseeeeseseeseesenssseaseesasesseaeeseeesoasessegesseneesonsesoenessonees 20 Integrating the HS1200N to your existing NETWOFK ccccceeseeeeeeeeeeeeeceneeeeeeeseaeeeseeeeasesseuseseaseeeenesseseseaaeesoaseseauessenessanessonnesoons 24 Conigurethe WAN DON M ITTT 24 Limiting WAN bandwidth and enabling WAN connection detection ssssssrsssrssrtesrttrittrtt trt artt 1ta nennen nnn nnn nnne rnnt ensure nnn 27 COM OCI ZO ee E T UR 28 Configuring the Wireless NODWOEK tase cc ccs ate us suse tuna ecu esi a a e Fusce dus Econ Le ea bee ste eee elo a aeaea 31 WiIFele SG Genera SSUINOS P Oo o mem 31 ZONE VUIPCIES Soe HEIN B cece ese IP NER 32 WV IPCIESS Layer 2 MOW AN Petre c Y Y I PA ER 35 Genene Pirowal RUGS CCK 35 Predefined and Custom Service MISS P CANT D Oo o S DEUS 38 PW UNC o NEN UNE NR mme 40 Gonfig ning NetWork ACCESS iucisecoesacciss cua Ge ard sEsu Ru Gia Tou o EEURP Roca daas OD ea aS RIA PE AND IRAN SI A EPA DD od URINE EN D NN SEIN DEO MN DS NOU Tror DEUS 41 ijo c r 41 Eaa e gece H TP Q 41
6. Main Menu gt System gt WAN WAN Interface Setting S Status Static Use the following IP settings Dynamic IP settings assigned automatically Learn DNS Server Address During Negotiation WAN Preferred DNS Server Alternate DNS Server PPPoE PPTP www netcommuwireless com NetComm Wireless HS1200N Wireless N Hotspot 25 A gt NetCommWireless PPPoE Select PPPoE if you wish to have your gateway manage the status of the internet connection Set the Username Password MTU and Clamp MSS fields When Dial on Demand is enabled the gateway automatically disconnects the internet connection when the configured Maximum Idle Time is reached c i system Users Network Utilities oN Lm N D General WAN wan Traffic V reve LAN Port Mapping ee Zones a AI 1 Main Menu gt System gt WAN WAN Interface Setting amp Status Static Use the following Dynamic IP settings ass PPPoE Username Password MTU WAN Clamp MSS Dial on Demand Preferred DNS Server Alternate DNS Server PPTP IP settings igned automatically 1492 bytes Range 1000 1492 1350 bytes Range 980 1400 O Enable Disable Learn DNS Server Address During Negotiation E I PPTP PPTP is a method used to connect the gateways internet connection If supported by your ISP you will h
7. Disable Merchant Password Payment Gateway URL Verify SSL Certificate ES https ww w securepay com au xmlapi payment Enable Disable Default v Currency AUD Australian Dollar Y x Service Disclaimer Content We may collect and store the following personal information physical contact information credit card numbers and transactional information based on your activities on the Internet service provided by us Plan D C N Ci Ul amp W hM j l Choose Billing Plan for SecurePay Payment Page Enable Enable Enable Enable Enable Enable Enable Enable Enable Enable Enable Disable Disable Disable Disable Disable Disable Disable Disable Disable Disable Disable SecurePay Payment Page Remark Content You must fill in the correct credit card number and expiration date Card code is the last 3 digits or the Quota Security code located on the back of your credit card NetComm Wireless HS1200N Wireless N Hotspot 134 Price WWwW netcommwireless com gt NetCommWireless SecurePay Page Configuration Merchant ID The ID that is associated with the Merchant Account Merchant Password This is the key used by Secure Pay to validate all the transactions Payment Gateway URL The default website address to post all transaction data Verify SSL Certificate This is to help protect the system from accessing a website other than Secure Pay Cur
8. E 5 large raude seesand EEN AEE ENEAS ENE T SE EEEE EEEE S 5 FMS SS E H 7 piece E E E E E E E E E 5 Produc INTOUCH O M csini aE EEA EEE EEEN EA ENE ENE EEE EEEE EEEE EEEE ETENE 6 PoU TOVON I ON ornon n n E we teaaibesless eee tee 6 P T E E E ETE E sn dere T E EE E EE O 6 E c EEEE ec o EUN crane EE E A AA EE eer an eee T EE A E N EO E T E T ET Z BA CN AUS PNY T Emm 8 wire SS IN IOUS OO in MT Tc 8 Muze cie I OF ERR Tee 10 mini TT T oe tee pc oe tne to weet denned E cere aarti eae E ete eae 12 Elasin ENTS eI eects Tc Cc 14 WAITS SS TORSO OG eco c 14 Wireless Ticket Generator and Thermal Printer cisi iios2ssaccuidsnetiawhacodanseasedduokcdacenitess iusdasedewonssnddmopntacwnsdvnedduelataddesensaddnegnseuaediventdeabstanenseenediuntes 14 sro ONG a Wireles Connec eR nner daatend den techs see tentasawsenieshabantadee tach aiietentaienieeeest E EE E 14 OT kolica s Do asst ca t eee TU I et 15 CONMOUIANOM SIDS T T 15 SS UI MEME EE E E E Dcum 17 e Nen rro ENERO PPETTE P O
9. Network Interface Operation Mode Contains NAT mode and Router mode When NAT mode is chosen service zone runs in NAT mode When Router mode is chosen this zone runs in Router mode IP Address The IP Address of this zone Subnet Mask The subnet Mask of this zone DHCP Server Related information needed for setting up the DHCP Server is listed here To further configure the DHCP Server click the button Configure Please note that when Enable DHCP Relay is enabled the IP address of clients will be assigned by an external DHCP server The system will only relay DHCP information from the external DHCP server to downstream clients of this Zone D D 4 Start IP Address End IP Address A range of IP addresses that the built in DHCP server will assign to clients Note please change the Management IP Address List accordingly at System gt gt General gt gt Management IP Address List to permit the administrator to access the gateway admin page after the default IP address of the network interface is changed Preferred DNS Server The primary DNS server that is used by this Zone D Alternate DNS Server The substitute DNS server that is used by this Zone DI Domain Name Enter the domain name for this zone WINS Server The IP address of the WINS Windows Internet Naming Service server if WINS server is applicable to this zone Lease Time This is the time period when the IP addresses issued fro
10. Value Description String including Result and error messages Redeem process completed Original user name can not be found from the database Redeem user name can not be found NetComm Wireless HS1200N Wireless N Hotspot 147 lt gt NetCommWireless from the database Original user password is incorrect Redeem user password is incorrect Original user type and ondemand user type do not match Original user has not login Hedeem user login already Had been redeemed before User run out of quota Maximum allowable time is exceeded Maximum allowable memory space is exceeded Wrong postfix please check it This account is expired On demand account creation Local User LAN IP address or Internal Domain Name loginpages UserAuthentication OnDemandHRecept shtml Path Input Field Required buttonNo Required random Optional ret url Optional Output Value Integer 1 10 Description Biling Plan No Integer A random number this number is to prevent quick click issue in IE 6 0 String URL encoded Return URL If no ret_url is presented the client would be redirected to a ticket page in our UI style If ret_url is presented client would be redirected to ret_url and receive the result containing created on demand account information Field Result Value String the format is separated by username password expiretime usage price duration serial number
11. 39 lt gt NetCommWireless Advanced Advanced Firewall Settings can be enabled to supplement the firewall rules providing extra security enhancement against DHCP and ARP traffic traversing the available interfaces of the system General WAN Y WAN Traffic IPv6 Y LAN Port Mapping Service Zones Y Layer 2 Firewall Main Menu gt System Layer 2 Firewall Enable Disable Advanced Firewall Settings Enable Disable DHCP 5nooping Trust DHCP Server List Enable Disable Force DHCP O Enable 9 Disable Broadcast Enable 9 Disable Static List Apply ARP Inspection DI DHCP Snooping When enabled DHCP packets will be validated against possible threats like DHCP starvation attack In addition the Trusted DHCP List IP MAC can be used to specify legitimate DHCP servers to prevent rogue DHCP servers D ARP Inspection When enabled ARP packets will be validated against ARP spoofing i Force DHCP option when enabled the AP only learns MAC IP pair information through DHCP packets Since devices configured with static IP address do not send DHCP traffic any client with a static IP address will be blocked from internet access unless its MAC IP pair is listed and enabled on the Static List i Broadcast can be enabled to let other access points with an L2 firewall feature learn the trusted MAC IP pairs to issue ARP requests iy Static List can be used to add MAC or MAC IP pairs
12. Description Item Name E mail Header Service Disclaimer Content Client s Purchasing Record Hotspot _ _ 00000 j Change the Number Internet Access j Enjoy Online View service agreements and fees for the standard payment gateway services here as well as adding a new or editing service disclaimer Choose Billing Plan for Authorize Net Payment Page These 10 plans are the plans configured in the Billing Plans page and all previously enabled plans can be further enabled or disabled here as needed Client s Purchasing Record Starting Invoice Number An invoice number may be provided as additional information for a transaction The number will be incremented automatically for each following transaction Click the Change the Number checkbox to change it Description Item Name This is the item information to describe the product for example Internet Access Email Header Enter the information that should appear in the header of the invoice NetComm Wireless HS1200N Wireless N Hotspot 130 WWwW netcommwireless com gt NetCommWireless Authorize Net Payment Page Fields Configuration Authorize Net Payment Page Remark Content Authorize Net Payment Page Fields Configuration Displayed Text Required Credit Card Number Credit Card Number Credit Card
13. Login with SSL To configure HTTPS go to System gt gt General HTTPS HTTP over SSL or HTTP Secure is the use of Secure Socket Layer SSL or Transport Layer Security TLS as a sub layer under regular HTTP application layering HTTPS encrypts and decrypts user page requests as well as the pages that are returned by the Web server The HTTPS Protected Login function makes the client s login more secure Enable it to activate https encryption or disable it to activate http non encryption login page General Settings for the Entire System System Name Wireless Hotspot Gateway Administrator Contact Information Suspend Warning Message Sorry The service is suspended Internal Domain Name gateway example com Use the name on the security certificate FQDN of this device for internal use e g controller office name com Disclaimer Page Enable Disable 9 Specific Original None http www google com e g http wwww example com Portal URL Browser ID User Agent IEMobile 7 0 XBLWP7 e g IEMobile 7 0 XBLWP7 separate by comma UAM Filter User Log Access IP Address e g 192 168 2 1 Management IP Address List Enable Disable SNMP HTTPS Certificate Default CERT NetComm Wireless HS1200N Wireless N Hotspot 70 WWwW netcommwireless com gt NetCommWireless Internal Domain Name with Certificate To configure In
14. NetComm Wireless HS1200N Wireless N Hotspot 148 Description If ret url is presented the client would be redirected to ret url page and carry the result valuable expiretime is account expiration time which is a Linux time stamp and duration is account duration time and the unit is day serial number is account s n WWwW netcommwireless com
15. Refresh DHCP Lease List Valid IP addresses issued from the DHCP Server and related information of the client using this IP address is displayed here DHCP Logs Statistics List DHCP Lease Log DHCP Lease List No IP Address MAC Address Host Name Vian Lease Expires 1 192168 14 00 40 96 31 af dd x30 a42 o 2011 03 19 17 13 49 2 192 168 1 4 00 1d 73 3b 73 3e AC109 HB 0 2011 03 19 18 32 35 0 3 192 168 1 76 cc 08 e0 04 80 cf 2011 03 19 19 01 04 Notification To configure Notification go to Status gt gt Report amp Notification The gateway can automatically send the notifications of Monitor IP Report Users Log On demand User Log Roaming Out Users Log Roaming In Users Log Firewall Log Session Log and On demand User Billing Report to up to 5 particular e mail addresses A trial email is provided by the system for validation Secondly the system supports recording of Users Log On demand Users Log Roaming Out Users Log Roaming In Users Log Session Log Firewall Log and Local HTTP Web Log HTTP Web Log and DHCP Server Log via external SYSLOG servers Thirdly Users Log On demand Users Log Roaming Out Users Log Roaming In Users Log Session Log On demand User Billing Report Local HTTP Web Log HTTP Web Log WMI Configuration Log DHCP Lease Log and Traffic Report can also be configured to be sent to an external FTP server In addition the Event Log section on WMI displays clients asso
16. System Name Wireless Hotspot Gateway Administrator Contact Information Suspend Warning Message Sorry The service is suspended gateway example com Use the name on the security certificate FQDN of this device for internal use e g controller office name com Internal Domain Name Disclaimer Page Enable Disable 9 Specific Original None http www google com e g http vwww example corm Portal URL Browser ID User Agent IEMobile 7 0 XBLWP7 e g IEMobile 7 0 XBLWP7 separate by comma UAM Filter Configure User Log Access IP Address e g 192 168 2 1 Management IP Address List opecify an IP address of the administrator s computer or a billing system to get billing history information of the gateway with the predefined URLs The file name format is yyyy mm dd such as the following Traffic History httos 10 2 3 213 status history 2012 02 10 On demand History httos 10 2 3 213 status odhistory 201 2 07 10 www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 19 LE Zw NetCommWireless SNMP To configure SNMP go to System gt gt General The gateway supports SNMP v1 v2c If this function is enabled the SNMP Management IP and the Community string can be assigned for SNMP management applications to access the system General Settings for the Entire System System Name
17. Threshold determines the packet size at which the system issues a request to send RTS before sending the frame to prevent hidden node problems The HIS mechanism will be activated if the data size exceeds the value provided A lower RTS Threshold setting can be useful in areas where many client devices are associating with the gateway or in areas where the clients are far apart and can detect only the gateway but not each other The default value is set at 2346 D Fragment Threshold Enter a value between 256 and 2346 The default value is 2346 A packet size larger than this threshold will be fragmented sent with several pieces instead of one chunk before transmission A smaller value results in smaller frames but allows a larger number of frames in transmission A lower Fragment Threshold setting can be useful in areas where communication is poor or disturbed by a serious amount of radio interference Broadcast SSID The administrator has the option of enabling or disabling the SSID for VAP2 which is the Public Zone The default value is set to Enable where users will be able to scan for the SSID D D Station Isolation By enabling this function all stations wirelessly associated to this zone are isolated from one another and can only communicate with the gateway D WMM Wi Fi Multimedia WMM is a Quality of Service QoS feature that prioritizes wireless data packets based on four access categories voice vide
18. V 01 00 01 59 v 7 V 7 7 7 7 02 00 02 59 vi i i a m m y 03 00 03 59 m o Hg amp y uw m F 04 00 04 59 iv e J og FA og F 05 00 05 59 VI v iV IV I V vi 06 00 06 59 iv 7 E V V E V www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 59 A gt NetCommWireless Firewall To configure the firewall Click User gt gt Firewall Click Predefined and Custom Service Protocols to edit the protocol list Click Firewall Rules to edit the rules Up to 5 profiles can be configured Firewall Configuration Profile 1 Select Profile Profile 1 v Predefined and Custom Service Protocols User Firewall Rules eo i Firewall Rules IPv6 poem Predefined and Custom Service Protocols Predefined and Custom Service Protocols There are predefined service protocols available for firewall rule editing Firewall Profile 1 Service Protocols List No Name Description 0 AL ALL 1 ALL TCP TCP Source Port 065535 Destination Port 065535 2 ALL UDP UDP Source Port 0 65535 Destination Port 0 65535 3 ALL ICMP o ICMP Type nw Code Any F 4 FTP TCP UDP Destination Port 20 21 5 HTTP TCP UDP Destination Port 80 6 HTTPS TCP UDP Destination Port 443 7 POP3 TCP Destination Port 110 8 SMTP TCP Destination Port 25 9 DHCP UDP Destination Port 67 68 10 DNS TCP UDP Des
19. Wireless Hotspot Gateway Administrator Contact Information Suspend Warning Message Sorry The service is suspended gateway example com E i i is Dinin aes gateway example con Use the name on the security certificate FQDN of this device for internal use e g controller office name com Disclaimer Page Enable Disable Specific Original None http www google com e g http vww example com Portal URL Browser ID User Agent IEMobile 7 0 XBLWP7 e g IEMobile 7 0 XBLWP7 separate by comma UAM Filter Configure User Log Access IP Address T e g 192 168 2 1 Management IP Address List Configure 9 Enable Disable SNMP SNMP Configuration List Item Manager IP Address Read Community Write Community 4 t 1 10 i NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 80 A gt NetCommWireless Administration The gateway supports customizable administration account types namely Super Group Manager On Demand Manager or Operator The default predetermined group of the Administrator is Super group and the username and password are as follows Admin The administrator can access all configuration pages of the gateway Username admin Password admin NetCommUvireless userna
20. accounts cannot be created by clicking Create Please go back to Billing Plans to activate at least one Billing plan by clicking Edit and Apply to activate the plan The printer used by Print is a pre configured printer connected to the administrator s computer On demand Account Creation Plan Account Type Quota Price Status Function 1 Usage time 15 min s connection time quota with expiration 10 91 Enabled 2 Usage time 11 min s connection time quota 1 Enabled 3 Hotel Cut off time Valid until 12 00 the following day 5 Enabled 4 Duration time Valid from 2010 07 14 12 00 00 til 2010 07 14 23 59 00 1 Enabled i 5 N A N A N A Disabled Create 6 N A N A N A Disabled Create m i i I N A d N A N A Disabled Create 8 N A N A N A Disabled Create 9 N A N A N A Disabled Create m 0 N A N A N A Disabled Create Plan The number of a specific plan Account Type Show account type of the plan in Usage time Duration time or Hotel Cut off Quota The total amount of time interval or traffic volume for On demand users to access the network For Time users it is the total time For Volume users it is the total amount of traffic Price For each plan this is the unit price charged for an account Status Show the status in enabled or disabled Function Press Create for the desired plan and Creating an On demand Account will appear fo
21. day s o hour s Range of hour s 0 23 they cannot both be zero Valid Period After activation account will be expired in 1 day s Must be larger than O Price Group Group 1 ust bt Range 0 100000 including two digits after decimal point e g 1 99 Reference 1 Hour Billing Plan TIP If the Account Type is Usage Time Custorner can access internet as long as the account is valid within the valid period with remaining quota connection time Customer also needs to activate the issued account within a given time period by logging in for the first time NetComm Wireless HS1200N Wireless N Hotspot 22 Apply Group 1 Group 1 Group 1 Group 1 Group 1 Group 1 Group 1 Group 1 Edit Edit Edit Edit Edit Edit Edit Edit Edit WWwW netcommwireless com gt NetCommWireless This example shows you how to configure a billing plan for one hour of access 8 From the Account Type drop down list select Usage time 9 Select the With Expiration Time option 10 Set Quota to O day s 1 hr s and O min s 11 Set Account Activation to 1 day s O hour s This means the account must be used within 1 day or it will become inactive 12 Set Valid Period to 1 day s This means that after the account has been activated it will expire in 1 day 13 Set Price to whatever you wish to charge the customer for 1 hour of internet acce
22. mechanisms Only Plain and Login can use the UNIX login password Netscape uses Plain Outlook and Outlook express use Login as default although they can be set to use NTLMv1 Pegasus uses CRAM MD5 or Login however the method to be used can not be configured Notification E mail Settings Receiver Email Address es Up to 5 e mail addresses can be set up to receive the notification There are eight kinds of notification for selection Monitor IP Report Users Log On demand Users Log and Session Log check the selection box to choose the type of notification to be sent Interval The time interval to send the e mail report www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 103 lt gt NetCommWireless SYSLOG SYSLOG Server Settings There are 9 types of SYSLOG supported Users Log On demand Users Log Roaming Out Users Log Roaming In Users Log Session Log Firewall Log Local HTTP Web Log HTTP Web Log and DHCP Server Log Enter the IP address and Port number to specify the SYSLOG server where the report should be sent to Except for System Log each supported log may be assigned Tag information as well as SYSLOG standard attributes Severity to meet the filtering requirements on the SYSLOG Server HTTP Web Log can further select which Service Zone Web interface information to log For each type of log information whenever an incident occurs and data is updated the updated log will be immediately sent to the con
23. open the shell of RADIUS server for example use Putty to access the Linux host iS PuTTY Configuration Category E Session Logging El Terminal Keyboard Bell Features Window Appearance Behaviour Translation Selection Colours El Connection Data Prog Telnet Hloain w SSH Serial Step 1 Basic options for your PuTTY session Specify the destination you want to connect to Host Mame for IP address Fort 10 2 3 217 ae Connection type Raw Telnet Alogin SSH Serial Load save or delete a stored session Saved Sessions Default Settings Save Close window on exit Always Never Only on clean exit Confirm the following key elements in the RADIUS server users groups Verify whether there are already users in the RADIUS Server Verify whether there are already Groups and assigned users belonging to these Groups in the RADIUS Server Step 2 Log in to the Linux host of the RADIUS server e Li LI d wmwianalinux login as vivian um F I vivianBi0 2 3 217 Last login Thu Oct 3 Geer pees ay wiviani linux step 3 4006 from 10 29 24 Create a file dictionary HSG under the freeradius folder wiviand linux Step 4 share freeradius dictionary Edit and save the contents of the file dictionary HSG as follows ATTRIBUTE Administrator can also add other attributes
24. to None Policy on User list Then userO1 logged in to Public Zone will be applied with the Global Policy In conclusion the Global Policy has the lowest policy priority the User Policy has the highest priority www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 111 A gt NetCommWireless Appendix B WDS Management The Public Zone of the gateway supports up to 2 WDS links WDS Wireless Distribution System is a function used to connect APs Access Points wirelessly to extend wireless coverage The WDS management function of the system can help administrators to setup two WDS links To configure WDS go to System gt gt Service Zones click Configure in Public zone General General w WAN WAN Traffic Neve LAN Port Mapping N Service Zones ae had 2 Firewall Main Menu gt System gt Service Zone Service Zone Settings Default A n DHCP Pool Details m venies se Policy 1 192 168 110 1 192 168 110 2 197 168 110 100 Configure Enabled Private Policy 1 192 168 120 1 N A 192 168 120 2 dicm 192 168 120 100 Enabled WDS Wireless Distribution System is a function used to connect APs Access Points wirelessly The WDS management function of the system can help administrators to setup two WDS links WDS1 Settings Public WDS Status Enable Disable Basic MAC Address of Remote AP Security Type WEP Y WEP Key Length 64 bits v
25. Bytes in Bytes Out Pkts In Pkts Out and Message of user activities Roaming In User Log Each line is a roaming in traffic history record consisting of 22 fields Date Type Name NSID NASIP NASPort UserMAC UserlP SessionlD SessionTime Bytes in Bytes Out Pkts In Pkts Out Message and other information of user activities are included www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 99 LES lt gt NetCommWireless Local User Monthly Network Usage Report To view Local User Monthly Network Usage go to Status gt gt User Log Monthly Network Usage of Local User The system keeps a cumulated record of the traffic data generated by each Local user in the last 2 calendar months Each line in the Monthly Network Usage of Local User record hyperlinked consists of 6 fields Username Connection Time Usage Packets In Bytes In Packets Out and Bytes Out of user activities Username Username of the local user account Connection Time Usage The total time used by the user Pkts In Pkts Out The total number of packets received and sent by the user Bytes In Bytes Out The total number of bytes received and sent by the user Download Monthly Network Usage of Local User Click the Download button for outputting the report manually to a local database Monthly Network Usage of Local User Month No of Entries Usage Data 2009 04 1 Download A warning message will then appear Click Save t
26. Click Select hyperlinked to pick up a color for each item and fill in your copyright message You can also upload a Logo image file for your template with the Preview and Edit the Image File button Click Configure to access the setup for the corresponding page where you can change the text displayed as you wish After setting is finished click Preview to see the result If you are happy with the customized pages click Apply to activate the changes made Uploaded Page Choose the Uploaded Page option if you wish to upload your own html coded page Click Configure for each custom page and upload the HTML file and corresponding image files and click Apply After applying the setting the new login page can be previewed by clicking Preview button External Page Choose the External Page option if you wish to use user pages located on a designated website Click Configure for each custom page and enter the URL of its corresponding external login page and click Apply After applying the setting the new login page can be previewed by clicking Preview button NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 110 gt NetCommWireless Appendix A Policy Priority Global Policy Authentication Policy and User Policy The gateway supports multiple Policies including one Global Policy and 5 individual Policies can be assigned to different Authentication Server Global Policy is the system s universal policy and is ap
27. Domain Host filtering is not Source Destination Subnet Mask Select the source and destination subnet masks Source MAC Address The MAC Address of the source IP address This is for specific MAC address filtering Service Protocol These are defined protocols on the service protocols list to be selected Schedule When schedule is selected clients assigned with this policy are applied the firewall rule only within the time checked There are three options Always Recurring and One Time Recurring is set with the hours within a week Action for Matched Packets There are two options Block and Pass Block is to prevent packets from passing and Pass is to permit packets passing QoS Profile Up to 5 QoS profiles can be configured for certain applications or users that need stable bandwidth or traffic priority Bandwidth Control can only be Enabled when Bandwidth limits on WAN has been Enabled Traffic Configuration Profile 1 Select Profile Profile 1 v Traffic Class IPv4 Bandwidth Control Enable Disable Group Total Downlink 0 Mbps Y unlimit 0 Range 1 999 Individual Maximum Downlink 0 Mbps Y unlimit 0 Range 1 999 Individual Request Downlink 0 Mbps unlimit 0 Range 1 999 Group Total Uplink 0 Mbps unlimit 0 Range 1 999 Individual Maximum Uplink 0 Mbps unlimit 0 Range 1 999 Individual Request Uplink 0 Mbps Y unlimit 0 Range 1 999 Traffic Class Traffic Class can be chosen for users
28. Edit Profile a EIN zu LII ife 1l evel nta LI Ei TF the support of proprietary MAS features Unless individual i ifie the Cc AV Parys Allowed Certificate O1D policy controls ae Microsoft Specifies the certificate purpose or usage abject identifiers aenerate Class Attribute Microsoft Species whether A5 automatically generates the class al If connection re Generate Session Timeout Microsoft Species whether AS automatically generates the session C Deny remote Ignore U ser Dialin Properties Microsoft Specifies that the user s dial in properties are ignored CHEE EE 4 M5 Quarantine PFilter Microsoft Specifies the IP traffic filter that is used by the Routing anc M5 Quarantine Session T imeout Microsoft Specifies the time in seconds that the connection can rer Tunnel T ag Microsoft Description not yet defined LISH ACEM Tvpe U S Robotics Inc Description not yet defined USA AT Call lnput Filter US Robotics Inc Description nat yet defined USR AT Call Output Filter US Robotics Inc Description not yet defined USR AT Input Filter U S Robotics Inc Description not yet defined USA AT Output Filter U S Robotics Inc Description not yet defined LI SR A amp T RTMP Input Filter U S Robotics Inc Description not yet defined USA 4T ATMP Output Filter U S Robotics Inc Description nat yet defined USA 4T 2ip lnput Filter U S Robotics Inc Description not yet defined mn 4 k 9 a Js otep 4 Add a new att
29. N Hotspot 87 LS Zw NetCommWireless Monitor IP Link To configure Monitor IP Link go to Network gt gt Monitor IP The gateway will send out a packet periodically to monitor the connection status of the IP addresses on the list On each monitored item with a WEB server running administrators may add a link for easy access by entering the IP selecting the Protocol to http or https and then clicking Create After clicking Create the IP address will become a hyperlink and administrators can easily access the host remotely by clicking the hyperlink Click the Delete button to remove the hyperlink if needed Monitor IP List No Protocol IP Address Hyperlink Remark 1 http v Create 2 http Greate 3 http Create 4 http v Create 5 http v Create 6 http v Create 7 http v Create 8 http Create 9 http v Create 10 http Create Console Interface Via the console port administrators can enter the console interface to handle problems and situations occurred during operation In order to connect to the console port of the gateway a console modem cable and a terminal simulation program such as the Hyper Terminal are needed If a Hyper Terminal is used please set the parameters as 9600 8 None 1 None Caution The main console is a menu driven text interface with dialog boxes Please use arrow keys on the keyboard to browse the menu and press the Enter key to make selection or
30. Profile IPv4 IPv6 and Privilege Profile which will be applied to all users unless the user has been regulated by another individual Policy Policy Configuration Global Policy Select Policy Global v Firewall Profile Configure Specific Route Profile Configure Specific IPv6 Route Profile Configure Privilege Profile Configure Select Policy Select a desired policy profile to configure Firewall Profile Global policy and policy 1 5 all have a firewall service list and a set of firewall profiles which is composed of firewall rules Specific Route Profile When Specific Routes are configured here all clients applied with this policy will access the specific destination through these gateway settings Specific IPv6 Route Profile The routing rules to be applied to users using IPv6 under this policy may be configured here NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 58 a gt NetCommWireless Privilege Profile Enable or Disable Users privilege to change password Administrator can set the maximum sessions per user here Policy 1 Policy 5 Beside Global Policy Policy 1 to Policy 5 each consists of access control profiles that can be respectively configured and applied to a certain authentication server or user Policy Configuration Policy 1 Select Policy Policy 1 v Firewall Profile Firewall1 v Configure QoS Profile Traffici v Configure Specific Route Prof
31. Required Required Required Required Required Required Value Description 1 have to be 1 String Old password String New password String Confirmed new password String URL encoded Return URL Client would be redirected to ret_url and gateway would add result in ret_url which indicates the result of changing password Field Result Redeem On demand user Path Value String including Change password successfully User password is incorrect Invalid password format LAN IP address or Internal Domain Name loginpages redeemuserlogin shtml Input Field Uid upassword myusername mypassword ret url Output Required Optional Optional Required Required Optional Value string string String String String URL encoded Description Result and error messages Description Current user ID If not presented user name stored in cookie is the default value Current user password If not presented password stored in cookie is the default value Redeem user ID Redeem user password Return URL login successful page is the default value If no ret_url is presented client would be redirected to login successful page and in addition a JavaScript window would pop up and show the result If ret_url is presented client would be redirected to ret_url and gateway would add an additional variable rmsg to indicate redeem procedure result Field rmsg www netcommwireless com
32. SNMP protocol L I maximum number of days for the system to retain the users information SNMP The email address to which the user log information will be sent NTP Server The network time server that the system is set to align System Time system time is shown as the local time The minutes allowed for the users to be inactive before their account expires Idle Time Out automatically User Session Control Enabled disabled stands for the current setting to allow disallow multiple login from the same local account Preferred DNS IP address of the preferred DNS Server Server DNS Alternate DNS IP address of the alternate DNS Server Server SYSLOG server On demand Users Log Warning of Internet Disconnection Multiple Login WWw netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 91 A gt NetCommWireless Interface Status To view Interface Status go to Status gt gt Interface This section provides an overview of the interface for the administrator including WAN Zone Private and Zone Public NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 92 4 NetCommWireless Network Interface Select Interface Private MAT MAC Address 00 60 64 B3 0E 42 Service Zone Private 192 168 110 1 seine 23603103 BSSID 00 60 64 B3 0E 43 ESSID MetcComm HS51200M 2 RF Card 1 VAP 1 Security Type WPA PSK Associated Clients today 06 15 15 425 KiB 4
33. Shows when the account will expire Total Price For each plan this is the unit price charged for an account Unit Number of units of Quota per ticket Group On demand users can be allocated to a defined User Group when On demand accounts are created The generated accounts may be downloaded for safe keeping or sent to printer for batch printout On demand Account Creation by Quick Button The Quick Button located on the front panel of gateway is a quick On demand account generation button This button is designed to create On demand accounts without the need to enter WMI The printer should be directly connected to the console port of gateway When you have properly connected the printer to the console port pressing this button will generate an On demand account using billing plan no 1 and print out the account credentials via the printer Please note that the corresponding billing plan no for this Quick Print button is always billing plan 1 Should the network administrator wish to configure different account types for generation please modify billing plan no 1 Only supports normal font for ticket customization On demand Account List All created On demand accounts are listed and related information is also provided Authentication Black List Group Policy Schedule Firewall QoS Specific Route privilage Additional Control Operator Main Menu gt Users gt Authentication gt On demand User Server Configuration
34. UI of this plan operator can enter a Unit value which is the number of days to Cut off time according to customers stay time For example Unit 2 days Cut off Time 13 00 then account will expire on 13 00 two days later Grace Period is an additional short period of time after the account is cut off that allows user to continue to use the on demand account to access the Internet without paying additional fee Unit Price is the daily price of this billing plan It is mainly used in hostel hotel venues to provide internet service according to guests stay time Group will be the applied Group to users created from this plan Reference field allows administrator to input additional information Editing Billing Plan Plan 5 Account Type Hotel Cut off time Hotel Cut off Time HH MM range 00 00 23 53 Grace Period Account remains usable for haur s after cut off 60 perday Unit Price Range 0 100000 including two digits after decimal point e g 1 93 TIP The Hotel ut aff tirie Account Type is designed far hotel applications and conforms ta check infout scenario For cut off applications within one day for example the account expires upon bookstore s closing hour 11PM please select Duration Time One day stay in Hotel terms is counted from a customer s check in time to the check out time on the following day When a tenant checks in far ane or multiple days the operator can generate an account ticket
35. a F 1Hour v Roaming In Users Log F F 7 IF FJ F 1Hour Session Log E nlp Bim Detail Send Detail E Detail 1Hour v Firewall Log Al 9 9 EJ F N A 1Hour E Daily Settle Time 0 Y On demand User Billing Report 0 Send N A F Weekly Settle Time Sun v E Monthly Settle Time 1 Y Local HTTP Web Log N A A F 1Hour HTTP Web Log N A 1 F Hour WMI Configuration Log N A wa m fino DHCP Server Log N A A N A N A DHCP Lease Log N A NA B Hour Traffic Report Text N A NA 1Hou 7 Service Zone Server Folder The folder in the configured FTP Server in which the sent Log will be placed Interval The time interval at which the Log will be sent Logged Interface The check box of Public or Private shall be checked to enable logging the HTTP Web Log of this interface www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 105 A gt NetCommWireless Advanced Applications Upload Download Local User Accounts To Upload Download Local Users Accounts go to Users gt gt Authentication click Configure for the Local Authentication Database Or click Quick Links gt gt Local User Management from system Home page Local User Database Settings Local User List Enable Disable Local user database will be used as authentication database for roaming out u
36. access the internet the system will redirect the user to the external login page configured Gateway while redirecting users to the external web page will also send URL parameters required for the operation for instance user authentication Therefore each self defined external pages Login Logout Login Success Logout Success etc requires codes to handle URL parameters to and from the Gateway A simple example is illustrated below for Login Page please refer to External Login Page Parameters for URL parameter relating to other pages such as Login Success Page and etc Therefore it is important that your external pages are designed by someone with good knowledge of URL parameter utilization The diagram below explains how External Page operates using user login flow as illustration L Client Gateway E External Web bal Server Gateway redirects user and sends necessary URL parameters URL Parameters to external login page External login Page is sent to the client Account credentials submitted to host defined in URL parameter Gateway authenticates the user credentials against its authentication servers Redirectclient to login success page URL Parameters or login fail page according to result Sends Login success page or Login fail page to client as instructed by the Gateway Sees Login Success Page if Authentication pass Sees Login Fail Page if Authentication fails The URL parameters sent by th
37. account click the Next button Home Logout NetCommWvireless Setup Wizard Local User Account Optional Username testuser Password You can choose to add local user accounts for a quick canfiguratian class Group 1 Step 3 arm ee ee oa step 4 Confirm and Restart Step 4 asks you to confirm your settings If you need to make changes click the Back button until you get to the screen on which you need to make changes Otherwise click the Finish button f Home Logout NetCommWvireless Setup Wizard Confirm and Restart Please click the Finish button and restart the system Press Click the Finish button to confirm the settings and restart the system NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 18 A Zw NetCommWireless You are prompted to confirm the restart of the system Are you sure to restart the system Click OK The Wireless N Hotspot reboots and the following screen is displayed Home Logout NetCommWvireless Setup Wizard Confirm and Restart amp 9 9 9 9 9 9 Step 4 Press Click the Finish button to confirm the settings and restart the system es Note The Wireless N Hotspot must be restarted for the configuration to take effect The restart process can take up to 10 minutes to complete When the login page is displayed the Wireless N Hotspot has finished rebooting NetCommWirele
38. are acceptable for password field Upload User from File File Name rose Upload NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 106 lt gt NetCommWireless When the system uploads a file any format error or duplicated username will terminate the uploading process and no account will be uploaded Please correct the format in the uploading file or delete the duplicated user accounts in the database then try again Download User Use this function to create a txt file with all Local user account information and save it on a disk n N A X A A A A Authentication Black List y Group Policy Schedule Firewall QoS Specific Route Privilege Additional Control N Operator N Main Menu gt Users gt Authentication gt Option gt Local gt Local User List gt Dovmload Download User to File Applied Group MAC Address Username Password Expire Time Enabled Begin Date End Date Remark Download NetComm Wireless HS1200N Wireless N Hotspot www netcommuwireless com 107 lt gt NetCommWireless RADIUS Advanced settings To configure RADIUS Advanced Settings go to Users gt gt Authentication Click Configure for the RADIUS Authentication Database Complete vs Only ID vs Leave Unmodified For RADIUS authentication there is an option to send the complete username with postfix or username only Username Format When t
39. based on the number of the aver night stay The account will be cut off on the specified cut off time normally the hotel s check out time after the number of nights specified Since quests may hang around in the lobby for a short while after checking out the hotel may want ta specify a Grace period for their tenants EE NS EI Hotel Cut off time account lifespan 3 night stay example 24 00 PM 24 00 PM 24 00 PM Cut off Time Check out time Mp hin Deletion Time DT EE Invalid Valid www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 123 A gt NetCommWireless Hotel Cut off time account lifespan 3 night stay example with Grace Period 24 00 PM 24 00 PM 24 00 PM gt Grace Period Cut off Time Check out time MED kon Deletion Time DT L1 Invalid Valid Volume Users can access internet as long as his her account has remaining traffic volume quota The account will expire when Valid Period has been used up or the quota is depleted This type is ideal for small quantity of applications such as sending receiving email transferring a file etc Count down of Valid Period is continuous regaraless of logging in or out Quota is the total Mbytes 1 2000 On demand users are allowed to use to access the network Account Activation is carried out when the user logs in for the first time Failing to do so in the period set i
40. changed through the text mode management interface via the serial console port NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 84 lt gt NetCommWireless Backup Restore and Reset to the Factory Default To configure Backup Restore and Reset to Factory Default go to Utilities gt gt Backup amp Restore This function is used to backup restore the gateway settings Also the gateway can be restored to the factory default settings here Backup System Settings i Keep WAN setting and Management IP Address List File Name Keep LAN Alias and DHCP setting E Keep Certificate E Keep Account Reset to the Factory Default Backup System Settings Click Backup to create a db database backup file and save it on disk File Download xi Do you want to open or save this file a Name 20050303 db Type Data Base File From 10 2 3 70 Open Save IV Always ask before opening this type of file harm your computer If you do not trust the source do not open or m While files from the Internet can be useful some files can potentially save this file What s the risk Hestore System Settings Click Browse to search for a db database backup file created by the gateway and click Restore to restore to the same settings at the time when the backup file was saved Reset to Factory Default Click Reset to load the factory default settings of the gat
41. confirm what you enter Once the console port of the gateway is connected properly the console main screen will appear automatically If the screen does not appear in the terminal simulation program automatically please try to press the arrow keys so that the terminal simulation program will send some messages to the system and the welcome screen or main menu should appear If the welcome screen or main menu of the console still does not pop up please check the connection of the cables and the settings of the terminal simulation program Wireless Hotspot Gateway HSG260 Basic Configuration Please select functions tility Utilit For network assword Change admin password set Reload factory default start Restart Wireless Hotspot Gateway HSG260 NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 88 gt NetCommWireless Utilities for network debugging The console interface provides several utilities to assist the Administrator to check the system conditions and to debug any oroblems The utilities are described as follows Wireless Hotspot Gateway HSG260 Configuration Utility Please select utility Trace routing path Display interface settings Display routing table Display ARP table sniff on interface Display system up time Check service status Set device into safe mode Synchronize clock with NIP server Print the kernel ring buffer Main menu Ping host IP By sending ICMP echo request to
42. gt On demand Account List On demand Account List Username Password Remaining Quota Status Group Reference External ID 9829 f6sk7zsd 1000 M byte s Expired Group 2 Delete 383x n996nb5y 11 min s Normal Group 1 Delete Total 12 3000 First Prev Ne ast Goto Page 2 Page 2 2 Row per Page 10 v lt Search Enter a keyword of a username External ID or reference to be searched in the text file and click this button to perform the search All usernames External ID or reference matching the keyword will be listed Username The login name of the account Password The login password of the account Remaining Quota The remaining time or volume or the cut off time that the account can continue to use to access the network Status The status of the account Normal the account is not currently in use and has not exceeded the quota limit Online the account is currently in use NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 52 A lt gt NetCommWireless Expired the account is not valid any more even if there is remaining quota left Out of Quota the account has exceeded the quota limit Hedeemed the account has been applied for account renewal External ID This is an additional information field combined with a unique account for example the customer s name or social security number etc Reference Any other additional information for example venue where the account i
43. interference With 802 11n short guard interval is half of what it is used to be to increase throughput Select Enable to use Short Guard Interval or Disable to use normal Guard Interval Channel Width 802 1 19g n only For 802 11n doubling channel bandwidth to 40 MHz is supported to enhance throughput Channel Select the appropriate channel from the drop down menu to correspond with your network settings for example Channel 1 11 is available in North American and Channel 1 13 in Europe or choose the default Auto Max Transmit Rate The available range is from 1 to 300Mbps The rate of data transmission should be set depending on the speed of the wireless network Select from a range of transmission speeds or keep the default setting Auto to make the Access Point automatically use the fastest rate possible Transmit Power Keep the default setting or select from range to make the Access Point use different transmit power as you wish DTIM Period The DTIM Interval specifies the interval at which the delivery traffic indication message is sent out to synchronise the network A higher DTIM allows the wireless client to save energy but throughput is decreased ACK Timeout The time interval for waiting for the acknowledgement ACK frame If the ACK is not received within the interval then the packet will be re transmitted A higher ACK Timeout interval will decrease the packet lost but the throughput will be decreased www netcommw
44. is on the file with a customer s credit card company A code and narrative description are provided to indicate the results returned by the processor Card Code The three or four digit code assigned to a customer s credit card number at the end of the credit card number found either on the front or back of the card E mail An email address may be provided along with the billing information for a transaction This is the customer s email address and should contain an symbol Customer ID This is an internal identifier for customers that may be associated with the billing information for a transaction This information field may contain any format First Name The first name of a customer associated with the billing or shipping address of a transaction In the case when John Doe places an order enter John in the First Name field indicating this customer s name Last Name The last name of a customer associated with the billing or shipping address of a transaction In the case when John Doe places an order enter Doe in the Last Name field indicating this customer s name Company The name of the company associated with the billing or shipping information entered on a given transaction Address The address entered either in the billing or shipping information of a given transaction NetComm Wireless HS1200N Wireless N Hotspot 131 www netcommuwireless com lt gt NetCommWireless City The city associated with either the billing a
45. move the rule to a specified rule number Insert Before denotes to insert a rule before the current rule and Delete denotes to delete the rule To edit a specific rule Click Edit in the Operation column of the firewall rules table On this page existing rules may be edited NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 36 gt NetCommWireless General WAN WAN Traffic j IPW6 Y LAN Port Mapping Y Service Zones Layer 2 Firewall Main Menu gt System Layer 2 Firewall EMEN ONG n NN Link Layer Configuration Ether Type IEEE 802 3 Interface 9From OTo VAP MAC Address G T MAC Address 01 00 0C CC CC CC IEEE 802 3 Configuration SNAP Type 2000 Far example IP 0800 Apply o o D DI v DI DI Rule Number The numbering of this specific rule will decide its priority among available firewall rules on the list Rule name Enter the rule name Action for Matched Packets The rule can be chosen to Block or Pass packets that match the rule criteria Rule Remark Enter any comments regarding the rule that help to identify it Ether Type Select from the drop down list which types of traffics are subject to this rule Interface For specifying the traffic direction To or From VAP2 subjected to this rule IPv4 Service when EtherType is IPv4 Select the available upper layer protocols services from the drop down list DSAP SSAP when EtherType is IEEE 802 3 Th
46. of devices that are trusted to issue ARP requests Other network nodes can still send their ARP requests however if their IP appears on the static list with a different MAC their ARP requests will be dropped to prevent eavesdropping If any settings are changed please click Apply to save the configuration before leaving this page NetComm Wireless HS1200N Wireless N Hotspot WWwW netcommwireless com 40 A gt NetCommWireless Configuring network access Type of Users To configure Users go to Users gt gt Authentication This section is for administrators to pre configure authentication servers for the entire system Concurrently up to three servers can be selected and pre configured for static user authentication One server uses built in LOCAL database while the other two servers use external RADIUS database In addition ONDEMAND server can be configured for temporary user authentication Authentication Settings mao me M Authentication Settings There are four different authentication options on the gateway that use databases LOCAL RADIUS1 RADIUS2 ONDEMAND and FREE Local and On demand are built in databases with user credentials stored locally and RADIUS is one of the most common external authentication databases FREE is an access option that allows users to access networks with any specified identity token on the login page Click on the Authentication Options to configure DI Auth Option
47. of this plan Group will be the applied Group to users created from this plan Reference field allows administrator to input additional information Editing Billing Plan Plan 1 Account Type Counting Method Elapsed Time Begin and end Time 9 Cut off Time Begin Time Upon Account Creation Cut off Time HH MM range 00 00 23 59 J s dts Price Range 0 100000 including two digits after decimal point e g 1 99 TIP When the Account Type is Duration time three Counting Methods may be used to decide when the account expires 1 Elapsed Time specifies the time duration from account creation for which the account is valid 2 Cut off Time specifies the next cut off time point for which the account becomes invalid 3 Begin and End Date Time specifies that the account is valid between the two time points Tis NEL Duration time Cut off Time account lifespan exapmle showing Cut off on 23 00 Cut off Time Creation Time CT Deletion Time DT L1 Invalid Valid www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 12f A ZAA NetCommWireless Duration time with Begin and End Time This plan defines explicitly the Begin Time and End Time of the account Count down begins immediately after account activation and expires when the End Time is reached This plan is ideal for providing internet service throughout a specific period of time for examp
48. on IPv4 or IPv6 Default DSCP Differentiated Services Code Point can be added and edited to determine traffic class Default DSCP includes Network Control Ox30 Telephony Ox2E Signaling Ox28 Multi media Conferencing Ox26 Real Time Interactive Ox20 Multi media Streaming Ox1A Broadcast Video 0x18 Low latency Data 0x12 OAM 0x10 High Throughput Data OxOA Standard OxOO Low Priority Data Ox08 Bandwidth Control Enable or Disable the capability to determine the following parameters Group Total Downlink Defines the maximum bandwidth allowed to be shared by clients Individual Maximum Downlink Defines the maximum downlink bandwidth allowed for an individual client The Individual Maximum Downlink cannot exceed the value of Group Total Downlink Individual Request Downlink Defines the guaranteed minimum downlink bandwidth allowed for an individual client The Individual Request Downlink cannot exceed the value of Group Total Downlink and Individual Maximum Downlink Group Total Uplink Defines the maximum uplink bandwidth allowed to be shared by clients Individual Maximum Uplink Defines the maximum uplink bandwidth allowed for an individual client The Individual Maximum Uplink cannot exceed the value of Group Total Uplink Individual Request Uplink Defines the guaranteed minimum bandwidth allowed for an individual client The Individual Request Uplink cannot exceed the value of Group Total Uplink and Individual Maximum Uplink NetCom
49. scan for this network D Security Configure the wireless network under Public Zone with security encryption to prevent unauthorised wireless association if necessary The supported encryption standards are WEP and WPA PSK WEP 802 11 Authentication Select from Open System or Shared Key WEP Key Length Select from 64 bit 128 bit 152 bit key length WEP Key Format Select from ASCII or Hex format for the WEP key WEP Key Index Select a key index from 1 4 The WEP key index is a number that specifies which WEP key will be used for the encryption of wireless frames during data transmission iy WEP Keys Provide the pre defined WEP key value the system supports up to 4 sets of WEP keys WPA PSK Cipher Suite Select an encryption method from TKIP WPA AES WAP2 or Mixed Pre shared Key Pass phrase Enter the key value for the pre shared key or pass phrase D Group Key Update Period The time interval for the Group Key to be renewed the time unit is in seconds DI Advanced The parameters in Advanced are wireless settings that allow customization of data transmission enhanced security and wireless roaming www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 9 FAA NetCommWireless D Beacon Interval Enter the number of intervals that the beacon signal will be sent from the VAP The default value is set at 100ms RTS Threshold Enter a value between 1 and 2346 The RTS Request to Send
50. settings will become effective immediately after clicking the Apply button The External IP Address of the Automatic WAN IP Assignment is the IP address of External Interface WAN that will change dynamically if WAN Interface is Dynamic When Automatic WAN IP Assignments is enabled the entered Internal IP Address of Automatic WAN IP Assignment will be bound with WAN interface Automatic WAN IP Assignment Enable External IP Address External Interface Internal IP Address Remark 7 10 16 29 79 WAN Static Assignments No External IP Address External Interface Internal IP Address Remark 1 WAN 2 i i WAN v 3 WAN v 4 WAN 5 i WAN 6 WAN v i 7 I WAN v d E WAN 9 WAN v 10 WAN Total 40 First Prev Next Last Go to Page 17 Page 1 4 Row per Page 10 www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 65 A gt NetCommWireless Virtual Server To configure Virtual Server go to Network gt gt Network Address Translation gt gt Public Accessible Server c 5 e m E Sysiem Users Network Utilities Status m o 1 N Y ee eru INAT Privilege Monitor IP Walled Garden Walled Garden Ad Proxy Server Local DNS Record DDNS Client Mobility Layer 2 Firewall i 1 jd 4 n A i Main Menu gt Network gt NAT Network Address Tr
51. the On demand page to create multiple accounts for an enabled billing plan and send them to the printer for generating physical tickets Batch Creating On demand Account Plan Account Type 1 Usage time 1 hris of connection time quota with expiration Quota a Number of tickets to batch create Account Creation Manual created Username A z 0 9 and max length is 5 1 5 digits and max length is 5 A z 0 O and max length is 5 9 Randomly Same as username Admin Assign After activation the account will be expired in 30 day s mmen S OO om E eree Please confirm the information and press Create button to create accounts www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 51 LI FA NetCommWireless Account Type Shows the account type of the plan whether it is Usage time Duration time or Hotel Cut off Quota The total amount of time interval or traffic volume for On demand users to access the network Numbers The desired number of accounts to be created from the plan Username Password Creation Usernames and passwords can be created randomly by the gateway or self created by administrator Username To manually create a username the Prefix and Postfix can be chosen The serial number increases at single increments when batch accounts are created Password Passwords are customizable and can be created randomly by the gateway or self created by administrator Valid Period
52. the system and use it as portal page displayed to the user External Page uses a web page stored in an external web server as the portal page for your users Because the pages are located on a remote server therefore special efforts are required by these external pages to parse process and send necessary URL parameters to and from the system Since External Pages needs more attention and care to setup its html codes also need to include mechanisms for processing the necessary URL parameters in order to work properly with the Access Controller please refer to further details regarding on external pages in the following sections How External Pages Operate Choose External Page if you desire to use an external web page for your custom pages Simply enter the URL of your external webpage click Preview button to check if it is reachable take a look at how your external webpage will be displayed then click Apply button www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 139 ES lt gt NetCommWireless Login Page Selection for Users Service Zone Default Default Page Template Page Uploaded Page External Page External Page Setting External URL http 10 2 3 230 ExternalPage login html Preview Apply Main Menu gt gt System gt gt Service Zone gt gt Service Zone Configuration gt gt Login Page When a user connects to this Service Zone opens a web browser and attempts to
53. url if result null return else return decodeURIComponent result 1 An external page example that the user will see upon launching a browser highlighted in red you can see the URL parameters sent from the system Z Exterani Login Page Windows Internet Explore ingur url htt ttps whg501 4 tcom h S f Googie px yas Toka MEE El aa B SREM gt ee aar ASRA P amp RA MCATES Y we AERE d el Ace pp Aans Exterenl Login Page HT D 2 om Ep 2o IBO 9 Login Username Password Login Reset Remam Www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 141 lt gt NetCommWireless URL Variables from Gateway This section shows a list of URL variables of the external pages to be sent from the Gateway with its corresponding HTML coding External Login Page Variables Field Value loginurl otring URL encoded remainingurl String URL encoded vlanid Integer 1 4096 gwip IP format client ip IP format umac MAC format separated by Session string External Login Successful Page Description The URL which shall be submitted when user login The URL which shall be submitted when user want to get remaining quota VLAN ID Gateway activated WAN IP address Client IP address Client MAC address Encrypted session information include client IP address MAC address date and return URL Variables Field Uid Ut
54. your own background image for the ticket or choose none Click Edit to select the image file and then click Upload The background image file size limit is 100 Kbytes No limit for the dimensions of the image is set but a 460x480 image is recommended Number of Tickets Enable this function to print duplicate receipts Another Remark field will appear when the Number of Tickets is set to 2 and the content will appear at the bottom of the duplicate receipt Preview Click Preview to show the ticket including the username and password with the selected background You can also print the ticket here NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 48 4 NetCommWireless Ticket Template Customization Administrators can customise contents on the On demand tickets using this template Template Customization Image i Type I x Restore Type For Usage Time with expiration time amp Volume Type I Font remain Y Insert Parameters Size 9 Normal Tall Parameters Ticket Serial Number SN Sremain Sheader S2neader S3header Username Susername q T lat Password Spassword 3 Quota Susage Total Price Sprice Excernal ID Sextid i ESSID S wlan ess id Wireless Key Swep key Your first time login must be done before Sexpire time The account is valid within Sduration days after your first login Billing Plans Administrators can configu
55. 09 MiB l 2 11 MiB 3 12 MiB all time 2 57 MiB 4 21 MiB 0 34 kbit s 0 40 kbit s E TET r 104 31 MiB LI r Et since 01 05 00 3 07 MiB 703 KiB 16 14 MiB 17 48 MiB 19 20 MiB 18 25 MiB D A 0 00 kbit s 0 06 kbit s Traffic summary i7 18 13 20 21 22 23 00 Of 2 03 4 5 5 oF 5 os 10 11 i12 15 14 15 1 amp 5 dau avg rate 01 05 00 l l 0 12 kbit s 01 0600 i j j 0 00 kbit s 03 15 00 i j j kbit s 03 16 00 kbit s Trafieof ikenay 04 05 00 kbit s 08 14 13 kbit s 08 15 13 kbit s 08 20 13 kbit s estimated E E OR Ro ht month total ave rate Jan 60 1 29 MiB 0 00 Kbitz s Har 60 65 57 MiB 0 20 kbit s Traffic of the Month Apr o 18 25 MiB 0 06 kbit s Rug 13 19 20 MiB 0 08 kbit s estimated i i 29 MiB day ave rate 3415 00 3 d1 khit z 03 16 00 2 51 kbit s od AOS 00 i 7 3 kbit s oo 714 15 j j i j 18 khit s 08 15 13 j I j j 40 khit s gar 1700 i 29 kbit s o1 08 00 12 kbit s Traffic of the top 10 J n Cm ROGO ha www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 93 A ZAA NetCommWireless Network Interface ee ee ee snip Losier BSSID O6 60 64 BS 0E 43 ESSID H51200N Demo RF Card 1 VAP 2 Today 06 15 15 0 KiB 2 38 MiB o KiB 2 45 MiB all time 0 KiB 4 84 MiB 0 00 kbit s 0 46 khit s E e ise TE 13 60 MiB LI r S pr since 01 05 00 4 17 MiB 246 KiB 6 01 MiB 65 KiB 10 18 MiB 311 KiB XU Eiz 0 05 kbit s 0 00 khit s Traffic summar
56. 55 32 if the destination is a single host Gateway IP Address The IP address of the gateway or next router to the destination Default Gateway Default Gateway The default gateway of a desired IP address can be defined in each Policy except Global Policy When Specific Default Route is enabled all clients applied with this Policy will access the Internet through this default gateway www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 63 LS lt gt NetCommWireless Specific Routes Profile 1 Select Profile Profile 1 v Enable V Default Gateway IP Address M Enable Check the Enable box to activate this function or uncheck to deactivate it Default Gateway IP Address You may need to fill in the IP address of the default gateway User Privilege Administrator can choose to allow users to change their Password And to prevent ill behaved clients or malicious software from taking up the system s connection resources the administrator can restrict the number of concurrent sessions that a user can establish Privilege Configuration Profile 1 Select Profile Profile 1 v Change Password Privilege Enable Disable Maximum Concurrent Sessions Unlimited sessions per user The maximum number of concurrent sessions including TCP and UDP for each user can be specified in the Global policy which applies to authenticated users users on a non authenticated port privileged users and clients in D
57. AN Interface Uplink Specifies the maximum uplink bandwidth that can be shared by clients of the system Downlink Specifies the maximum downlink bandwidth that can be shared by clients of the system Utilities Status Main Menu gt System gt WAN Traffic WAN Traffic Settings Enable Bandwidth limitation on WAN Available Bandwidth Uplink 1000000 Kbps Range 10 2000000 Downlink 1000000 Kbps Range 10 2000000 Target for detecting Internet connection IP Domain Name IP Domain Name WAN Connection Detection IP Domain Name Warning of Internet Disconnection Enabling WAN connection detection When Internet connection is down the system will display the message as Sorry The service is temporarily unavailable When this function is enabled the gateway will try to access these IP Domain addresses If the gateway can reach these IP Domain addresses the Internet connection is deemed to be functioning normally WAN Connection Detection 4 P Domain Name Enter the IP address or domain name that the gateway will use to verify the internet connection status The Warning of Internet Disconnection option allows you to specify a message that is displayed on a user s screen when they access a web page and the internet connection is down www netcommuwireless com NetComm Wireless HS1200N Wireless N Hotspot 2f LS lt gt NetCommWireless Configuring Zone
58. E DONIS eM ONU E 101 Rp zu RL H H HPOPE RRNER 101 EEIE OI T M 102 zii X O OR RR 103 EE E D cM OPHPl 104 gute e 104 Advanoed ADDIIOSUOLS uaiccdkecensuses Gud cdi iadkupciuR mi cuia was dace EERE ERER EEEE cauda didi sip TUNE Cu ddedtaRunDS EEEN dtd uU RE rd ced 106 Wipload Download Local User ACCOM ctm ET 106 mie MINE ciae Se IIS PERENNE m m E 108 TMA BU MPH TED 109 TST OTM Ne P OO EE UTER ERES 110 ADDEN ede e FOOLY e TT mE t 111 Sloe Policy A thentication Policy and User Te ONG Am u Hr 111 Appendix B WDS Management sc sccsssccssscssscsssscnsccnssnssencnsscnsacnsnscensenesscsescenscassensececnscnssnceenssaeonssunsenscnssensensansanesanscassnarsscanses 112 Appendix C RADIUS Accounting aor auia ax aco Rum ERE wa OE au rip wx ER EIS SERERE EFUN FN SaNKCSRNSENKNNEENUKER NES KENNEN EENNEEN ENS nennen nnmnnn nennen 113 Wege Men c o c T ae seer 113 VSA configuration in RADIUS server IAS Server secvciccdecscdaccedincaeece Secceute Dres Eis DOE Q
59. Expiration Date Credit Card Expiration Date First Name First Name x Last Name Last Name E Card Type Card Type Visa v American Express v Master Card vl Discover Card Code Card Code v v E mail E mail c C Customer ID Room Number v Company Company 7 L v Address Address j city City Li v State State V Zip Zip O v Country Country IE v Phone Phone r1 v Fax Fax c Displayed text fileds must be filled Authorizie Net Payment Page Remark Content You must fill in the correct credit card number and expiration date Card code is the last 3 digits of the security code located on the back of your credit card If z muss Authorize Net Payment Page Fields Configuration Item Check the box to show this item on the customer s payment interface Displayed Text Enter what needs to be shown for this field Required Check the box to indicate this item as a required field Credit Card Number Credit card number of the customer The Payment Gateway will only accept card numbers that correspond to the listed card types Credit Card Expiration Date Expiration date of the credit card This should be entered in the format of MMYY For example the expiration date of July September 2009 should be entered as 0709 Card Type This value indicates the level of match between the Card Code entered in a transaction and the value that
60. Hotspot 49 ws lt gt NetCommWireless Function Click the Edit button to add one billing plan For detailed information regarding on demand accounts and billing plan configuration please refer to Appendix E On demand Account types amp Billing Plan External Payment Gateway This section is for merchants to set up an external payment gateway to accept online payments for wireless internet access The available payment services are Authorize Net PayPal SecurePay WorldPay or Disable For detailed parameter descriptions please refer to Appendix F External Payment Gateways External Payment Gateway Authorize Net PayPal SecurePay WorldPay amp Disable On demand Account Creation After at least one billing plan is enabled the administrator can generate on demand user accounts here Click Create from the desired plan to create an on demand account The username and password of to be created on demand account is configurable Select Manual created in Username Password Creation and administrator can enter a desired username and password for the on demand account In addition an External ID such as student s school ID can be entered together with account creation After the account is created you can click Printout to print a receipt which will contain the on demand user s information including the username and password Click Send to POS to print a receipt on the ticket printer Note If no Billing plan is enabled
61. ION TERMINATE END OF DAY WISPR BILLING CLASS OF SERVICE WISPR LOCATION ID WISPR LOCATION NAME WISPR BILLING TIME Session External Error Page Variables Field Msg www netcommwireless com Integer b s Integer b s Integer b s string string String format YYYY MM DDThh mm ssTZD Integer 0 1 otring otring otring otring format HH MM otring Value otring includes The system is busy Please try again later Cannot find session related information lt BR gt Please enable the Cookie in the browser setting or open a website to get a Cookie Invalid IP address Please check the IP address and try again Invalid MAC address Please check the MAC address and try again Sorry your account is not usable because the authentication option is currently disabled lt BR gt Please contact your network administrator Sorry your account is not usable because the authentication option associated with the postfix is not found lt BR gt Please contact your network administrator Sorry you are not allowed to log in because your account is Currently on the Black List Sorry you are not allowed to log in because it is currently not the service Maximum down link rate Minimum up link rate Minimum down link rate Client redirection URL RADUIS CLASS attribute Only available for RADIUS user WISPr Session Terminate Time attribute Only available for RADIUS user WISPr Sess
62. IP address automatically You can also try using a static IP address such as 192 168 110 xxx where xxx is a number between 2 and 254 and then try loading the page again For assistance configuring your computer please refer to Appendix A Network Configuration on a Computer The following login page appears Enter admin in both the username and password fields then click the Login button to continue NetCommUWireless Username admin Change password www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 15 LS lt gt NetCommWireless The main configuration screen appears after successfully logging in NetCommVWVireless NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 16 A gt NetCommWireless Basic Setup Setup Wizard The HS1200N provides a setup wizard for quick and easy configuration Click on the Setup Wizard button to start the configuration process O Logout NetCommwWireless otep 1 General otep 1 of the setup wizard enables you to configure your Administrator password System Time settings and the web page address to which connected computers are redirected Home Logout NetCommWvireless Setup Wizard General It is recommended ta change administrator s password and select an or the system Time Zone GMT 10 00 Canberra Melbourne Sydney Enter a new administrator password in the New Password field and then re enter the same new pa
63. LS ZAA NetCommWireless HS1200N Wireless N Hotspot A gt NetCommWireless Copyright Copyright 2013 NetComm Wireless Limited All rights reserved The information contained herein is proprietary to NetComm Wireless No part of this document may be translated transcribed reproduced in any form or by any means without prior written consent of NetComm Wireless A Note This document is subject to change without notice Save our environment When this equipment has reached the end of its useful life it must be taken to a recycling centre and processed separately from domestic waste The cardboard box the plastic contained in the packaging and the parts that make up this device can be recycled in accordance with regionally established regulations Never dispose of this electronic equipment along with your household waste You may be subject to penalties or sanctions under the law Instead ask for disposal instructions from your municipal government Please be responsible and protect our environment This manual covers the following products HS1200N Wireless N Hotspot Kit DOCUMENT VERSION DATE Initial document release 1222019 NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 2 4 NetCommWireless Table of contents FANE OFCON iea EEE P m 3 VT A A EE EE EE ETETE EEE AE EEN EEEE T A EEE E E E A N E EE E A 5 MPO IE TOI N I E A E EN E O E S E A N E O
64. MZ zones This can also be specified in the other policies to apply to the authenticated users When a user reaches the defined session limit a choice of Unlimited 10 25 50 100 200 350 500 750 and 1000 the user will be implicitly suspended upon receipt of any new connection request In this case a record will be logged to a SYSLOG server oince this basic protection mechanism may not be able to protect the system from all malicious DoS attacks it is strongly recommended to build some immune capabilities such as IDS or IPS solutions in network deployment to maintain network operation NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 64 4 NetCommWireless Accessing the Network without Authentication DMZ To configure DMZ go to Network gt gt Network Address Translation gt gt DMZ Demilitarized Zone N N N NAT Privilege Monitor IP Walled Garden Walled Garden Ad Proxy Server Local DNS Record DDNS Client Mobility Layer 2 Firewall Main Menu gt Network gt NAT Network Address Translation DMZ Demilitarized Zone Public Accessible Server Configure Port and IP Forwarding There are 40 sets of static Internal IP Address and External IP Address available Enter Internal and External IP Address as a set After the setup accessing the External IP address listed in DMZ will be mapped to accessing the corresponding Internal IP Address These
65. N T N 1 Authentication slack List croup Policy Schedule Firewall QoS Specific Route T Privilege Additional Control Operator i Main Menu gt Users gt Authentication gt On demand User Server Configuration gt General General Settings Postfix ondemand 10min s 15min s 20min s Sync Interval Terminal Server Expired Account Keep Days 15 1 30 days Out of Quota Account Keep Days 15 130 days Enable Disable Account Roaming Out On demand user database will be used as authentication database for roaming out users Postfix The string of characters needed to be entered with the username during login Remaining Volume Sync Interval Select a desired interval for on demand user quota update The quota information i e remaining time or remaining quota displayed on the on demand user login success page will be refreshed according to the time interval configured here Terminal Server Terminal Server Configuration is a list of serial to Ethernet devices that communicate with the system only there is no need to go online or go through authentication process Enter the device IP and the port number into the respective fields www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 47 A gt NetCommWireless c s3 E n S System sens Network Utilities Status Authentication Black List Group Policy Schedule F
66. PEOS LIST erenn T TE TET TE SE EE EE EEE E 67 FO a EEEE EEEE E EE E A AT E ET E TEE N ET E EENEN PE T E E 67 ae OEE EEE T E EN A EAA A E E E A E 68 e aC m E EE E soem deste A E nse co E P PO 68 Disable Authentication in PUBIC ZONG NR m 69 RS Codima OO E PET E 70 wcloidkool e EA IE 70 Internal Domain Name ie SCIT Tm mm mm m 71 UAE ere Ere ge NEN mU 72 NAN OS TTE H 13 PS LO oea RE sarc E E A AE nica ee A TA AAE E TA N A A A 74 www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 3 A gt NetCommWireless lel de 74 PMS CMS dE e elg PNE ER ee cause ne attest hese ts bas DO TOO m m To Networking Features Ol a GLOW cR DOT LL E TA RE EAEE E na a 75 FON anad IF POW AUN iee 76 EB ue eB E 77 vel Es Ta NU e a E 24 Management IF store i i LIST MNT E S 78 IP Adress TOF ACCBSSEIG I SO LOG alas Vota eduxi bu ves decode DE viuda ua cates ns Df aeta D etx weaned enu in d ES D Mie S 79 cjl er
67. Record DDNS Client Mobility M Layer 2 Firewall Y Y LL L RLR MS M SENSE NM J lo A SSSSSS _ xFHHeeee Main Menu gt Network gt Privilege List Privilege List IP Address List MAC Address List IPv6 Address List Privilege IP Privilege IP Address List To configure Privilege IP Address List go to Network gt gt Privilege gt gt IP Address List If there are workstations inside the managed network that need to access the network without authentication enter the IP addresses of these workstations in Granted Access by IP Address The Remark field is not necessary but is convenient for keeping track The gateway allows 100 privilege IP addresses at most These settings will become effective immediately after clicking Apply i E fie N M N HE M E Privilege l Monitor IP Walled Garden Walled Garden Ad Proxy Server Local DNS Record DDNS l Client Mobility Layer 2 Firewall Y _ i X _ aL 1 D Main Menu gt Network gt Privilege List gt IP Address Backup IP Privilege List Restore IP Privilege List Granted Access by IP Address No IP Address MAC Address Group Remark Action Total 0 100 First Prev Next Last Go To Page Page 1 1 Row per Page 10 Caution Permitting specific IP addresses to have network access rights wi
68. Security WEP Key Format ASCII v WEP Key 12345 WDS 2 Settings Public WDS Status Enable 9 Disable Basic MAC Address of Remote AP Security Type TKIP AES v Security Cipher Suite TKIP WPA v Pre shared Key Pass phrase 12345678 WDS Status Select Enable to activate this WDS link MAC Address of Remote AP Enter the MAC of the remote AP that generates a WDS link with the gateway Security Type WEP WEP Key Length may be 64 bits 128 bits or 152 bits and WEP Key Format can be ASCII or HEX Enter the applicable WEP Key WPA PSK Select the preferred ciphering method TKIP or AES and enter the PSK Pass phrase NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 112 gt NetCommWireless Appendix C RADIUS Accounting This section will briefly introduce the basic configuration of RADIUS server to work with VSA for controlling the maximum client volume usage upload download or upload download traffic This VSA will be sent from the RADIUS server to the gateway along with an Access Accept packet In other words when the external RADIUS server accepts the request it will reply not only an Access Accept but also a maximum value in bytes each user is allowed to transfer This value can be the maximum upload traffic the maximum download traffic or the sum of the download and upload traffics in bytes per user The gateway will check this value every minute if the user traffic re
69. Set a name for the authentication databases by using numbers 0 9 alphabet a z or A Z dash underscore _ space and dot only This name is used for the administrator to easily identify the authentication options such as HQ RADIUS Postfix A postfix represents the authentication server in a complete username For example user1 local means that this user user1 will be authenticated by the LOCAL authentication database DI DI Black List There are 5 sets of black lists provided by the system A user account listed on the black list is not allowed to log into the system the client s access will be denied The administrator may select one or None black list from the drop down menu and it will be applied to this specific authentication option DI Configure Click the Configure button to edit a specific authentication database for the server For example if you want to edit the Local authentication database please click the Configure button for Local DI Local Click the Configure button for Local for further configuration Local User Database Settings Enable 9 Disable Account Roaming Out Local user database will be used as authentication database for roaming out users Enable 9 Disable 802 1X Authentication Local user database wil be used as internal RADIUS database for 802 1X enabled LAN devices such as AP and switch Local User List Allows the administrator to view add or delete lo
70. UE Pac Qe i kab deo Dei iso eG date Unas bases adeceveiasbensedcuedteaaeeeeeadeute nics 114 VSA configuration in RADIUS server FreeRADIUS RENE Nm mm 117 Appendix D On demand Account types amp Billing Plan ccsccceeeeseeeeeneeeeeeceseceseceneeceeseeneneneeeaeeeeneneneeeaeseseeneseaesenseneneseneess 120 External Payment Gateways T m 129 PN RU cR PAN Bt d c MR TETTE ED E REEE EEEE EE EAEE E aE E AEE EAEE E RERE EAER 129 ATES ae a N AEE A A EE ccna AA EE A AA E E A AA E A 192 X238 NUS T ois P laici E Tr ccr CT 134 Pay eri ay Gl Pa NE TTE TEM 136 Appendix F Portal Page Custom Z ation sos sexextasd icka nnne raria A aE MEL EF ERN EFC KExP KURVEN HEU MME EE LNE VENE NU EE NE ESI UNE NEEEEEE 139 How External Pages Operate T 139 URLE Variables Tom Gale MERERI aaa E r a kaaa Eana E a a kA AER NEn cede geldcucadssavadedecacscethceentetucdeuse ness 142 URL Variables to Gateway MNT TOL PPEREEREERRN 145 NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 4 4 NetCommWireless Overview Introduction This document provides you all the information you need to set up configure and use the Wireless N Hotspot Target audience This manual is for wireless service providers or network administrators to set up a network environment using the HS1200N system It contains step by step procedures and graphic examples to guide IT staff or individ
71. Wireless HS1200N Wireless N Hotspot www netcommwireless com 128 lt gt NetCommWireless External Payment Gateways This section is to show independent Hotspot owners how to configure related settings in order to accept payments via Authorize net PayPal SecurePay or WorldPay making the Hotspot an e commerce environment for end users to pay for and obtain Internet access with credit cards Payments via Authorize Net To configure Payments via Authorize Net go to Users gt gt Authentication gt gt On demand User gt gt External Payment Gateway gt gt Authorize Net Before setting up Authorize Net it is required that the merchant owners have a valid Authorize Net account Authorize Net Payment Page Configuration External Payment Gateway Authorize Net PayPal SecurePay WorldPay Disable Authorize Net Payment Page Configuration Merchant Login ID Merchant Transaction Key x Payment Gateway URL https secure authorize net gateway transact dll Enable Disable Verify SSL Certificate Default Test Mode Enable Disable Try Test MD5 Hash Enable Disable Merchant ID This is the Login ID that comes with the Authorize Net account Merchant Transaction Key The merchant transaction key is similar to a password and is used by Authorize Net to authenticate transactions Payment Gateway URL This is the default websit
72. a connector on the Wireless Ticket Generator by turning it clockwise 3 Connect the smaller end of the included console cable to the console port of the Wireless Ticket Generator and connect the larger end to the console port on the rear panel of the Thermal Printer Tighten the shoulder screws on both ends of the console cable to prevent accidental disconnection 4 Connect the supplied 5V 3 0A power supply to the power jack on the right side panel of the Wireless Ticket Generator 5 Connect the supplied 8 4V 3 0A power supply to the power jack on the rear panel of the Thermal Printer Use the power switch on the rear panel of the Thermal Printer to turn it on Establishing a wireless connection The Wireless Ticket Generator must establish a secure connection with the Wireless N Hotspot in order to create user accounts and send this information to the Thermal Printer To establish a secure connection on the Wireless Ticket Generator press and hold the TAS button on the left panel for 3 seconds and then release it The Wireless Ticket Generator searches for the Wireless N Hotspot and creates a secure connection between them This process takes about 30 seconds The hardware setup is now complete NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 14 gt NetCommWireless Getting Started The HS1200N offers a web based configuration page After completing the hardware installation above the HS1200N can be configure
73. a specified host and waiting for the response to test the network status Trace routing path Trace and inquire the routing path to a specific target Display interface settings It displays the information of each network interface setting including the MAC address IP address and Netmask Display the routing table The internal routing table of the system is displayed which may help to confirm the Static Route settings Display ARP table The internal ARP table of the system is displayed oniff on interface This is used to confirm if data packets are passing through the interface Display system up time The system life time time for system being turned on is displayed Check service status Check and display the status of the system Set device into safe mode This is used if the administrator is unable to use Web Management Interface via browser when the system fails inexplicitly The administrator can choose this utility and set it into safe mode which enables him to manage this device with browser again Synchronize clock with NTP server Immediately synchronizes the clock through the NTP protocol and the specified network time server Since this interface does not support manual setup for its internal clock we must reset the internal clock through the NTP Print the kernel ring buffer It is used to examine or control the kernel ring buffer The program helps users to print out their boot up messages instead of copying the messages
74. a2 P8 Ce s 44 SA ee M T 47 Pree iip aisi TIR ETT TOT TOM 54 BE EIN Mca et a ieee erem 55 WISI A Wiielclalilercllel a peeremmererern tee cer enter ten eee renner cen ere mew 55 COMI CMS EET Em 55 BSA TCU REICIENDIS 57 Fa Ar EMU qwe Df Eia PT H H 58 xev MATT PT J M 58 cens 59 miro ENTE T UT m m H 60 Bs si mire RTT Lt E 62 mies 63 B d uidi S RENE TUTTI 64 Accessing the Network without Authentication 1 eee ee ele ele lleciieuleniee nien nnne mna enu annona sna sunu a sna annuas urna 65 B pIcT U M 65 RUINIS Ee a MN RENE E E A E A E E A S T A E E A E E E E A A E E A NE 66
75. aches this value the gateway will stop the session of this user and send a Stop to RADIUS server Description VSA is designed to allow vendors to support their own extended Attributes which are not covered in common attributes It MUST not affect the operation of the RADIUS protocol The Attribute Type of VSA is 26 and the Vendor ID should be determined before proceeding to RADIUS configuration in this example the Vendor ID is 21920 Attribute Number and Attribute Value can then be designed to provide additional control over RADIUS Attribute Name Attribute Number Attribute Value HSG Byte Amount 10 To be defined by administrator for different user groups HSG MaxByteln 14 To be defined by administrator for different user groups HSG MaxByteOut 12 To be defined by administrator for different user groups HSG Byte Amount AGB 20 To be defined by administrator for different user groups HSG MaxByteln 4GB 21 To be defined by administrator for different user groups HSG MaxByteOut 4GB 22 To be defined by administrator for different user groups www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 113 A lt gt NetCommWireless If the amount of traffic is larger than 4 GB the attributes of XXXX 4GB will be used For example if the amount is 5 GB the following settings should be set HSG Byte Amount 1048576 and HSG Byte Amount 4GB 1 On the other hand wh
76. ame Password MAC arpani Group Remark Begin Date End Date Bone 1 Group 1 v E 2 Group 1 v A 4 Group 1 v A 5 Group 1 v Select E 6 Group 1 7 A 7 Group 1 A 8 Group 1 v B Search Enter a keyword of a username or remark to be searched in the text file and click this button to perform the search All usernames matching the keyword will be listed Username Password Add User Upload User Download User Local User List Applied Group MAC Address Account Status Begin Date End Date Remark Group 1 Valid Delete Total 1 500 First Prev Next Last GotoPage 1 Page 1 1 Row per Page 10 Yv Del All Click this button to delete all the users at once or click Delete hyperlinked to delete a specific user individually Edit User Click the desired user account on the Local User List to enter the User Profile Interface for that particular user and then modify or add information such as Username Password MAC Address optional Applied Group optional and Remark optional An expiration time can be enabled and the Begin End Date can be selected Click Apply to complete the modification www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 43 A ZAA NetCommWireless r m f A ON NX gt Authentication Black List N Group Policy V Schedule Firewall V QoS Specific Route V Privilege N Additional Control Y Operator
77. anslation DMZ Demilitarized Zone Port and IP Forwarding This function allows the administrator to set 40 virtual servers at most so that client devices outside the managed network can access these servers within the managed network Different virtual servers can be configured for different sets of physical services such as TCP and UDP services in general Enter the External Service Port Local Server IP Address and Local Server Port Select TCP or UDP for the service type In the Enable column check the desired server to enable These settings will become effective immediately after clicking the Apply button f Public Accessible Server i T i Service Port Local Server IP SS a Type jf l iiini i eu TAE EE e L m 3 I HUE eu TE j 9 TCP F UDP i NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 66 4 NetCommWireless Privilege List To configure the Privilege List go to Network gt gt Privilege Setup the Privilege IP Address List Privilege MAC Address List and the Privilege IPv6 Address List The clients accessing the internet via IP addresses and or networking devices on the list can access the network without any authentication ED O Y Y N N M ous M Y NAT Y Privilege Monitor IP M Walled Garden Walled Garden Ad Proxy Server Local DNS
78. as the table stated in Section 2 with the same format www netcommuwireless com Byte imount NetComm Wireless HS1200N Wireless N Hotspot NetCommWireless VENDOR H H Standard attribute ATTRIBUTE Byte mount intercdger ATTRIBUTE HaxBytetIn interger ATTRIBUTE HMaxBytetIn interger ATTRIBUTE Byte Amount 4G8 interyer ATTRIBUTE HaxByteln 42GcB intercmer ATTEIBUTE HaxByteln 4GcB ELI intercger T Edit the file dictionary under the folder freeradius vivian linux wi usr share freeradius dictionary To include dictionary HSG in the dictionary of RADIUS server insert it in an incremental position as follows INCLUDE dictionary ascend INCLUDE dictionary bay INCLUDE dictionary bintec INCLUDE dictionary cabletron INCLUDE dictionary S INCLUDE dictionarwy ci zi altiga dictionary SSIMCLUDE dictionary cisco vpn3000 INCLUDE dictionary cisco vpn5 u u INCLUDE dictionary cisco bbhsem INCLUDE dictionary colubris INCLUDE dictionary erx Open the radius database vivian linux mysql u root p radius Enter password Reading table information for completion of table and column names You can turn off this artup with A Welcome to the MySQL monitor Commands end with ar g Your MySQL connection id is 98 to server version 5 0 27 Type help or ih for help Type 4c Inyscl Insert VSA int
79. ass through the gateway On demand Billing Report Log This page displays a summary of On demand account transactions Configuration Change Log This page shows the account and IP of the user that has made configuration changes to the gateway DHCP Lease To configure DHCP Lease related logs go to Status gt gt DHCP Lease The DHCP IP lease statistics can be viewed after clicking on Show Statistics List in this page Statistics of offered list Valid lease counts of the Last 10 Minutes Hours and Days are shown here The header 1 10 are the unit multipliers For instance the number under column 2 indicates the lease count in the last 20 minutes hours days the number under column 3 indicated the lease count in the last 3O minutes hours days and so on Statistics of expired list IP leased to clients that have expired in the Last 10 Minutes Hours and Days are shown here The header 1 10 are the unit multipliers For instance the number under column 2 indicates the expired count in the last 20 minutes hours days the number under column 3 indicates the expired count in the last 30 minutes hours days and so on www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 101 4 NetCommWireless Statistics of offered list E 8 9 Last 10 Minutes 1 g g g 0 0 0 g Last 10 Hours 2 1 2 Last 10 Days Last 10 Minutes g 0 g 0 0 g 0 Last 10 Hours 0 0 0 Last 10 Days
80. ation WorldPaylnstallation ID The ID of the associated Merchant Account Payment Gateway URL The default website of posting all transaction data Currency The currency to be used for the payment transactions Service Disclaimer Content Disable Disable Disable Disable 9 Disable Disable Disable Disable Disable Disable WorldPayNoteContent View the service agreement and fees for the standard payment gateway services as well as add or edit the service disclaimer content here WorldPay Billing Configuration These 10 plans are the plans in Billing Configuration and the desired plan s can be enabled NetComm Wireless HS1200N Wireless N Hotspot 136 WWwW netcommwireless com PA M TA NetCommWireless WorldPay Note Content The message content will be displayed as a special notice to end customers Before setting up WorldPay it is required that the hotspot owners have a valid WorldPay Merchant Account from its official website RBS WorldPay Merchant Services amp Payment Processing going to rosworldpay com gt gt support center gt gt account login Step 1 amp Log in to the Merchant Interface Login url www rbsworldpay com support index php pagezlogin amp c WW 4 Select Business Gateway Formerly WorldPay 4 Click Merchant Interface 4 Username user2009 4 Password user2009 Step 2 Select Installations from the left hand navigation Step 3 Choose an installa
81. ation The Destination IP address Subnet Mask The Subnet Mask of the IP address range Gateway The Gateway IP address of the interface Interface Including WAN Private and Public NetComm Wireless HS1200N Wireless N Hotspot 96 WWwW netcommwireless com gt NetCommWireless Current Users To view Current Users go to Status gt gt Current Users On this page each online user s information including Username IP Address MAC Address IPv6 Address Pkts In Bytes In Pkts Out Bytes Out Service Zone VLAN Group Policy Authentication Method Authentication Database Online Idle and Kick Out will be shown Administrators can force out a specific online user by clicking the hyperlink of Kick Out Click Refresh to update the current users list Online Users List Auth Online Username MAC Address Pkts In Out SZ VLAN Method Sec No UE ZA Kick Out IP Address IPv6 Address Bytes In Out Group Policy Database Sec Total 0 First Prev Ne ast Go to Page Y Page 1 1 Row per Page 50 v Non Login Devices shows users that have acquired an IP address from the system s DHCP server but have not yet been authenticated either under the LAN or remotely tunneled site This feature is designed for administrators to keep track of systems resources from being exhausted The list shows the client s MAC Address IP Address and associated VLAN ID as well as the Service Zone Non Login Device List MAC Addres
82. ator to input additional information www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 12 A FA NetCommWireless Editing Billing Plan Plan 3 Account Type Usage time Expiration Time with Expiration Time No Expiration Time day s 3 hr s 4 mints Quota Range of day s O 364 Range of hour s 0 23 Range of minis 0 53 they cannot all be zero First time login must be done within 5 day s le Account Activation hourts Range of houriz 0 23 they cannot both be zero Le gt Price Range 0 100000 induding two digits after decimal point e g 1 33 Group Group 1 ha Reference TIP If the Account Type is Usage Time Customer can access internet as long as the account is valid with remaining quota connection time and within the valid period Customer alse needs to activate the issued account within a given time period by logging in for the first time Usage time No Expiration account lifespan lt gt Activation Time Quota up QU AT Creation Time ben Time CT my Invalid Valid NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 122 4 NetCommWireless Hotel Cut off time Hotel Cut off time is the clock time normally check out time at which the on demand account is cut off made expired by the system on the following day or many days later On the account creation
83. ave been issued with an account with a password as well as the PPTP server address v s3 E e System Users Network Utilities Bf A gt z z ae Y WAN wan Traffic V IPv6 Y LAN Port Mapping Service Zones B Status Main Menu gt System gt WAN WAN Interface Setting Static Use the following IP settings Dynamic IP settings assigned automatically PPPoE PPTP Type Static DHCP PPTP Server IP Address Username WAN Password Dial on Demand Preferred DNS Server Alternate DNS Server PPTP Connection ID Name Enable Disable Learn DNS Server Address During Negotiation NetComm Wireless HS1200N Wireless N Hotspot 26 www netcommwireless com 4 NetCommWireless Limiting WAN bandwidth and enabling WAN connection detection To limit the WAN bandwidth and enable WAN connection detection click the Main Menu button then System and then WAN Traffic Limiting WAN bandwidth This feature gives administrators control over the entire system s traffic on the WAN interface These parameters set here should not exceed the real bandwidth provided by your ISP For example if your xDSL is 8Mbps 640kbps you may input values equal to or less than the speed here Available Bandwidth on WAN Interface DI DI Ww 8 d System Users Network General wan WAN Traffic IPv6 LAN Port Mapping Service Zones on W
84. by hand Main menu Go back to the main menu Change admin password Besides supporting the use of console management interface through the connection of null modem the system also supports the SSH online connection for the setup When using a null modem to connect to the system console we do not need to enter administrator s password to enter the console management interface The username and password is needed instead when connecting the system by SSH The username is admin and the default password is also admin which is the same as for the web management interface Password can also be changed here If administrators forget their password and are unable to log in to the management interface from the web or the remote end of the SSH they can still use the null modem to connect to the console management interface and set the administrator s password again Caution Although it does not require a username and password for the connection via the serial port the same management interface can be accessed via SSH Therefore we recommend you to immediately change the gateway Admin username and password after your first login to the system www netcommuireless com NetComm Wireless HS1200N Wireless N Hotspot 89 A gt NetCommWireless Reload factory default Choosing this option will reset the system configuration to factory defaults Restart the HSG Choosing this option will restart the gateway system Status and Reports Vie
85. cable ee se Time Minutes of lease time of the IP address BSSID The BSSID of this zone gt The ESSID of this zone Zone VAP C Type The current security type of this zone Associated laid The number of associated clients in this zone WWw netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 95 ws lt gt NetCommWireless Routing Table To view System Status go to Status gt gt Routing Table All the Policy Routing rules and Global Policy Routing rules for both IPv4 and IPv6 will be listed here It will also show the System Routing rules specified by each interface The following depicts an image for the IPv4 Routing Table Policy 1 Destination Subnet Mask Gateway Interface Policy 2 Destination Subnet Mask Gateway Interface Policy 3 Destination Subnet Mask Gateway Interface Policy 4 Destination Subnet Mask Gateway Interface Policy 5 Destination Subnet Mask Gateway Interface Interface Destination Subnet Mask Gateway Interface 192 168 1 0 255 255 255 0 0 0 0 0 Private 192 168 11 0 255 255 255 0 0 0 0 0 Public 169 254 0 0 255 255 0 0 i 0 0 0 0 Private 10 29 0 0 255 255 0 0 0 0 0 0 WAN System Destination Subnet Mask Gateway Interface 0 0 0 0 0 0 0 0 10 29 0 1 WAN Policy 1 5 Shows the information of the individual Policy from 1 to 5 Global Policy Shows the information on the Global Policy System Shows the information on the system administration Destin
86. cal user accounts The Upload User button is for importing a list of user accounts from a text file The Download User button is for exporting all local user accounts into a text file Clicking the hyperlink of a user account leads to a page for configuration www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 41 A gt NetCommWireless Add User Upload User Download User Search Local User List Applied Group MAC Address Username Password Account Status Begin Date End Date owed Group 1 useri useri Valid Delete Total 1 500 First Prev Next Last GotoPage 1 Page 1 1 Row per Page 10 v Add User Click this button to enter the Adding User s to the List interface Fill in the necessary information such as Username Password MAC Address Remark and login Schedule Select a desired Group to classify local users Click Apply to complete adding the user s MAC address of a networking device can be bound with a local user as well It means this user must log in to the system with a networking device namely PC that has the corresponding MAC address That is this user can not log in with other networking devices An expiration time can be enabled for the user NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 42 lt gt NetCommWireless Adding User s to the List No Usern
87. can be configured from the IPv6 tab DI Network Alias Shows the IP address that bridges to different subnets configured in the Network Alias List 2I 2 DHCP Pool Shows the range of LAN IP address which clients are assigned to get from DHCP LAN Port Mapping Each physical LAN port can be set individually to map to a specific zone and can be configured from the LAN Port Mapping tab refer to 3 5 1 D Status Shows the Private Public Zone mappings to the physical LAN ports DI D Details Configurable detailed settings for each Zone Click the Configure button to configure each Zone Basic Settings Authentication Settings Wireless Settings and WDS Settings Public Zone only NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 28 lt gt NetCommWireless Port Role Assignment The gateway supports two zones Private and Public In the Private Zone authentication is not required to access the network whether it is via wired and wireless connection In the Public Zone the Authentication Required for Zone option is enabled by default so clients have to be authenticated successfully before surfing the Internet The Zone and Port mappings are shown below LAN1 LAN2 maps to Private Zone and LAN3 LANA to Public Zone respectively O9 ILLILIL Meo LAN LAN3 LANA USS 2 0 Consola Note The gateway s web based user interface can also be accessed via WAN port as long as the administra
88. ccess s Title for Message to Seller Special Note to Seller PayPal Payment Page Remark Content K A Payment is accepted via PayPal PayPal enables you to send payments securely online using PayPal account a jcredit card or bank account Clicking on Buy Now button v Client s Purchasing Record Starting Invoice Number An invoice number may be provided as additional information for the transaction This is a reference field that may contain any sort of information Description Enter the product service description e g wireless access service Title for Message to Seller Enter the information that will appear in the header of the PayPal payment page PayPal Payment Page Remark Content The message content will be displayed as a special notice to end customers in the page of Hate Plan For example it can describe caution for making a payment via PayPal www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 133 A FA NetCommWireless Payments via SecurePay To configure Payments via SecurePay go to Users gt gt Authentication gt gt On demand User gt gt External Payment Gateway gt gt SecurePay Before setting up SecurePay it is required that the hotspot owners have a valid SecurePay Merchant Account from its official website Merchant ID Authorize Net External Payment Gateway PayPal 9 SecurePay WorldPay SecurePay Payment Page Configuration
89. cess The administrator can use the pull down menu to select the desired black list Black List Settings Select Black List i Blacklistl v Name Blacklist1 User Remark Total 0 20 First Prev Next Last Go to Page Y Page 1 1 Row per Page 10 v Add User s Select Black List There are 5 black list profiles available for use Name Set the black list name and it will show on the pull down menu above Add User s Click the Add User s button to add users to the selected black list Adding User s to Blacklist1 No Username Remark 10 After entering the username in the Username field and the related information in the Remark blank not required click Apply to add the user If a user needs to be removed from the black list click the user s Delete button and or use click Del All button to remove all users from the black list Black List Settings Select Black List l Blacklisti v Name Blacklist1 User Remark blackuser J k Delete 0 0 Total 1 20 First Prev Next Last Go to Page 1 Page 1 1 Row per Page 10 NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 57 ES lt gt NetCommWireless After the Black List editing is completed You can select the Black List in each Authentication Server to make the li
90. ciate and disassociate messages NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 102 gt NetCommWireless E Mail SMTP Settings Receiver E mail Address 1 Receiver E mail Address 2 Receiver E mail Address 3 Receiver E mail Address 4 Receiver E mail Address 5 Sender E mail Address SMTP Server SMTP Port 25 SMTP over SSL D Enable 9 Disable SMTP Authentication None SMTP Settings Receiver Email Address es Up to 5 e mail addresses can be set up to receive the notification There are eight kinds of notification for selection Monitor IP Report Users Log On demand Users Log Roaming Out Users Log Roaming In Users Log Session Log Firewall Log and On demand Billing Report check the selection box to choose the type of notification to be sent Sender Email Address The e mail address of the administrator in charge of monitoring This will show up as the sender s e mail SMTP Server The IP address of the sender s SMTP server SMTP over SSL Enable or Disable SMTP over SSL for additional security SMTP Authentication The system provides four authentication methods Plain Login CRAM MD5 and NTLMv1 or None to use none of the above Depending on which authentication method is selected enter the Account Name Password and Domain NTLMv1 is not currently available for general use Plain and CRAM MD5 are standardized authentication mechanisms while Login and NTLMv1 are Microsoft proprietary
91. d through a computer using a web browser with JavaScript enabled The default LAN IP addresses are LAN1 and LAN2 192 168 110 1 These are mapped to the Private Zone user authentication is not required to access network resources LANG and LANA 192 168 120 1 These are mapped to the Public Zone user authentication is required to access network resources Note The following instructions use the administration computer connected to the LAN1 port Configuration Steps Once the hardware installation steps are complete set your computer to Obtain an IP address automatically in the TCP IP settings when logged in to the PC as an administrator If you have not modified your TCP IP settings it should already be configured in this way Connect one end of the provided Ethernet cable to the PC and the other end to LAN port 1 Open a web browser and type httos 192 168 110 1 or http 192 168 110 1 in the address field and press Enter ey Note Use https for a secure connection Y Mozilla Firefox File Edit View History Bookmarks Tools Help New Tab https 192 168 110 1 For the first time if the HS1200N is not using a trusted SSL certificate there will be a Certificate Error This is because the browser treats the HS1200N as an untrusted website Please press Continue to this website to continue If you are unable to see the login screen verify your computer is configured to obtain an
92. ddress or shipping address of a transaction State A state associated with both the billing and shipping address of a transaction This may be entered as either a two character abbreviation or the full text name of the state Zip The ZIP code represents a five or nine digit postal code associated with the billing or shipping address of a transaction This may be entered as five digits nine digits or five digits and four digits Country The country associated with both the billing and shipping address of a transaction This may be entered as either an abbreviation or full name Phone A phone number associated with both a billing and shipping address of a transaction Phone number information may be entered as all number or it may include parentheses or dashes to separate the area code and number Fax A fax number may be associated with the billing information of a transaction This number may be entered as all number or contain parentheses and dashes to separate the area code and number Authorize Net Payment Page Remark Content Enter additional details for the transaction such as Tax Freight and Duty Amounts Tax Exempt status and a Purchase Order Number if applicable Payments via PayPal To configure Payments via PayPal go to User gt gt Authentication gt gt On demand User gt gt External Payment Gateway gt gt PayPal Before setting up PayPal it is required that the hotspot owners have a valid PayPal Busine
93. e 2012 07 10 131 2012 07 09 131 2012 07 08 131 Date Size Byte 2012 07 10 186 2012 07 09 186 2012 07 08 173 Month No of Entries Usage Data 0 0 NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 98 gt NetCommWireless Caution Since the history is saved in the RAM memory if you need to restart the system at the same time please keep the history manually by copying and saving the traffic history information before restarting If the Receiver E mail Address es has been entered under the Notification Settings page the system will automatically send out these history information to that specified email address Users Log All user activities on the system within 72 hours excluding other user logs such as On demand user log are recorded in date and time order Each line is a traffic history record consisting of 17 fields including Date Type Name IP IPv6 MAC Pkts In Bytes In Pkts Out Bytes Out and other information of the user activities On demand User Log Each line is a on demand user log record consisting of 25 fields Date System Name Type Name IP MAC Pkts In Bytes In Pkts Out Bytes Out Activation Time 1st Login Expiration Time Remark and other information of On demand user activities are included Roaming Out User Log Each line is a roaming out traffic history record consisting of 14 fields Date Type Name NSID NASIP NASPort UserMAC SessionID SessionTime
94. e Gateway to the external login page are as follows NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 140 gt NetCommWireless String URL encoded The URL which shall be submitted when user login remainingurl String URL encoded The URL which shall be submitted when user want to get remaining quota Integer 1 4096 VLAN ID umac MAC format separated by Client MAC address MAC address session string ecc E session information include client IP address MAC address date and return URL You will need to parse the required parameters in your html code The following HTML code segment is an example of parsing loginurl parameter with a self define javascrip function FORM action method post name form gt lt script language Javascript gt form action getVarFromURL window location href loginurl lt script gt lt INPUT type text name myusername size 25 gt lt INPUT type password name mypassword size 25 gt lt INPUT name button_submit type submit value Enter gt lt INPUT name button_clear tyoe button value Clear gt lt FORM gt The following shows the corresponding self defined javascript function used to parse the oginurl parameter function getVarFromURL url name ifrname url return name name replace INI l N replace IN NN var regObj new RegExp 8 name A amp var result regObj exec
95. e address to post all transaction data Verify SSL Certificate This is to help protect the system from accessing a website other than Authorize Net Test Mode In this mode merchants can post test transactions for free to check if the payment function works properly MD5 Hash If transaction responses need to be encrypted by the Payment Gateway enter and confirm a MD5 Hash Value and select a reactive mode The MD5 Hash security feature enables merchants to verify that the results of a transaction or transaction response received by their server are actually sent from the Authorize Net www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 129 A gt NetCommWireless Service Disclaimer Content Choose Billing Plan for Authorize Net Payment Page Client s Purchasing Record Service Disclaimer Content We may collect and store the following personal information email address physical contact information credit card numbers and transactional information based on your activities on the Internet service provided by us Choose Billing Plan for Authorize Net Payment Page Plan Enable Disable Quota Price 1 Enable Disable 5 hr s 5 min s 0 2 Enable Disable 3 O Enable 9 Disable 10 hr s 6 min s 9000 4 Enable Disable 5 Enable Disable Until 18 30 88 6 Enable Disable 7 O Enable 9 Disable 20 73 Mbyte s 0 59 8 Enable Disable 9 Enable Disable 10 O Enable 9 Disable 600 Mbyte s 6 99 Starting Invoice Number
96. e format is XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX as well as the remark optional These settings will be effective immediately after clicking Apply NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 68 lt gt NetCommWireless Disable Authentication in Public Zone To disable Authentication in Public Zone go to System gt gt Service Zones click Configure in Public Zone Service Zone Settings i LAN Port Applied Poli IP Address h Service Zone sie di zi Network DHCP Pool Mapping Details Name Default Authen Alias Option IPv6 Address Status Policy 1 192 168 1 254 Dimp priate om an eons Disabled N A Enabled Policy 1 172 21 0 254 LLO LO Lo 172 21 0 1 Public N A 172 21 0 100 Server 1 N A Enabled Authentication Settings WISPr Configuration Auth Option Auth Database Postfix Default Enable Server 1 LOCAL local v Server 2 RADIUS radius1 Authentication Options i Server 3 RADIUS radius2 On demand User ONDEMAND ondemand FREE FREE N A 7 Authentication Required For the Zone When it is disabled users will not need to authenticate before they get access to the network within Public Zone www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 69 A gt NetCommWireless User Login and Logout Before Login
97. e value can be further specified for the fields in 802 2 LLC frame header SNAP Type when EtherType is IEEE802 3 The field can be used to indicate the type of encapsulated traffic Opcode when EtherType is ARP This list can be used to specify the ARP Opcode in ARP header Source MAC Address Mask indicates the source MAC IP Address Mask indicates the source IP address when EtherType is IPv4 ARP IP MAC amp MASK indicate the ARP payload fields when EtherType is ARP Destination MAC Address Mask indicates the destination MAC IP Address Mask indicates the destination IP address when EtherType is IPv4 ARP IP MAC amp MASK indicate the ARP payload fields when EtherType is ARP When you have finished making changes click the Apply button so that the changes can take effect To add a new rule Select the Insert Before link in the Operation column of the firewall list www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 3 A lt gt NetCommWireless En ER i g 7 a i General NT WAN Traffic IPv amp LAN Port Mapping y Service Zones TE 2 Firewall b Main Menu gt System Layer 2 Firewall EMEN ON m NN Source 00 Besimon 000 o o meMaes MAeMies O o wems a Memk oo Apply To move a specific rule Select the Move to option in the Operation column of the firewall rule then select the number that you wo
98. en the administrator fills in all attributes the user will be kicked out from the system if any condition is reached For example if the administrator sets HSG Byte Amount 1048576 HSG MaxByteln 1048576 and HSG MaxByteOut 1048576 the user will be kicked out of the system when the downlink uplink or total traffic exceeds the limit VSA configuration in RADIUS server IAS Server This section will guide you through a VSA configuration in your external RADIUS server Before getting started please directly or remotely access your external RADIUS server s desktop from other PC step 1 Confirm the following key elements in the RADIUS server users groups and policies Verify whether there are already users in the RADIUS Server Verify whether there are already Groups and assigned users belonging to these Groups in the RADIUS Server Verify whether there are already Policies and assigned Groups belonging to these Policies in the RADIUS Server step 2 Run Internet Authentication Server and open Remote Access Policies Right click Policy and scroll down to the Properties page iB Recycle Bin Getif 2 3 1 RADIUS Server Desktop e Internet Authentication Service Hi Hi Fille Action View Help Axon 145 Log Viewer it eq X Ee o gt Internet Authentication Service Local n 1 H E RADIUS Clients LL IET dI ILE TIE IEL Authenticati H A Remote Access Policies Connecti
99. es to be sent to the Gateway with its corresponding HTML coding Path is the URL destination Input is the parameter required to be sent back Output is the feedback from the system User Login Path LAN IP address or Internal Domain Name loginpages userlogin shtml Input Field Required Value myusername Required string mypassword Required string Session Optional String Output No output redirect user to login successful page User Logout Path LAN IP address or Internal Domain Name loginpages logoff shtml Input Field Required Value Uid Optional String www netcommwireless com Description User ID User password Encoded string which contains some information of this session default is taken from cookie Description User ID default is taken from cookie NetComm Wireless HS1200N Wireless N Hotspot 145 lt gt NetCommWireless Session Output Optional string No output redirect user to logout successful page Remaining quota Credit balance Path LAN IP address or Internal Domain Name loginpages reminder shtml Input Field Hequired Value myusername Required string mypassword Required string ret url Optional String URL encoded Command Optional string Output Encoded string which contains some information of this session default is taken from cookie Description User name Password Returned URL default is pop reminder shtml getValue If command is set
100. etermines the packet size at which the system issues a request to send RTS before sending the frame to prevent hidden node problems The RTS mechanism will be activated if the data size exceeds the value provided A lower RTS Threshold setting can be NetComm Wireless HS1200N Wireless N Hotspot 32 www netcommwireless com gt NetCommWireless useful in areas where many client devices are associating with the gateway or in areas where the clients are far apart and can detect only the gateway but not each other The default value is set at 2346 27 Fragment Threshold Enter a value between 256 and 2346 The default value is 2346 A packet size larger than this threshold will be fragmented sent with several pieces instead of one chunk before transmission A smaller value results in smaller frames but allows a larger number of frames in transmission A lower Fragment Threshold setting can be useful in areas where communication is poor or disturoed by a serious amount of radio interference D Broadcast SSID The administrator has the option of enabling or disabling the SSID for VAP1 which is the Private Zone The default value is set to Disable where users will not be able to scan for the SSID D Station Isolation By enabling this function all stations wirelessly associated to this zone are isolated from one another and can only communicate with the gateway DI WMM Wi Fi Multimedia WMM is a Quality of Service QoS featu
101. eters related to each connection method are described on the following pages NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 24 lt gt NetCommWireless Static IP Use this method if you wish to manually specify the IP address of the WAN port The fields with red asterisks are mandatory IP Address The IP address of the WAN port 4 Subnet Mask The subnet mask of the WAN port 4 Default Gateway The gateway of the WAN port Preferred DNS Server The primary DNS Server of the system a 2I c 5 e e System Users Network Utilities gt A m B f N Y 1 General WAN WAN Traffic IPv6 LAN Port Mapping Service Zones N T X A Main Menu gt System gt WAN WAN Interface Setting Alternate DNS Server The substitute DNS Server of the system This is an optional field B Status Static Use the following IP settings IP Address Subnet Mask Default Gateway WAN Preferred DNS Server Alternate DNS Server Dynamic IP settings assigned automatically PPPoE PPTP Dynamic Select Dynamic IP when you have the gateway connected to a network where there is a DHCP server available Click the Renew button to get an IP address automatically 5 e e System Users Network Utilities m m 6 gt m f TA gt T N y General wan WAN Traffic IPv6 l LAN Port Mapping Service Zones
102. ewall This section provides an overview of firewall rules for the system s wireless interface 6 default rules with up to a total 20 firewall rules are available for configuration NetComm Wireless HS1200N Wireless N Hotspot www netcommuwireless com 35 A FA NetCommWireless Firewall Rules Edit Move ta CDP IEEE 802 3 Insert Before Delete Edit E Move to STP IEEE 802 3 Insert Before Delete Edit Move to Insert Before Delete Edit Move to Insert Before Delete Edit Move to Insert Before Delete Edit Move ta Insert Before Delete Edit Move ta Insert Before Delete Edit Move to Insert Before Delete Edit Move to Insert Before Delete Edit Move to rule 10 Insert Before Delete GARP IEEE 802 3 ER EN Je Total 10 First Prev Next Last From the overview table each rule is designated with the following field gt 5 DI No The numbering will decide the priority of which the system will carry out the available firewall rules in the tables Active Checking this field will mark the rule as active which means this rule will be enforced Action Block denotes a block rule PASS denotes a pass rule Rule Name This is the denominated name of the rule EtherType It denotes the type of traffic subjected to this rule Remark It shows the additional reference information of this rule Operation 4 actions are available Edit denotes to edit the rule details Move to denotes to
103. eway www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 85 A gt NetCommWireless Firmware Upgrade To configure Firmware Upgrade go to Utilities gt gt System Upgrade The administrator can download the latest firmware from the website and upgrade the system here Select the latest firmware with Browse button then click Apply the system will upload the file and restart to perform the upgrade process The firmware upgrade process can also be done via FIP It might take a few minutes before the upgrade process completes and the new firmware s WMI interface appears System Firmware Upgrade No file selected Ports Upgrade by FTP yes ONo Oooo Aly J ex file name or dir file name Note For maintenance purposes we strongly recommend you to backup the system settings before the upgrade Note After clicking Apply the system will begin uploading the chosen firmware into the system Once the upload process is complete the system will restart to activate the new firmware The entire process may take a few minutes until the new firmware WMI appears When restart is complete system will not lease IP So please use static IP PC to upgrade system firmware Caution 1 Firmware upgrade may cause the loss of some data You may need to manually backup user account information please refer to the release notes for the limitation before upgrading 2 Do not power on off the system duri
104. figured SYSLOG server SYSLOG Settings SYSLOG 9 Enabled Disabled SYSLOG Server 1 IP Address Port SYSLOG Destinations SYSLOG Server 2 IP Address Port SYSLOG Level emergency v Note When the number of a user s session TCP and UDP reaches the session limit specified in the policy a record will be logged to this SYSLOG server FTP This configuration page allows the setting of FTP Server to send including the types of Roaming Out Users Log Roaming In Users Log On demand User Billing Report Session Log Local HTTP Web Log HTTP Web Log WMI Configuration Log DHCP Lease Log Traffic Report User Log or On demand User Log based on Server Folder and Interval FTP Settings IP Address Port FTP Destination Anonymous Yes No FTP Setting Test FTP Server Settings FTP Destination Configures the common settings of the FTP server that the logs will be sent to Further settings can be configured under Notification Settings which includes the following IP Address Port IP address and port number of FTP server Anonymous Check option Yes if the FTP server does not need ID credentials otherwise check option No and fill in the necessary Username and Password FTP Setting Test To test if the FTP settings are correct or not User Log Records the User Log of the system to a specific FTP server On demand User Log Records the On demand User Log of the system to a specific FTP server Roaming Out In Users Log Reco
105. g Secret Key The key between the RADIUS server and the gateway to test the authenticity of the link NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 46 gt NetCommWireless On Demand User On demand User Server Configuration The administrator can configure this authentication method to create on demand user accounts This function is designed for hotspot owners to provide temporary users with free or paid wireless Internet access in the hotspot environment Major functions include accounts creation users monitoring list billing plan and external payment gateway support c s35 d m System sens Network Utilities Status potenter iii pata on mnc Pen pal rd N Black List Group Policy Schedule Firewall QoS Specific Route Privilege Additional Control Operator Y i i i Main Menu gt Users gt Authentication gt On demand User Server Configuration Authentication Server On demand User General Settings Ticket Customization Ticket Template Customization Billing Plans Configure External Payment Gateway On demand Account Creation On demand Account Batch Creation On demand Account List General Settings This is the common setting for the On demand User authentication option c 5 d m e System Users Network Utilities Status f 5 N y N i i f MN QN TRA N Nem
106. ginal None http www google com e g http vww example com Portal URL Browser ID User Agent IEMobile 7 0 XBLWP7 e g IEMobile 7 0 XBLWP7 separate by comma UAM Filter User Log Access IP Address e g 192 168 2 1 Management IP Address List Only PCs within the Management IP range on the list are allowed to access the system s web management interface For example 10 2 3 0 24 means that as long as an administrator is using a computer with the IP address range of 10 2 3 0 24 he or she can access the web management page Another example is 10 0 0 3 if an administrator is using a computer with the IP address of 10 0 0 3 he or she can access the web management page Management IP Address List No Active IP Address Segment No Active IP Address Segment 1 0 0 0 0 0 0 0 0 2 m 3 B 4 D l 5 m 6 D 7 B 8 Ij E E 10 E ii A 12 E 13 7 44 A 15 T 16 E 17 E 18 E 19 20 E The default value is O 0 0 0 0 0 0 0 It means that the WMI can be accessed by any IP address for security consideration please change this value before the system provides service NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 78 A lt gt NetCommWireless IP Address for Accessing User Log To configure User Log Access IP History go to System gt gt General General Settings for the Entire System
107. he Complete option is checked both the username and postfix will be transferred to the RADIUS server for authentication On the other hand when the Only ID option is checked only the username will be transferred to the external RADIUS server for authentication If the Leave Unmodified option is selected the system will send the username to Default Auth Server set in 802 1X configuration page for authentication NAS Identifier System will send this value to the external RADIUS server if needed by the external RADIUS server NAS Port Type System will send this value to the external RADIUS server if needed by the external RADIUS server Class Group Mapping This function is to assign a Policy to a RADIUS class attribute sent from the RADIUS server When the clients classified by RADIUS class attributes log into the system via the RADIUS server each client will be mapped to its assigned Grouap and Policy RADIUS Group Mapping Server 2 Enable 9 Disable No Class Attribute Value Group Remark 1 Group 1 v 2 Group 1 v 3 Group 1 v 4 Group 1 y 5 Group 1 v NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 108 gt NetCommWireless Roaming Out To configure local user Roaming Out go to Users gt gt Authentication click configure for Local Under certain configurations the gateway can act as a RADIUS server for Roaming Out local users logged from another system The Local User database will act as t
108. he RADIUS user database Account Roaming Out amp 802 1X Authentication When Account Roaming Out is enabled the link of Roaming Out amp 802 1X Client Device Settings will be available to define the client device authorized to roam by entering the IP address Subnet Mask and Secret Key Local User Database Settings Local User List Enable Disable Account Roaming Out i i Local user database will be used as authentication database for roaming out users Enable Disable 802 1X Authentication Local user database will be used as internal RADIUS database for 802 1X enabled LAN Idevices such as AP and switch RADIUS Client Device Settings 802 1X Auth Setting Default Auth Server Server 1 Postfix local The Auth server is for username only with ID e g useri RADIUS Client Device Settings No Type IP Address Subnet Mask Secret Key SNMP Community 1 Roaming Out v 127 0 0 0 255 0 0 0 8 Y IIIIIIII 2 Disable v 255 255 255 255 32 v 3 Disable 255 255 255 255 32 v 4 Disable 255 255 255 255 32 v 5 Disable 255 255 255 255 32 v Click the hyperlink Roaming Out amp 802 1x Client Device Settings to enter the Roaming Out amp 802 1X Client Device Settings interface Choose Roaming Out and enter the Roaming Out client s IP address and network mask and then click Apply to complete the settings In the other system such as another gateway set up its RADIUS ser
109. he network related settings are done 1 Connect a client PC to Public Zone of gateway Open an Internet browser and try to connect to any website in this example we try to connect to www google com The default user login page will appear in the browser NetCommwWireless Cl Remember Me Copyright c www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 55 LI FAA NetCommWireless 2 Enter the username and password for example we use a local user account test local here and then click Login If the Hemember Me checkbox is checked the browser will store the username and the password on the current computer in order to automatically login to the system at the next login Then click the Login button The Remaining button on the User Login Page is for on demand users only this is where they can check their Remaining quota NetCommWireless Hello you are logged in via test local To log out please click the Logout button Login time 2000 03 16 20 23 The Login Success Page indicates that you are connected to the network and the Internet now NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 56 lt gt NetCommWireless Banning Users Black List To configure a Black List go to Users gt gt Black List The administrator can add delete or edit the black list for user access control User accounts that appear on the black list will be denied of network ac
110. her end of the Ethernet cable to the device in use that will be used to provide access to the Internet This may be an ADSL Router a cable modem or a switch hub The WAN LED illuminates to indicate a proper connection 3 Connect the HS1200N to your local area network device Connect one end of an Ethernet cable to the LAN1 port on the front of the HS1200N Connect the other end of the cable to the Ethernet port on the computer being used to configure the HS1200N The LAN1 LED illuminates to indicate a proper connection has been made Note The HS1200N has two virtual zones Private and Public These zones are mapped to LAN1 192 168 110 1 and LAN2 192 168 120 1 respectively 4 Connect the power supply to the HS1200N Connect the DC power adapter to the power socket on the rear panel of the HS1200N Wait up to 10 minutes for the router to start Up Note DI Only use the power adapter supplied with the HS1200N Using a different power adapter may damage the system D To verify the wired connection between the HS1200N and the switch hub router you can also check the LED status indicators of these network devices Wireless Ticket Generator and Thermal Printer Please follow the steps below to install the Wireless Ticket Generator and Thermal Printer 1 Place the Wireless Ticket Generator and Thermal Printer close to one another and in the position you would like to use them Attach the included WiFi antenna to the WiFi antenn
111. hile clients in the Public Zone must be authenticated before using the network services This enables hotspot owners to deploy wireless network services for clients and then manage the network as well The following diagram illustrates how the HS1200N package is typically deployed to manage the Internet and access to network services www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 7 A gt NetCommWireless Hardware overview Wireless N Hotspot Front Panel NetCommWvireless NUMBER BUTTON DESCRIPTION Quick button Press this button to quick print an account generated from billing plan 1 Press and hold over 5 seconds to initiate Master Mode for the WES process 2 WES button Press and release to initiate Slave Mode for the WES process NUMBER LED DESCRIPTION When illuminated the device is on and correctly powered When illuminated the system is ready When illuminated this wireless LED indicates that the network interface is ready for service Illuminates in orange to indicate that the WAN port is connected to a 1000Mbps link WAN Illuminates in green to indicate that the WAN port is connected to a 10 100Mbps link Illuminates in orange to indicate that the LAN port is connected to a 1000Mbps connection 7 LAN1 LAN4 Illuminates in green to indicate that the LAN port is connected to a 10 100Mbps connection MASTER SLAVE NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 8
112. i Item E I E E E 9 8 8 8 g amp S S S S 1S iiit i EFF E E IEP U IEP mp E 10 1D Q e Q J Enter all items or make changes by clicking the Edit button click Apply the items will be added and shown on the list URL Enter the URL of the advertisement website Topic Enter the content of the hyperlink for instance if you enter Google in this field on the user login page a hyperlink of Google will be displayed Description Any additional message for administrator s reference Display Choose Display to display advertisement hyperlinks on the login pages www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot T3 A gt NetCommWireless After Login Portal URL after successful login To configure Portal URL after a successful user login go to System General When this function is enabled enter the URL of a Web server as the Portal page Once logged in successfully users will be directed to this URL such as http www google com regardless of the original homepage set in their browsers General Settings for the Entire System System Name Wireless Hotspot Gateway Administrator Contact Information Suspend Warning Message Sorry The service is suspended Internal Domain Name dateway example c Use the name on the security certificate Disclaimer Page Enable 9 Disable FQDN of
113. icating an account e g Bob local or Tim radius1 etc when multiple options are concurrently in use One of the authentication options can be assigned as default For authentication assigned as default the suffix can be omitted For example if local is the suffix of the default option then user with username Bob can login as Bob without the need to type in Bob local Auth Option Auth Database Postfix Default Enable Server 1 LOCAL local v Server 2 RADIUS radiusi v Authentication Options Server 3 RADIUS radius2 v On demand User ONDEMAND ondemand j v FREE FREE N A 7 Login with Sufffix For each authentication option set a suffix that is easy to distinguish e g Local users according to different authentication servers The acceptable characters are numbers 0 9 alphabet a z or A Z dash underline _ and dot within a maximum of 40 characters All other characters are not allowed Beside the users managed by Default Authentication all the other ones with different servers should log into the system with usernames containing suffixes to identify which authentication option they belong to The suffix can be set for each Authentication database by clicking the Auth Option An Example of User Login Normally users will be authenticated before they get network access through gateway This section presents the basic authentication process of end users Please make sure that the gateway is configured properly and t
114. ication Server FREE Group Group 1 v Trial Account Enable Disable When the Free Authentication option is Enabled users will have an option of logging in with an email address without authentication This can be activated under Service Zone Settings configurations The constraints can be set specifically with the mapped Group profile MAC addresses will be checked to avoid malicious use of free access c s3 d e i System Sens Network Utilities Status e a por eoe ec o ost e a t i wt Main Menu gt Users gt Authentication gt FREE Authentication Authentication Authentication Server FREE Group Group 1 v Trial Account Enable Disable Usage Time 2 hour s 0 minute s Refresh Time 12 hour s 1 999 three digits Trial Account List When Trial Account is Enabled the Administrator can choose to set the Usage Time and Refresh Time The server remembers the MAC address of the user Hence the user can only get a new Free authentication account after the refresh time has been reached NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 54 A gt NetCommWireless User Login Default Authentication There are different types of authentication databases LOCAL RADIUS and ONDEMAND that are supported by the system But authentication can only be set in the Public Zone A suffix is used to inform the system which authentication option is to be used for authent
115. ick the Logout icon on the upper right corner of the interface to return to the login screen Select Group Super Group Y S uper e oup Manager Operator Setting Permission OnDemand Manager Custom 1 Custom 2 Custom 3 System Users Private Public main WAN IPv6 Service Zones General WAN Traffic LAN Port Mapping main Black List Policy Firewall Specific Route Additional Control Authentication Group Schedule QoS Privilege Operator www netcommuwireless com NetComm Wireless HS1200N Wireless N Hotspot 83 A gt NetCommWireless Changing Admin Passwords To configure Admin passwords go to Utilities gt gt Administrator Account There are four predetermined levels of authority Super Group Manager Operator and On Demand Manager The usernames and passwords can be configured at Utilities gt gt Administrator Account Clicking on the hyperlink of the Name allows the administrator to change passwords The administrator can change the passwords here Click Admin name on the Admin List Enter original and new password and click Apply to activate the new password Note Only admin has the authority to change password Admin Editing and Password Safety Setting Name admin Original Password New Password f IE Verify Password Caution If the administrator s password is lost the administrator s password still can be
116. ile Specific Route 1 v Configure Privilege Profile Privlege1 v Configure Select Policy Select a desired policy profile to configure Firewall Profile Each Policy has a firewall service list and a set of firewall profiles consisting of firewall rules QoS Profile QoS profile defines the traffic class for the users governed by this Policy Specific Route Profile The default gateway of a desired IP address can be defined in a policy When Specific Routes are configured here all clients applied with this policy will access the specific destination through these gateway settings Privilege Profile Enable or Disable Users privilege to change password Administrator can set the maximum sessions per user here ochedule To configure a schedule profile click User gt gt Schedule to enter the configuration page The configuration page shows the Permitted Login Hours list This function is used to limit the time when clients can log in Select the desired time slot checkboxes and click Apply to save the settings These settings will become effective immediately after clicking Apply Administrator can also choose to Enable or Disable Auto logout when a user exceeds the permitted login hours Up to 5 profiles can be configured Schedule Configuration Auto logout station by system D Enable 9 Disable Permitted Login Hours Profile 1 Select Profile Profile 1 v HOUR SUN MON TUE WED THU FRI SAT 00 00 00 59 Fa e v wv v
117. ill not be broadcast and internal staff will need to associate to Private Zone s VAP1 manually D Security Configure the wireless network under Private Zone with security encryption to prevent unauthorised wireless association if necessary The supported encryption standards are WEP and WPA PSK WEP i 802 11 Authentication Select from Open System or Shared Key WEP Key Length Select from 64 bit 128 bit 152 bit key length WEP Key Format Select from ASCII or Hex format for the WEP key WEP Key Index Select a key index from 1 4 The WEP key index is a number that specifies which WEP key will be used for the encryption of wireless frames during data transmission WEP Keys Provide the pre defined WEP key value the system supports up to 4 sets of WEP keys iy WPA PSK Cipher Suite Select an encryption method from TKIP WPA AES WAP2 or Mixed Pre shared Key Pass phrase Enter the key value for the pre shared key or pass phrase Group Key Update Period The time interval for the Group Key to be renewed the time unit is in seconds D security and wireless roaming 2I at 100ms D Advanced The parameters in Advanced are wireless settings that allow customization of data transmission enhanced Beacon Interval Enter the number of interval that the beacon signal will be sent from the VAP The default value is set RTS Threshold Enter a value between 1 and 2346 The RTS Request to Send Threshold d
118. ion Terminate End Of Day attribute O or 1 to indicate termination rule Only available for RADIUS user WISPr Billing Class Of Service attribute Only available for RADIUS user WISPr Location ID attribute Only available for RADIUS user WISPr Location Name attribute Only available for RADIUS user WISPr Billing Time attribute Only available for RADIUS user Encrypted session information Description Error message NetComm Wireless HS1200N Wireless N Hotspot 143 lt gt NetCommWireless hour for your account You have already logged in Sorry there is a system problem checking the information of your account XXX lt BR gt Please contact your network administrator Invalid username or password BHR Please check your username and password and try again Cannot identify the policy for your account lt BR gt Please contact your network administrator User of this device the MAC address is not allowed to use this account BR Please contact your network administrator Sorry the external authentication server is currently unreachable BR Please contact your network administrator Sorry you are not allowed to create a remote VPN connection Vlanid Integer 1 4096 Gwip IP format External Logout Successful Page Variables Field Value Uid otring Vlanid Integer 1 4096 Gwip IP format External On demand login successful page Variables Field Value Uid otring Uty
119. ion Time Expiration Time ET Deletion Time Creation Time CT DT my Invalid Valid www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 125 A gt NetCommWireless Duration time with Elapsed Time Account is activated upon the account creation time Count down begins immediately after account creation and is continuous regardless of logging in or out The account will expire once the Elapsed Time is reached This billing type is ideal for providing internet service immediately after account creation throughout a specific period of time Begin Time is the time that the account will be activated for use It is set to account creation time First time login is set to require users to log in within a specified period of time Elapsed Time is the time interval for which the account is valid for internet access xx hrs yy mins Price is the unit price of this plan Group will be the applied Group to users created from this plan Heference field allows administrator to input additional information Editing Billing Plan Plan 1 Account Type Duration time v Counting Method 9 Elapsed Time Begin and end Time Cut off Time fe Upon Account Creation First time login must be done within 1 day s 1 hour s Range of hour s 0 23 they cannot both be zero Begin Time 1 day s 2 hr s 30 min s Elapsed Time Range of day s 0 364 Range of ho
120. irewall y Qos Specific Route Privilege i Additional Control i Operator Main Menu gt Users gt Authentication gt On demand User Server Confiquration gt General Settings gt Termina Server Configuration Terminal Server Configuration Status Item Server IP Port Location Remark e e Account Roaming Out When Account Roaming Out is enabled a link will be available to define the client device authorized to roam by entering the IP address Subnet Mask and Secret Key Ticket Customization On demand account ticket can be customized here and previewed on the screen Ticket Customization Currency USD GEP EUR AUD Input other desired monetary unit e g AU Welcome to NetComm Wireless Thank you and enjoy your day 9 None Background Image Default Image Uploaded Image Preview Currency Select the desired currency unit for charged internet access WLAN ESSID Enter a name for the ESSID of the Public Zone Wireless Key The wireless key configured in Public Zone Settings will be shown Receipt Header Optional There are 3 receipt headers supported by the system The entered content will be printed on the receipt Receipt Footer Optional There are 3 receipt footers supported by the system The entered content will be printed on the receipt Remark Enter additional information that will appear at the bottom of the receipt Background Image You can choose to customize the ticket by uploading
121. le during exhibition events or large conventions such as Computex where each registered participant will get an internet account valid from 8 00 AM Jun 1 to 5 00 PM Jun 5 Account can be created in batch similar to creating coupons Begin Time is the time that the account will be activated for use defined explicitly by the operator End Time is the time that the account will expire defined explicitly by the operator Price is the unit price of this plan Group will be the applied Group to users created from this plan Reference field allows administrator to input additional information Editing Billing Plan Plan 6 Account Type Counting Method Elapsed Time 9 Begin and end Time Cut off Time End Time 03 w 03 v Jun 10 7000 De Price Rand s e g 1 99 TIF When the Account Type is Duration time three Counting Methods may be used to decide when the account expires i Elapsed Time specifies the time duration from account creation far which the account C D E a 100000 including two digits after decimal point is valid 2 Cut off Time specifies the next cut off time point for which the account becomes invalid 3 Begin and End Date Time specifies that the account is valid between the two time points EL NN NEL Duration time Begin and end Time account lifespan Begin Time End Time Creation Time alate Time CT 1L Invalid Valid NetComm
122. m Wireless HS1200N Wireless N Hotspot www netcommwuireless com 62 A gt NetCommWireless Routing To configure routes click User gt gt Specific Route for the Specific Route Profile the Specific Route Profile list appears Specific Route Specific Route Profile The Specific Default Route is used to control clients to access some specific IP segment by the specified gateway Specific Routing can be set up for the Global Policy and up to 5 profiles can be configured Global Policy Specific Routes Destination Gateway Route No IP Address Subnet Netmask IP Address 1 255 255 255 255 32 2 255 255 255 255 32 3 255 255 255 259 32 4 255 255 255 255 32 Specific Routes Profile 1 Select Profile Profile 1 v Enable Default Gateway IP Address Y Destination Gateway Route No IP Address Subnet Netmask IP Address 1 255 255 255 255 32 v 2 255 255 255 255 32 v 3 255 255 255 255 32 v 4 255 255 255 255 32 v 5 255 255 255 255 32 v 6 255 255 255 255 32 v 7 255 255 255 255 32 v 8 255 255 255 255 32 v Destination IP Address The destination network address or IP address of the destination host Please note that if applicable the system will calculate and display the appropriate value based on the combination of Network IP Address and Subnet Mask that have just been entered and applied Destination Subnet Netmask The subnet mask of the destination network Select 255 255 255 2
123. m the DHCP server will be valid and available D D D Reserved IP Address List Each zone can reserve up to 40 IP addresses from predefined DHCP range to prevent the system from issuing these IP addresses to downstream clients The administrator can reserve a specific IP address for a special device with a certain MAC address D NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 30 gt NetCommWireless Configuring the Wireless Network Wireless General Settings To configure Wireless General Settings go to System gt gt Service Zones Click the button Configure for Private zone for further configuration 802 119 802 1in Pure iin Short Preamble Enable Disable Enable Disable DTIM Period 1 255ms 20 1 1 m ACK Timeout 101 0 255ms Wireless General Settings D D DI DI DI DI 2I D 2I Band There are 4 modes from which you may select 802 11b 2 4G 1 11Mbps 802 11g 2 4G 54Mbps 802 11b g and 802 11g n Select the Pure 11n option to configure the gateway to use only the 11n band Short Preamble The length of the CRC Cyclic Redundancy Check block for communication between the Access Point and roaming wireless adapters Select Enable for Short Preamble or Disable for Long Preamble Short Guard Interval 802 1 19g n only The guard interval is the space between symbols characters being transmitted to eliminate inter symbol
124. me Password Change password After a successful login to the gateway the web management interface appears OLogout NetCommWvireless Admin is classified under Super Group with all access and configuration authorities Super Group members can generate other administrative accounts Manager OnDemand Manager and Operator and configure Password Safety and Group Permission Settings www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 81 A gt NetCommWireless eS System 35 Users e Network Utilities Main Menu gt Utilities gt Administrator Account Administrator Account Backup amp Restore System add Restart Network Utilities V Certificate Status Generate Admin Account Name Password Confirm Password d Group Super Group v Admin Account Configuration Password Safety Settings Group Permission Settings Configure Password Safety Settings Password rules and requirements can be configured here to facilitate additional security The following parameters can be configured Password Complexity Admin Login Retry Times Password Expire and Admin Login Reuse Times Safety Setting Enable Disable Complexity Checking Min Password Length 2 2920 Min Password Category 2 2w4 Admin Login Retry Times r Enable Disable Retry Times 5 Password Expire 9 E
125. n Account Activation will result in account expiration Valid Period is the valid period of usage time After this time period the account will expire even if there is remaining quota Price is the unit price of this plan Group will be the applied Group to users created from this plan Reference field allows administrator to input additional information Editing Billing Plan Plan 1 Account Type Volume m Quota 500 Mbyte s Range 1 1000000 Account First time login must be done within 1 day s 1 Activation hour s Range of hour s 0 23 they cannot both be zero After activation account will be expired in 1 day s Valid Period Must be larger than 0 1 Price Range 0 100000 including two digits after decimal point e g 1 99 Group Group4 v Reference TIP If the Account Type is Volume Customer can access internet as long as the account is valid within the valid period with remaining quota traffic volume Customer also needs to activate the issued account within a given time period by logging in for the first time NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 124 4 NetCommWireless Volume account lifespan lt L 3 Quota up QU Activation Time Expiration Time Creation Time Deletion Time CT my Invalid gt Valid Volume account lifespan Quota Up QU Activat
126. n e Auto Setup TAS Hold for 3 seconds and then release to initiate the auto uplink connection r NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 10 4 NetCommWireless Right Panel NUMBER INTERFACE DESCRIPTION Console port Serial port for connection to the thermal printer 08 Ethernet port RJ 45 Ethernet port for connection to the Wireless N Hotspot WiFi antenna ee i qe pe qme Attach the supplied WiFi antenna here by screwing it on in a clockwise direction www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 11 A gt NetCommWireless Printer Top Panel A NetCommWireless NUMBER INTERFACE DESCRIPTION NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 12 lt gt NetCommWireless Rear Panel NUMBER INTERFACE DESCRIPTION www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 13 A gt NetCommWireless Hardware Installation Wireless Hotspot Please follow the steps below to install the HS1200N Wireless N Hotspot 1 Place the HS1200N in the location that provides the best possible signal The best location for the HS1200N is usually at the centre of your wireless network This ensures it is able to get a clear wireless signal 2 Connect the HS1200N to your outbound network device Connect one end of the supplied Ethernet cable to the WAN port on the front of the HS1200N Connect the ot
127. nable Disable Expire Password Days 90 Admin Login Reuse Times Enable Disable Reuse Times 6 There are three other default Administrative Account groups with predetermined permission settings and these permission settings can be customized Manager The manager can only access the configuration pages under User Authentication to manage the user accounts I Authentication Settings Auth Option Auth Database Postfix Server 1 LOCAL local Server 2 RADIUS radiusi Server 3 RADIUS radius2 On demand User ONDEMAND ondemand FREE FREE N A NetComm Wireless HS1200N Wireless N Hotspot 82 WWwW netcommwireless com AA NetCommWireless Operator The operator can only access the configuration page of Create On demand User to create new on demand user accounts and print out the on demand user account receipts On demand Account Creation tm om Qn mk sae renis Usage time Usage time NN user accounts from the API Valid from 2010 07 14 12 00 15 min s connection time quota with expiration 11 min s connection time quota Valid until 12 00 the following day EN Cem Cc 00 till 2010 07 14 23 59 00 1 Emabled Greate OnDemand Manager The OnDemand Manager can only access the application programming interface and generate on demand There are three additional custom groups for administrators to customize permission settings Note To logout simply cl
128. ng the upgrade or restart process It may damage the system and cause malfunction Restart To perform system restart go to Utilities gt gt Restart This function allows the administrator to safely restart the gateway and the process takes approximately three minutes Reason for restarting the system can be entered for record purposes Click YES to restart the gateway click NO to go back to the previous screen Do NOT power off during system restart as this might damage the system If the power needs to be turned off it is highly recommended to restart the gateway first and then turn off the power after completing the restart process Administrator Account Backup amp Restore System Upgrade Y Restart Network Utilities Certificate Main Menu gt Utilities gt Restart Do you want to RESTART the system Reason E Caution The connection of all online users to the system will be disconnected when system is in the process of restarting NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 86 gt NetCommWireless Network Utility To configure Network Utility go to Utilities gt gt Network Utilities System provides some network utilities for administrators Both IPv4 and IPv6 are supported Wake on LAN is for waking up remote devices that supports Wake on LAN feature by entering the MAC address of the target device and then press Wake Up button Ping is to see whe
129. ntrol When enabled a user can log in from different computers with the same account This function doesn t support On demand Users Additional Control j Idle Timeout minutes 10 1 1440 Interval for Idle Traffic Detection 60 R seconds 4 908 Threshold for Idle Traffic in i 0 1048576 0 is Disabled Detection bytes User Session Control Idle Timeout Check Direction Uplink Uplink amp Downlink E Enable This function is not applicable to on demand accounts Multiple Login Charge Traffic to from Hosts in Walled Garden List Enable Disable Kick out users when their IPs are Iz TTE changed O Enable Disable Networking Features of a Gateway IP Plug and Play To configure IP Plug and Play go to Network gt gt Client Mobility The gateway supports IP PNP function A user can log in and access network with any IP address setting This function is disabled in default settings Client Mobility IP PNP O Enable 9 Disable When IP PNP is enabled at the user end a static IP address can be used to connect to the system Regardless of what the IP address at the user end is using authentication can still be performed through the gateway Note To apply for free Dynamic DNS service you may go to http www dyndns com services dns dyndns howto html www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot f
130. o A gt NetCommWireless Port and IP Forwarding To configure Port and IP Forwarding go to Network gt gt NAT gt gt Port and IP Forwarding This function allows the administrator to set at most 40 sets of IP addresses for redirection purposes When the user attempts to connect to a destination IP address listed here the connection packet will be converted and redirected to the corresponding destination Please enter the IP Address and Port of Destination and the IP Address and Port of Translated to Destination Select TCP or UDP for the service s type These settings will become effective immediately after clicking Apply Port and IP Forwarding Destination Translated to Destination IP Address Port IP Address Port Type e TCP UDP Remark TCP UDP Q9 TCP UDP e TCP UDP TCP UDP Qe TCP UDP TCP UDP TCP UDP e TCP UDP 10 TCP UDP NetComm Wireless HS1200N Wireless N Hotspot 76 www netcommwireless com lt gt NetCommWireless system Management and Utilities system Time To configure System Time go to System gt gt General NTP Network Time Protocol communication protocol can be used to synchronize the system time with remote time server Please specify the local time zone and the IP address of at least one NTP server f
131. o best effort and background Applications without WMM and applications that do not require QoS are assigned to the best effort category which receives a lower priority than that of voice and video Therefore WMM decides which data streams are more important and assigns them a higher traffic priority This option works with WMM capable clients only D IGMP Snooping IGMP is a multicast constraining mechanism which may flood the broadcast domain This is effective for dense internet usage such as conventions or campuses NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 34 a gt NetCommWireless Wireless Layer 2 firewall The gateway has a Layer2 Firewall in addition to the standard wireless security The Layer2 Firewall offers a firewall function that is tailored specifically for Layer2 traffic providing another line of defence against possible security threats on the wireless network To access the Layer 2 firewall settings go to Network gt gt Layer 2 Firewall Se 3 e 6 e System Users Network Utilities Ty z y r j General j WAN 1 WAN Traffic IPv6 LAN Port Mapping Service Zones Layer 2 Firewall x iT iT iT iT 1 iT iT iT Main Menu gt System gt Layer 2 Firewall Layer 2 Firewall Generic Firewall Rules Predefined and Custom Service Protocols Generic Firewall Rules You can choose to enable or disable the wireless Generic Fir
132. o RADIUS response In this example the maximum download and upload traffics in bytes for groupO3 users is 1MBytes A Zw NetCommWireless mysql gt INSERT INTO radgroupreply GroupName Attribute op Value VALUES qroupos cipherlum Byt Query OK 1 row affected vite Amount r 5 d gosoY65 0 00 sec mysql gt exit Eye Step 9 Restart RADIUS daemon to get your settings activated vivian linux otopping RADIUS serv starting RADIUS sery 30 30 14 26 41 20086 Info Starting reading cont m cG Li iguration fil WWwW netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 119 A gt NetCommWireless Appendix D On demand Account types amp Billing Plan This section explains the parameters as well as the different account types provided when editing billing plans in On demand authentication Usage time with Expiration Time Users can access internet as long as account is valid with remaining quota usable time Users need to activate the purchased account within a given time period by logging in It is Ideal for short term usage namely in coffee shops at airport terminals etc This billing type only deducts quota when internet is being used However the count down to Expiration Time is continuous regardless of logging in or out Account would expire when the Valid Period is used up or the quota depleted Quota is the to
133. o download the record into txt format File Download Some files can harm your computer If the file information below looks suspicious or you do notfully trustthe source do not open or save this file File name 2007 08 txt Filetype Text Document From 192 168 2 254 Would you like to open the file or save itto your computer S Cancel More Info Always ask before opening this type of file NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 100 gt NetCommWireless system Related Logs To configure System related logs go to Status gt gt Logs This page displays the system s local log information since system boot up Administrators can examine the log entries of various events However since all these information are stored on volatile memory they will be lost during a restart reboot operation Therefore if the log information needs to be documented the administrator will need to make back up manually Logs System Log Show Web Log Show UAMD Log Show RADIUS Server Log Show On demand User Billing Report Log Show Configuration Change Log Show System Log This page displays system related logs for event tracing Web Log This page shows which of the web pages have been accessed on the gateway s built in web server UAMD Log This page displays the UAM related information output from the UAM daemon RADIUS Server Log This page displays the RADIUS messages that p
134. om the RADIUS server When the clients classified by RADIUS class attributes log into the system via the RADIUS server each client will be mapped to an assigned Group RADIUS Group Mapping Server 2 Enable 9 Disable No Class Attribute Value Group Remark 1 Group 1 v 2 Group 1 v 3 Group 1 v 4 Group 1 v 5 Group 1 v DM amp CoA Settings This function allows administrator to assign users to receive Disconnect Messages Change of Authorization from the server and sessions can be terminated instantly Click Configure to enter the IP addresses of the users Attributes Priority This section shows the Standard RADIUS attributes which include Session Timeout Idle Timeout and Acct Interim Interval and WISPr Vendor Specific Attributes These attributes are predetermined and if needed choose Overwrite Server s Setting to make changes Primary Secondary RADIUS Server DI D DI 2 DI D D D Authentication Server Enter the domain name or IP address of your RADIUS Server Authentication Port Enter the Port number used for authentication Accounting Port Enter the Port number used for accounting Authentication Secret Key Secret Key used for authentication Accounting Service Enable Disable RADIUS accounting Accounting Server Enter the domain name or IP of your accounting server Authentication Protocol Select Challenge Handshake Authentication Protocol CHAP or Password Authentication Protocol PAP Accountin
135. omer alse needs to activate the issued account within a given time period by logging in for tha first tira GENES EN NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 120 4 NetCommWireless Quota up QU Activation Time Elapsed Time AT Creation Time Deletion Time CT I invalid gt Valid Usage time Expiration Time account lifespan HERR Quota Up QU q Activation Time Elapsed Time AT Creation Time Deletion Time CT p Invalid Walid Usage time with No Expiration Time Users can access internet as long as the account has remaining quota usable time Users need to activate the purchased account within the given time by logging in It is ideal for short term usage For example in coffee shops at airport terminals etc This billing type only deducts quota while the user is using internet Account will expire only when the quota is depleted Quota is the total period of time xx days yy hrs zz mins during which On demand users are allowed to access the network The total maximum quota is 364Days 23hrs 59mins 59secs even after redeeming Account Activation is carried out when the user logs in for the first time Failing to do so in the period set in Account Activation will result in account expiration Price is the unit price of this plan Group will be the applied Group to users created from this plan Reference field allows administr
136. on Since every Service Zone have their own configuration profiles and acts like a virtual gateway administrators can customize or define their own portal pages utilized by users of that Service Zone The customizable pages of a Service Zone are Disclaimer Page Login Page Logout Page Login Success Page Login Fail Page Logout Success Page Logout Fail Page Login Success Page for On demand User Port Location Mapping Free Login Page Port Location Mapping Charge Login Page Disclaimer Page Login Page Logout Page Login Success Page Custom Pages Login Failed Page Login E Page for ie dod ime Logout Success Page Logout Failed Page Main Menu gt gt System gt Service Zone gt gt Service Zone Configuration For each customizable page the available customization options are to use Default Page Template Page Uploaded Page or External Page Login Page Selection for Users Service Zone Default Default Page Template Page Uploaded Page External Page Main Menu gt gt System gt gt Service Zone gt gt Service Zone Configuration gt gt Login Page Default Page uses a web page stored within the system its format and content cannot be changed Template Page also uses a web page stored within the system but the contents such as text color background color displayed text and logo can be configured according to your preferences Uploaded Page is to upload your self defined web page into
137. on Request Processing Ei stressuses il si IS Employee _i3h_s12h Groupli Idle3m Sessionbm bu g Ey E Kiwi Logfile Internet Viewer Informatio Move Lp Move Down AXES Group4_IdleSm MAS ID match cipher EF Groups NAS ID match other Connections to Microsoft Routing andF Delete Connections to other access servers Rename 4 a m E He aD PuTTY Kiwi Syslog Daemon Ed Active records csv Director TEE zd A ME nw Remote Desktop Certification Authority Command tomok V Ted LE Ed Lo Services Opens property sheet For the current selection Step 3 Click Edit Profile and select the Advanced Tag Click Add to add a new Vendor specific attribute NetComm Wireless HS1200N Wireless N Hotspot 114 www netcommwireless com a gt NetCommWireless Group3_Unlimited Properties Settings Specify the conditions that connection requests must match Policy conditions Edit Dial in Profile tix Windows Groups PIER z at Tii Dial in Constraints IF l b ulti Authentication Encryption Advanced Specify addition PREFETA Access Server Attributes To add an attribute to the Profile select the attribute and then click Add Add Mame DA 1 To add an attribute that is nat listed select the Yendor Specific attribute Generate Class IF connection req Class associated profile Attribute Framed Protoce Service Type 5
138. or adjusting the time automatically Universal Time is Greenwich Mean Time GMT Manual setup is another option to set up the system time if you choose to set up the system time manually please enter the Year Month Day the current time and click Apply to activate the changes System Time 2013 08 20 16 41 23 Time Zone GMT 10 00 Canberra Melbourne Sydney NTP NTP Server 1 O netcomm pool ntg e g tack usno navy mil NTP Server 2 1 netcomm pool ntr O Manually set up NTP Server Mode When Enabled Access Points and devices in the Local Area Network of the gateway would be able to use the gateway as a NTP Server for time reference Note When system can not sync the time with NTP server all clients will not be allowed to log in to system and On demand accounts cannot be created www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot ra A gt NetCommWireless Management IP Address List To configure the Management IP Address List go to System gt gt General General Settings for the Entire System System Name Wireless Hotspot Gateway Administrator Contact m mE 0 E Information Suspend Warning Message Sorry The service is suspended i gateway example com a Use the name on the security certificate Internal Domain Name ma ty FQDN of this device for internal use e g controller office name com Disclaimer Page Enable Disable 9 Specific Ori
139. or intercept any data you send to the server We recommend that you close this webpage and do not continue to this website Click here to close this webpage Q Continue to this website not recommended 9 More information This function provides certain free services for users to access the websites listed here before login and authentication Up to 20 addresses or domain names of the websites can be defined on this list Users without the network access right can still have a chance to experience the actual network service free of charge Enter the IP Address or Domain Name of the website on the list and click Apply to save the settings Add Walled Garden List No Active Domain Name IP Address jm Remark 1 E All Y 2 F Aly 3 E Al 4 F All sd 5 E All Y 6 E All Y 7 E All lt s m APO 9 E val rar Aly NetComm Wireless HS1200N Wireless N Hotspot 12 www netcommwireless com gt NetCommWireless Walled Garden AD To configure Walled Garden AD List go to Network gt gt Walled Garden AD This function provides advertisement links to web pages for users to access free of charge before login and authentication Advertisement hyperlinks are displayed on the user s login page Clients who click on it will be redirected to the listed advertisement websites Walled Garden Ad List URL Topic Displa Description dinin
140. ority Rule No 2 has the second highest priority and so on Each firewall rule is defined by Source Destination and Pass Block action Optionally a Firewall Rule Schedule can be set to specify when the firewall rule is enforced It can be set to Always Recurring or One Time Firewall Profile 1 Firewall Rules Create a New Rulo Source Destination No Active Action Rule Name Service Schedule Operation Source Interface Destination Interface Total 0 10 First Prev Next Last Goto Page Y Page 1 1 Row per Page 20 v Selecting the Filter Rule Number 1 as an example Policy 1 Edit Filter Rule Rule Number 1 source Interface 7one a eho Subnet Mask 0 0 0 0 0 ann 0 0 0 0 D M CN Schedule Always Recurring One Time Action for Matched Packets 9 Block Pass www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 61 lt gt NetCommWireless Rule Number This is the rule selected 1 Rule No 1 has the highest priority rule No 2 has the second highest priority and so on Rule Name The rule name can be changed here Source Destination Interface Zone There are choices of ALL WAN Public and Private to be applied for the traffic interface Source Destination IP Address Domain Name Enter the source and destination IP addresses Domain Name filtering is supported but
141. pe String LOCAL RADIUS ONDEMAND POP3 LDAP SIP NT Domain Umac MAC format separated by sessionlength Integer Sec byteamount Integer byte idletimeout Integer Sec L ogouturl String URL encoded redeemurl String URL encoded Vlanid Integer 1 4096 Gwip IP format NetComm Wireless HS1200N Wireless N Hotspot 144 VLAN ID Gateway activated IP address Description User ID postfix is included VLAN ID Gateway activated IP address Description User ID postfix is included Authentication server name Client MAC address On demand user s quota of time type On demand user s quota of volume type Idle timeout Logout URL Redeem URL VLAN ID Gateway activated WAN IP address WWwW netcommwireless com gt NetCommWireless client ip IP format Sz Integer Group Integer Policy Integer next_page String max_uplink Integer b s max_downlink Integer b s req uplink Integer b s req downlink Integer b s Session string External Logout Fail Page Variables Field Value Uid string Gwip IP format Vlanid Integer 1 4096 URL Variables to Gateway Client IP address service Zone ID Group index Policy index Client redirection URL Maximum up link rate Maximum down link rate Minimum up link rate Minimum down link rate Encrypted session information Description User ID Gateway activated WAN IP address VLAN ID This section shows a list of URL variables of the external pag
142. perator Main Menu Users gt Authentication gt On demand User Server Configuration Authentication Server On demand User General Settings Configure Ticket Customization Configure Ticket Template Customization Configure Billing Plans External Payment Gateway On demand Account Creation On demand Account Batch Creation On demand Account List www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 21 LI FAA NetCommWireless 6 Next to plan number 1 click the Edit button NetCommUireless Home Logout e s3 System sons d Network Utilities Authentication Black List Group a Policy a Schedule M Firewall N Qos Specific Route Privilege Additional Control ki Operator Main Menu gt Users gt Authentication gt On demand User Server Configuration gt Billing Configuration Billing Plans Apply 7 Enter the desired settings into the pop up window that appears On demand Billing Plan Configuration Mozilla Firefox http 192 168 110 1 UserAuthentication OnDemandCreate shtml bpid 1 Plan Editing Billing Plan 1 Account Type Expiration Time Usage time vj with Expiration Time O No Expiration Time Quota jo day s 1 hr s 0 min s Range of day s O 364 Range of hour s 0 23 Range of min s 0 59 they cannot all be zero Account Activation First time login must be done within 1
143. plied to all clients while other individual Policies can be selected and defined to be applied to any Authentication Server For some authentication such as Local and RADIUS users can be assigned to different Policies individually One user may be applied to a different policy at the same time Which policy is actually applied to this user The Policy Priority is enforced as follows User Policy gt gt Authentication Policy gt gt Global Policy User policy types For Local and RADIUS users can be assigned to different policies individually For example a Local user userO1 is assigned to Policy1 and the Local Authentication Policy2 When userO1 logs in to Public Zone userO1 will be governed under Policy1 This is a common case for users that can be assigned a Policy individually For Local and RADIUS if these users are not assigned under any User Policy individually they will be governed under the same policy as others within the same authentication server For example if the Local Authentication is assigned to Policy3 a Local userO1 when logged in to Public Zone will get Policy3 This is another common case for users that are assigned Policy by the authentication server If a User is not assigned a Policy individually and the authentication server is also not assigned a Policy then the Global Policy will be applied to all users For example a Local user userO1 is assigned to None Policy and the Local Authentication is also assigned
144. r creation NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 50 4 NetCommWireless Plan Account Type Quota Function 1 Usage time 15 min s connection time quota with expiration 10 91 Enabled Create 2 Usage time 11 min s connection time quota a Enabled Create 3 Hotel Cut off time Valid until 12 00 the following day s Enabled Create 4 Duration time Valid from 2010 07 14 12 00 00 til 2010 07 14 23 59 00 1 Enabled Create On demand Account Creation Creating an On demand Account Price Status Plan Account Type 2 Usage time Quota 11 min s of connection time quota Account Creation System created v Account Activation First time login must be done within 1 hour s Total Price P Unit 1 Units per ticket Group Group 1 Reference Add a reference related to this account for example the __sifeustomer s name External ID Enter an external ID such as Library ID No Please confirm the information press Create button to create an account Create Cancel On demand Account Batch Creation After at least one billing plan is enabled the administrator can generate multiple on demand user accounts at once with batch creation For potential hotspot operators who may wish to pre generate guest accounts for sale the On demand feature has a batch create functionality which allows the administrator or operator access to
145. rds the Roaming Out In Users Log to a specific FTP server Session Log Log each connection created by users and track the source IP Port and destination IP Port Session Log will be sent to the FTP server automatically in every defined interval in Session Log email notification Session Log allows uploading the log file to a FIP server periodically The maximum log file size is 256K The log file will also be sent to the FTP server once the file size reaches its maximum size On demand User Billing Report Records the On demand User Billing Report to a specific FTP server Local HTTP Web Log HTTP Web Log Records the URL of websites visited by users accessing the internet via the gateway to a specific FTP server WMI Configuration Log Records the WMI Configuration Log of the system to a specific FTP server DHCP Lease Log Records the DHCP Lease Log of the system to a specific FTP server Traffic Report Records the Traffic Report of the system to a specific FTP server NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 104 gt NetCommWireless Notification Settings Receiver E mail Address es r SYSLOG FIP Interval 1 2 3 4 5 Detail Test Monitor IP Report A Alo N A N A 1Hour Users Log 6 6 68 0 etal Send rj Detail rj Detail imow On demand Users Log E F E E E E E 1 Hour Roaming Out Users Log Hie E P
146. re several billing plans Click the Edit button to enter the Editing Billing Plan page Configure billing plans with the desired account type expiration date price etc and then click Apply to save the plan On the Billing Plans screen select the Enable checkbox or click Select all and then click Apply to activate the plan s l Billing Plans u 7 Plan Account Type Quota Price Enable Group Function 1 Usage time 2 hr s of connection time quota with expiration 2 99 v evan Edit 2 Duration time Valid for 4 hour s elapsed time 4 99 j v pem 2 3 Volume 100 Mbyte s of traffic volume quota 1 99 v Group 3 4 Hotel Cut off time Valid until 23 00 the following day 3 99 v Group 4 s N A Gioupd 6 N A Group 1 7 N A is 1 8 N A TN Edit 9 N A V m Group 1 0 N A Ji Plan The number of the specific plan Type This is the type of plan based on which it defines how the account can be used including Usage time Volume Hotel Cut off and Duration time Quota The limit on how On demand users are allowed to access the network Price The unit price charged for buying an account from this billing plan Enable Check the checkbox to activate the plan Group Users under this billing plan will be classified under this group The default value is Group 1 Www netcommwireless com NetComm Wireless HS1200N Wireless N
147. re that prioritizes wireless data packets based on four access categories voice video best effort and background Applications without WMM and applications that do not require QoS are assigned to the best effort category which receives a lower priority than that of voice and video Therefore WMM decides which data streams are more important and assigns them a higher traffic priority This option works with WMM capable clients only D IGMP Snooping IGMP is a multicast constraining mechanism which may flood the broadcast domain This is effective for dense internet usage such as conventions or campuses VAP2 is configured under the Public Zone to provide wireless service to public clients in a hotspot environment To configure Public Zone s Wireless Settings click on Main Menu then System and then Service Zones Click Configure for the Public zone Wireless Settings RF1 VAP 2 VAP Status Enable Disable Beacon Interval 25 500ms RTS Threshold 1 2346 Fragment Threshold 256 2346 Advanced Broadcast SSID Enable Disable Station Isolation O Enable 9 Disable WMM Enable Disable IGMP Snooping O Enable 9 Disable Wireless Settings VAP2 Wireless Settings for Public Zone TA Basic Enable the VAP Status if you wish to provide a wireless service under this zone Assign an ESSID to VAP2 under Public Zone or use the default The ESSID of the Public Zone is broadcasted so that public users can perform a
148. reless N Hotspot www netcommwuireless com 192 lt gt NetCommWireless Service Disclaimer Content Choose Billing Plan for PayPal Payment Page Service Disclaimer Content f e 0 O E p m 9 ct w B A w ct o H fv ct m Fh o I o H B iC 4e m H tu a H w Hi gt information email address physical contact information credit card numbers and transactional information based on your activities on the Internet service provided by us If the information you provide cannot be verified we may m Choose Billing Plan for PayPal Payment Page Plan Enable Disable Quota Price Enable Disable 5 hr s 5 min s 0 2 Enable Disable 3 Enable 9 Disable 10 hr s 6 min s 9000 4 Enable Disable 5 Enable Disable Until 18 30 88 6 Enable Disable 7 Enable 9 Disable 20 73 Mbyte s 0 59 8 Enable Disable 9 Enable Disable 10 Enable 9 Disable 600 Mbyte s 6 99 Service Disclaimer Content View the service agreement and fees for the standard payment gateway services as well as add or edit the service disclaimer content here Choose Billing Plan for PayPal Payment Page These 10 plans are the plans in Billing Configuration and the desired plan s can be enabled Client s Purchasing Record PayPal Payment Page Remark Content Client s Purchasing Record Starting Invoice Number Change the Number Description Item Name Internet A
149. rency The currency to be used for the payment transactions Service Disclaimer Content View the service agreement and fees for the standard payment gateway services as well as add or edit the service disclaimer content here Choose Billing Plan for SecurePay Payment Page These 10 plans are the plans in Billing Configuration and the desired plan s can be enabled SecurePay Payment Page Remark Content The message content will be displayed as a special notice to end customers www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 135 A gt NetCommWireless Payments via World Pay To configure Payments via WorldPay go to Users gt gt Authentication gt gt On demand User gt gt External Payment Gateway gt gt WorldPay WorldPayPaymentConfiguration Payment Gateway URL https select wp3 rbsworldpay com wcc purchase GBP Pound Stering s Service Disclaimer Content We may collect and store the following personal information physical contact information credit card numbers and transactional information based on your activities on the Internet service provided by us 4 WorldPayBilling Configuration Enable Disable Enable Enable 4 j OEnsble 5 Enable Enable 8 enable Enable You must fill in the correct credit card number and expiration date Card code is the last 3 digits of the security code located on the back of your credit card WorldPay Payment Configur
150. ribute under Vendor specific Set Vendor Code 21920 Check Yes to conform to the RADIUS RFC Click Configure Attribute to proceed Set Vendor assigned attribute number 10 Select Attribute format Hexadecimal Set Attribute Value 1000000 wadtiv alse Al Gia eae Bee the tneednig protocols used eet eee eee the mapper ol piopisd ay HAS beatae T the Doos AV Par 54 the centc ate papate OF usage doat danino volutem A aona oah generate fe cas y buius AS ad imal cab gerendis P sersan Woven thet the nmn daln propedies we conces ihe P sac We tht io used bp he Pioutmo anc ort Drs f ihe ume jn seconds that fe cannecson can ser pu pe _ _ 2 Configure VSA REC compliant UC Ear oca 9r P NET r Herrie www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 115 A 4 NetCommWireless otep 5 Confirm whether the Vendor specific Attribute has been added successfully Multirvalued Attribute Information EJ EJ fEdit Dial in Profile vendo code 21520 100000 Max download upload traffic is 1 M Bytes otep 6 Follow the same steps to create other Vendor specific Attributes if needed NetComm Wireless HS1200N Wireless N Hotspot 116 WWwW netcommwireless com A FA NetCommWireless VSA configuration in RADIUS server FreeRADIUS This section will guide you through VSA configuration with FreeRADIUS v1 0 5 running on Fedora Before getting started
151. rs 4 Enable Disable Attributes Priority E Follow Server s Setting Standard RADIUS Attributes Session Timeout 240 Minutes Range 5 1440 mins Idle Timeout i Minutes Range 1 120 mins Acct Interim Interval 15 Minutes Range 1 120 mins 0 is disable WISPr Vendor Specific Attributes Redirection URL Billing Class Of Service Session Terminate on Billing Enable Disable Retransmission Settings Time Session Terminate Time Never Bandwidth Setting Group 1 Number of Retries Default 3 Timeout Default 6 Authentication Server Primary RADIUS Server Domain Name IP Address Authentication Port Default 1812 Authentication Secret Key oe i Authentication Protocol CHAP 4 Accounting Service 9 Enable Disable Accounting Server Domain Name IP Address Accounting Port Default 1813 Accounting Secret Key Secondary RADIUS Server Authentication Server Domain Name IP Address t Authentication Port i Authentication Secret Key Authentication Protocol CHAP v t Accounting Service Enable Disable 4 Accounting Server Domain Name IP Address f Accounting Port Accounting Secret Key
152. s To configure a Zone go to System gt gt Service Zones A Zone is a logical network area that covers wired or wireless networks or both of them The zones effectively separate the gateway into two distinct networks which are controlled through the use of authentication security features wireless encryption methods and traffic control The two zones on the gateway are Private Zone and Public Zone as shown in the table below Private Zone means clients are not required to be authenticated before using the network service while clients in Public Zone are required to obtain authentication before using the service v s3 e v Ez Users Network Utilities Status A A f A A General WAN WAN Traffic IPv6 LAN Port Mapping Y Service Zones Main Menu gt System gt Service Zone Service Zone Settings LAN Port Applied Poli IP Address Service Zone ses Network DHCP Pool Pappu Details Name Default Authen Alias Option IPv6 Address Status Policy 1 192 168 1 254 e Le L JL J Private M 3923681100 Gana Disabled N A Enabled Policy 1 172 21 0 254 JL J e 9 Public NA 172210 100 Configure _ Server 1 N A Enabled Service Zone Name Name of the Zone 2I D Applied Policy Current policy that is applied to the Zone 2I Default Authen Option Default authentication method server that is used within the Zone IP IPv6 address Shows the LAN IP address IPv6 is support and
153. s IP Address VLAN ID Service Zone v Next Last Go to Page Page 1 1 Row per Page 50 The On demand Roaming Out User List shows the users that are authenticated by other gateways using this gateway s On demand database as RADIUS database Total 0 First Pre lt On demand Roaming Out User List Bytes In Out Login Time Name IP Address MAC Address NAS ID Te Pkts In Out Last Update Time v Total 0 First Previous Next Last Go to Page Y Page 1 1 Row per Page 50 Refresh Disable v www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 97 4 NetCommWireless Session List This page allows the administrator to inspect sessions currently established between a client and the system Each result displays the IP and Port values of the Source and Destination You may define the filter conditions and display only the results you desire Main Menu gt Status gt Session List Display Mode Total 133 First Prev Next Last Goto Page 1 1v Page 1 7 Row per Page Ke ee ee ee eee User Log To view User Log go to Status gt gt User Log This page is used to check the traffic history of the gateway The history of each day will be saved separately in the RAM memory for at least 3 days 72 full hours The system also keeps a cumulated record of the traffic data generated by each user in the last 2 calendar months MIB 0000 e M Date Size Byt
154. s generated etc Delete All This deletes all user accounts Delete This deletes the corresponding User account Hedeem On demand Accounts For Usage time accounts when the remaining quota is insufficient or if they are running out of quota users can use the redeem function to extend their quota After the user has bought a new account they just need to click the Redeem button in the login success page input the new account Username and Password and then click Enter This new account s quota will be extended to the original account However the Redeem function can only be used with the same billing type i e Volume accounts can only be redeemed with another Volume account and so on NetCommWireless Hello you are logged in via 66em ondemand To log out please click the Logout button Login time 2000 05 16 19 33 Remaining Time 29 Day s 23 59 55 start Browsing Note The maximum quota is 364dys 23hrs 59mins 59secs even after redemption If the redeemed amount exceeds this number the system will automatically reject the redemption process Note Duration time and Hotel Cut off type do not support redemption function WWw hetcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 53 A Zw NetCommWireless Free Authentication c s T m Users Network Utilities Status sitet Qa set en sett pr ats Main Menu gt Users gt Authentication gt FREE Authentication Authent
155. s such as VeriSign If you already have a SSL Certificate please Click Browse to select the file and upload it Click Apply to complete the upload process If you do not have a valid SSL Certificate use the system default certificate Administrator Account Backup amp Restore System Upgrade Restart i Network Utilities Certificate Main Menu gt Utilities gt Certificate eee ey Upload Certificate v Upload Certificate Private Key Certificate Certification Path Verification O Enable Disable Without a valid certificate users may encounter the following warning when trying to open the login page www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 71 LI FAA NetCommWireless Click Continue to this website to access the user login page Certificate Error Navigation Blocked Windows Internet Explorer Kr v Y iG http www google com Sa n File Edit View Favorites Tools Help w k Certificate Error Navigation Blocked Walled Garden To configure Walled Garden go to Network gt gt Walled Garden There is a problem with this website s security certificate The security certificate presented by this website was not issued by a trusted certificate authority The security certificate presented by this website was issued for a different website s address Security certificate problems may indicate an attempt to fool you
156. sers Enable 9 Disable 802 1X Authentication Local user database will be used as internal RADIUS database for 802 1X enabled LAN devices such as AP and switch Account Roaming Out Upload User Click Upload User to enter the Upload User from File interface Click the Browse button to select the text file for uploading user accounts then click Upload to complete the upload process c Ee a a a EE Sm Ge RT E N Authentication Black List Group Policy Schedule N Firewall Qos Specific Route Privilege Additional Control Operator b A Yi A Y Y 1 i Main Menu gt Users gt Authentication gt Option gt Local gt Local User List Add User Upload User Download User Local User List Applied Group MAC Address Username Password Account Status Begin Date End Date Remark Group 1 useri useri Valid Delete Total 1 3000 First Prev Next Last GotoPage 1 Page 1 1 Row per Page 10 Note 1 The format of each line is Username Password MAC Address Applied Policy Remark without the quotes There must be no space between the fields and commas The MAC field could be omitted but the trailing comma must be retained When adding user accounts by uploading a file existing accounts in the embedded database that are also defined in the data file will not be replaced by the new ones Note 2 Only 09 A Z aez and X
157. ss Username admin Password esses Change password WWw netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 19 FAA NetCommWireless Configuring a billing plan A billing plan is a profile which you configure on the hotspot for use with the Wireless Ticket Generator Billing plans can be created based on usage time or usage volume This guide demonstrates how to configure a simple billing plan providing one hour of internet access Log in to the wireless hotspot as described on page 8 of this quick start guide 1 Click on the Main Menu button NetCommWvireless 2 Click on the Users menu NetCommWireless system Beye iy Wek 3 Click on the Authentication tab System EAM Black List Group Main Menu gt Users NetComm Wireless HS1200N Wireless N Hotspot WWwW netcommwireless com 20 A FA NetCommWireless 4 Select the On demand User link A Home Logout NetCommWireless c 8 e e System Network Utilities Status Authentication Black List Group Policy Schedule Firewall QoS Specific Route Privilege Additional Control Operator Main Menu gt Users gt Authentication 5 Next to Billing Plans click the Configure button A Home Logout NetCommWireless eS Ss d e System Network Utilities Status Authentication Black List Group Policy Schedule Firewall QoS Specific Route Privilege Additional Control O
158. ss In this example we are charging 10 dollars 14 Use the Group drop down menu to assign a Group for the billing plan 15 If you want to add some notes to the billing plan for your own reference such as a name for it enter it into the Reference field Click the Apply button You may now generate a ticket using the Wireless Ticket Generator by pressing number 1 and pressing ENTER on the Wireless Ticket Generator keypad WWw hetcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 23 A gt NetCommWireless Integrating the HS1200N to your existing network In a typical network environment the main role of the HS1200N is to manage network access from the internal network to the Internet Thus the first step is to prepare an Internet connection from your ISP Internet Service Provider and connect it to the WAN port of The HS1200N Configure the WAN port There are 4 connection types for the WAN Port Static Dynamic PPPoE and PPTP To configure the WAN port go to System gt gt WAN eS 3 e 6 system Users Network Utilities Status General WAN WAN Traffic IPv6 LAN Port Mapping Service Zones Layer 2 Firewall Main Menu gt System WAN WAN Interface Setting Static Use the following IP settings 9 Dynamic IP settings assigned automatically Learn DNS Server Address During Negotiation Preferred DNS Server p Alternate DNS Server PPPoE PPTP The param
159. ss Account After opening a PayPal Business Account the hotspot owners should find the Identity Token of this PayPal account to continue with PayPal Payment Page Configuration External Payment Gateway PayPal Payment Page Configuration PayPal Payment Page Configuration Business Account Payment Gateway URL https www paypal com cgi bin webscr Identity Token Enable Disable W Behind NAT Instant Payment Notification IPN External Gateway IP e External Gateway Port Enable Disable Verify SSL Certificate Default v Currency USD U S Dollar v Business Account The Login ID an email address associated with the PayPal Business Account Payment Gateway URL The default website address to post all transaction data Identity Token This is the key used by PayPal to validate all the transactions IPN behind NAT IPN is the acronym of Instant Payment Notification which is a mechanism adopted by PayPal for identifying the outcome of a transaction When this option is enabled an upstream NAT server may be designated for accepting the IPN message from PayPal This is a mandatory configuration item if the WAN IP of your gateway in not a public IP address corresponding NAT translation configurations are necessary Verify SSL Certificate This is to help protect the system from accessing a website other than PayPal Currency The currency to be used for payment transaction NetComm Wireless HS1200N Wi
160. ssword in the Verify Password field Note A maximum of 20 characters with no spaces is allowed For security purposes we strongly recommended that you change the administrator password from the default setting Select the appropriate time zone from the Time Zone drop down list Click the Next button to continue www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 17 FA NetCommWireless step 2 WAN and Wireless Interfaces Step 2 of the setup wizard configures your WAN and Wireless network settings Select the type of interface for the WAN connection Static Enter the appropriate IP address subnet mask default gateway and DNS server information for your WAN device Such as an ADSL modem or 3G router Dynamic Network configuration information is automatically obtained via DHCP from your WAN device Such as an ADSL modem or 3G router PPPoE Enter the username and password required to connect to your WAN service Step 3 Add a Local User Account Optional Step 3 is optional and allows you to quickly create a local user account which has internet access If you do not wish to do this click the Skip button Enter a username and password and use the class drop down list to select a group to which the user belongs The class is used to define the policy for the account Refer to the user guide for more information on groups and how to log in with a local user account When you have entered the details of the
161. st effective Group To configure Group go to Users Group Users on the gateway can be classified into different groups which can be assigned different Policies and Schedules The gateway supports up to 5 user Groups Group Configuration Group 1 Select Group Group 1 v Group Name Group 1 Remark Zone Permission Configuration amp Policy Assignment Group 1 Time Span 1 Time Span 2 Zone Name Enabled Schedule 1 v Schedule 1 v Service Zone Private v Policy 1 v Policy 1 v Service Zone Public Iv Policy 1 v Policy 1 v When the type of authentication database is RADIUS the Class Group Mapping function will be available to allow the administrator to assign a Group for a RADIUS class attribute therefore a Group will be mapped to a user of a RADIUS class attribute Policy To configure Policy go to Users Policy The gateway supports multiple Policies including one Global Policy and 5 individual Policies Global Policy is the system s universal policy and is applied to all clients unless the clients are bound by another policy Individual Policy can be defined and applied to a different authentication server A client logging in with this authentication server will be bound by the corresponding Policy If no policy is applied to the authentication server its users will be governed by the Global Policy Global Policy Global policy is the system s universal policy containing the Firewall Profile Specific Routes
162. tal period of time xx days yy hrs zz mins during which On demand users are allowed to access the network The total maximum quota is 364Days 23hrs 59mins 59secs even after redeeming Account Activation is carried out when the user logs in for the first time Failing to do so in the period set in Account Activation will result in account expiration Valid Period is the valid period of usage time After this time period even if there is remaining quota the account will still expire Price is the unit price of this plan Group will be the applied Group to users created from this plan Heference field allows administrator to input additional information Editing Billing Plan Plan 2 Account Type Expiration Time 9 With Expiration Time O Mo Expiration Time 1 day s 2 hr s 3 min s Quota Range of days O 364 Range of hour s 0 23 Range of minis 0 59 they cannot all be zero First time login must be done within 4 day s E Account Activation hour s Range of haur 2 i 0 23 they cannot both be zara Valid Period After activation account will be expired in 6 day s Must be larger than Price Range 0 100000 including two digits after decimal point ag 1 59 Group Reference TIP If the Account Type is Usage Tima Customer can access intamet as lang as the account is valid with remaining quota connection time and within the valid period Cust
163. ternal Domain Name go to System gt gt General Internal Domain Name is the domain name of the gateway seen on client machines connected under zone It must conform to FQDN Fully Qualified Domain Name standard A user on client machine can use this domain name to access the gateway instead of its IP address In addition when Use the name on the security certificate option is checked the system will use the CN Common Name value of the uploaded SSL certificate as the domain name f General WAN WAN Traffic IPv6 i LAN Port Mapping N Service Zones Main Menu gt System gt Genera General Settings for the Entire System System Name Wireless Hotspot Gateway Administrator Contact Information Suspend Warning Message Sorry The service is suspended E SEAR a Eua iV Use the name on the security certificate FQDN of this device for internal use e g controller office name com To Configure Certificate go to Utilities gt gt Certificate and choose Upload Certificate from the scroll down menu Certificate A data record used for authenticating network entities such as a server or a client A certificate contains X 509 information pieces about its owner called the subject and the signing Certificate Authority called the issuer plus the owner s public key and the signature made by the CA Network entities verify these signatures using CA certificates You can apply for a SSL certificate at CA
164. ther a destination host is reachable and alive by entering the destination host s domain name or IP address and then press Ping button Trace Route displays the actual route taken to reach the destination host Entering the destination host s domain name or IP address and then press Start button to see the route ARP Table is for displaying ARP information stored on the system Network Utilities Wake on LAN MAC e g XX 1XX XX XX XX XX Wake Up Ping IP Domain Name Trace Route IP Domain Name Stop IPv4 P ARPing IP Domain Name Interface WAN1 v ARP Table Ping6 IP Domain Name Trace Route 6 IP Domain Name IPv6 Neighbor Discovery 1P Domain Name Interface WAN1 v Neighbor Cache Wake on LAN This allows the system to remotely boot up a power down computer connected to a LAN port with Wake On LAN feature enabled in its BIOS Enter the MAC Address of the desired device and click Wake Up to execute this function Ping It allows administrator to detect a device using IP address or Host domain name to see if it is alive or not Trace Route It allows administrator to find out the real path of packets from the gateway to a destination using IP address or Host domain name Show ARP Table It allows administrator to view the IP to Physical address translation tables used by address resolution protocol ARP www netcommwuireless com NetComm Wireless HS1200N Wireless
165. this device for internal use e g controller office name com 9 Specific Original None Portal URL Browser ID User Agent IEMobile 7 0 XBLWP7 e http www google com e g http www example com g IEMobile 7 0 XBLWP7 separate by comma When this function is set to None after users logged in successfully users will be directed to the original homepage set in their browsers Idle Timer To configure Idle Timer go to Users gt gt Additional Control If a user has idled with no network activities the system will automatically kick the user out The logout timer can be set between 1 1440 minutes and the default idle time is 10 minutes Additional Control Idle Timeout minutes 10 1 1440 Interval for Idle Traffic Detection 60 i seconds t9003 Threshold for Idle Traffic a 0 1048576 0 is Disabled Detection bytes User Session Control Multiple Login Charge Traffic to from Hosts in Walled Garden List Idle Timeout Check Direction accounts 2 Uplink Uplink amp Downlink E Enable This function is not applicable to on demand Enable 9 Disable changed Kick out users when their IPs are Enable Disable NetComm Wireless HS1200N Wireless N Hotspot 74 WWwW netcommwireless com 4 NetCommWireless Multiple Login To configure Multiple Login go to Users gt gt Additional Co
166. thout going through standard authentication process under Public zone may cause security problems www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 67 A gt NetCommWireless Privilege MAC Privilege MAC Address List In addition to the Privilege IP List MAC address List allows the MAC address of the workstations that need to access the network without authentication to be set in Granted Access by MAC Address The gateway allows 100 privileged MAC addresses at most When manually creating the list enter the MAC address the format is XX XX XX XX XX XX as well as the remark optional These settings will be effective immediately after clicking Apply Granted Access by MAC Address No MAC Address Remark eT r tu ul rt Total 100 First Prev Nex Caution Permitting specific MAC addresses to have network access rights without going through standard authentication process under Public zone may cause security problems Privilege IPv6 Privilege IPv6 Address List In addition to the Privilege IP List MAC address List the privilege IPv6 List allows the IPv6 address of the workstations that need to access the network without authentication to be set in Granted Access by IPv6 Address The gateway allows 100 privileged IPv6 addresses at most When manually creating the list enter the IPv6 address th
167. tination Port 53 The administrator is able to add new custom service protocols by clicking Add and delete the added protocols individually or with Select All followed by Delete operation Caution The Predefined Service Protocols cannot be deleted Click Add to add a custom service protocol The Protocol Type can be defined from a list of service by protocols TCP UDP ICMP IP and then define the Source Port range and Destination Port range click Apply to save this protocol Add Service Protocol Name Protocol Type TCP Source Port 1 65535 Destination Port ie 65535 Apply If the Protocol Type is ICMP the Type and Code must be defined NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 60 4 NetCommWireless Add Service Protocol Protocol Type ICMP Protocol Type Type ede If the Protocol Type is IP the Protocol Number needs to be defined Add Service Protocol Protocol Type IP Protocol Number User Firewall Rules After the custom protocol is defined or just use the Predefined Service Protocols you will need to enable the Firewall Rule to apply these protocols Firewall Rules for IPv6 is also supported Firewall Rules Click Rule No to edit individual rules and click Apply to save the settings The rule status will be shown on the list Check the Active checkbox and click Apply to enable the rule Rule No 1 has the highest pri
168. tion and select the Integration Setup button for the specific environment Installation ID 239xxx L XP ME US T M am am ww 4 E PIS WP CPI CSS CSS CSI SSMO GC CSI CM CPI CSS CS NSGg 2 m am am ww Cu US Step 4 Check Enable Payment Response checkbox Step 5 Enter the Payment Response URL URL lt wpdisplay item MC_callback gt Step 6 Check Enable the Shopper Response www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 137 A gt NetCommWireless Step 7 Select the Save Changes button Step 8 User Profile Dispute Management Reports Dats current up to 12 Oct 02 14 08 Merchant MERCHANTIOTAMI Sich to Production Copyright RBS pic 2009 B g amp e 2U0 wpdesplay itemeMC callback 4 4 o o f LOCO TEES 4 4 Input Installation ID and Payment Gateway URL in gateway Ul DI 2I Installation ID 2009test URL https select wp3 rbsworldpay com wcc purchase Q Authorize Net Installation ID Payment Gateway URL Currency External Payment Gateway O PayPal SecurePay 9 WorldPay Disable WorldPay Payment Page Configuration 239 https select wp3 rbsworldpay com wcc purchass GBP Pound Sterling Note The WAN IP of gateway must be a real IP NetComm Wireless HS1200N Wireless N Hotspot 138 WWwW netcommwireless com gt NetCommWireless Appendix F Portal Page Customizati
169. to getValue the return URL would be ignored and the page would only print out the available quota If command is set to getValue the output is simply value secs or bytes according to user type If command is not set and there is no ret url is presented client would be redirected to pop reminder shtml page which shows remaining quota in our UI style If ret url is presented client would be redirected to ret url and gateway would add these four variables in URL Field Msg Value Description otring including Sorry this feature is available for on demand user only Sorry this username XXX is not found Sorry this username XXX is out of quota Sorry this username XXX is expired Sorry this username XXX is redeemed Error messages Value Integer Sec Or Byte or error no 1 Account not found 2 Out of quota 3 Expired 4 Redeemed Uname otring Type String includes TIME Time type DATA Volume type CUTOFF Cut off type NetComm Wireless HS1200N Wireless N Hotspot 146 Hemaining quota if user is time type the value is remaining seconds if user is volume type the value remaining bytes User name On demand user billing type WWwW netcommwireless com gt NetCommWireless Change password Local User Path LAN IP address or Internal Domain Name loginpages user change password shtml Input Field Save Opw Npw Npwc ret_url Output
170. tor uses an IP address listed on the Management IP Address List Go to System gt gt General gt gt Management IP Address List If both WAN and LAN ports are unable to reach the user interface please use console interface to resolve this issue Configure Zone Network To configure a Zone network go to System Service Zones 7 i TA 2 Firewall Service Zone Settings i a LAN Port Applied Poli IF Address Service Zone Network DHCP Pool Mapping Name Default Authen Alias Policy 1 192 168 110 1 192 168 110 2 iii 192 168 110 100 Configure Disabled Enabled Policy 1 1982 168 1270 1 192 168 120 2 192 168 120 100 Configure Server 1 Enabled h gt E o 4 h 201 i k General WAN y WAN Traffic IPv6 y LAN Port Mapping Service Zones aid 2 Firewall Main Menu gt System gt Service Zone gt Service Zone Configuration gt DHCP Configuration DHCP Server Configuration for Service Zone Private Start IP Address 152 168 110 2 s End IP Address 197 168 110 100 Preferred DNS Server 182 168 110 1 Alternate DN5 5erver Domain Name domain com WINS Server Lease Time 1440 2 minutes 10080 minutes 7 days DHCP Pool 1 Ignore Client Name Q Enable 9 Disable DHCP Pool 2 QEnable 9 Disable Www netcommwireless com NetComm Wireless HS1200N Wireless N Hotspot 29 FA NetCommWireless
171. uals with some network system knowledge to complete the installation Prerequisites Before continuing with the installation of your Wireless N Hotspot please confirm that you have the following 2I A device with a working Ethernet network adapter DI A web browser such as Internet Explorer Mozilla Firefox or Google Chrome Notation The following symbols are used in this user guide A The following note requires attention A The following note provides a warning es The following note provides useful information www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 5 A gt NetCommWireless Product introduction Product overview The HS1200N is an economical and feature rich Wireless Hotspot Gateway Feature packed for hotspot operation the HS1200N comes with a built in wireless 802 11 n b g MIMO access point web server and web pages for client log in simple user visitor account management tool payment plans multiple credit card payment options traffic logs and IP sharing The HS1200N also includes the extra advantage of being wall mountable and dust proof with an IP50 metal housing Package contents The Wireless N Hotspot package includes 1 x HS1200N Wireless Hotspot Gateway v 1 x Quick start guide DI 1 x Console cable DI 1 x Ethernet cable 1 x 5V DC Power adapter DI D 2 x WIFi antennas DI The Wireless Ticket Generator and Printer package includes 1
172. uireless com NetComm Wireless HS1200N Wireless N Hotspot 31 lt gt NetCommWireless Zone Wireless Settings Each zone has its own VAP Virtual Access Point and corresponds to one SSID In the Private zone it s VAP1 and the SSID is hidden so public users will not see this SSID during a scan of available networks Privileged users may manually add this network by entering the SSID The SSID of VAP2 under the Public zone is enabled by default with the SSID Broadcast feature allowing public users to scan for this network After you have completed the wireless general settings configure the specific settings of each zone To configure Zone Wireless Security go to System gt gt Service Zones click Configure for Private zone or click Configure for Public Wireless Settings RF1 VAP 1 Enable Disable ZONE VAP Status ESSID Security Type Cipher Suite Pre shared Key Pass phrase Group Key Update Period Beacon Interval RTS Threshold Fragment Threshold Broadcast SSID Station Isolation WMM IGMP Snooping Wireless Settings VAP1 Wireless Settings Private Zone D 600 second s 100 25 500ms 1 2346 256 2346 O Enable 9 Disable O Enable 9 Disable 9Enable Disable O Enable 9 Disable Basic Enable the VAP Status if you wish to provide a wireless service under this zone Assign an ESSID to VAP1 under Private Zone or use the default The ESSID of the Private Zone w
173. uld like to move it to Click OK to save the changes made MovetoNo 5 Please make sure all the desired rules are checked as Active and click the Apply button below on the overview page ie n m General WAN WAN Traffic IPw6 Y LAN Port Mapping Service Zones Layer 2 Firewall 1 Main Menu System Layer 2 Firewall Generic Firewall Enable Disable Firewall Rules e Me acion cor Edit Move to Insert Before Delete Edit Move to Insert Before Delete DP Predefined and Custom Service Protocols Edit Move to Insert Before Delete NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 38 a FA NetCommWireless The administrator can add or delete firewall service protocols here the services on this list will become available drop down options to choose from in the firewall rules when EtherType is IPv4 The first 27 entries are default services and the administrator can add any extra desired services These 27 default firewall services cannot be deleted but can be disabled General WAN WAN Traffic IPv6 LAN Port Mapping Service Zones Layer 2 Firewall Main Menu System Layer 2 Firewall Service Protocols Me Name Se SRM E a aM si no UDR Destination ports 67 68 O O we 0 Tomte nem Total 27 www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot
174. ur s 0 23 Range jof min s 0 59 they cannot all be zero 6 Price Range 0 100000 including two digits after decimal point e 9 1 99 Group Group 1 v Reference TIP When the Account Type is Duration time three Counting Methods may be used to decide when the account expires 1 Elapsed Time specifies the time duration from account creation for which the account is valid 2 Cut off Time specifies the next cut off time point for which the account becomes invalid 3 Begin and End Time specifies that the account is valid between the two time points Duration time Elapsed Time account lifespan Elapsed Time ET Creation Time CT Deletion Time DT E invalid Valid NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 126 4 NetCommWireless Duration time with Cut off Time Cut off Time is the clock time at which the on demand account is cut off made expired by the system on that day For example if a shopping mall closes at 23 00 operators selling on demand tickets can use this plan to create a ticket set to be Cut off on 23 00 If an account of this kind is created after the Cut off Time the account will automatically expire Begin Time is the time that the account will be activated for use It is set to account creation time Cut off Time is the clock time when the account will expire Price is the unit price
175. ver to this gateway with the same suffix and the local user in this gateway would be able to log in successfully from another gateway by RADIUS authentication www netcommwuireless com NetComm Wireless HS1200N Wireless N Hotspot 109 lt gt NetCommWireless Customizable Pages To configure Custom Pages go to System gt gt Service Zones click Configure in Public zone There are several user login and logout pages that can be customized by the administrator You can select Default Page Template Page Uploaded or External Page Disclaimer Page Login Page Configure Logout Page Configure Login Success Page Configure _ Custom Pages Login Failed Page Configure m Login Success Page for On demand User Configure Logout Success Page Configure Logout Failed Page Configure Disclaimer Page The Disclaimer Page is for the hotspot owner or MIS staff who wants to display terms of use or announcement information before the user login page Click Configure to access the setup page An unauthorized client will receive a disclaimer page once opening the web browser If a client selects agree and clicks Next then he or she will proceed to the User Login Page for client to login with username and password The Disclaimer Page can be Enabled at System General Template Page To utilize the template user pages stored locally in the system choose Template Page and configure the necessary settings as follows
176. wing the Status This section includes System Interface Routing Table Current Users Session List User Logs Logs DHCP Lease and Report amp Notification to provide system status information and online user status oystem Status To view System Status go to Status System This section provides an overview of the system for the administrator e oa System Name NetComm Wireless 11n Hotspot HS1200N Portal URL http www netcommwireless com srsLoc serer a srsLoc sever ont sarae Disabled Receiver s E mail Address es N A NTP Server N A System Time 2013 08 20 16 46 29 1000 Time User Session Control Preferred DNS Server 172 16 1 250 Alternate DNS Server 172 16 1 251 NetComm Wireless HS1200N Wireless N Hotspot www netcommwuireless com 90 FA NetCommWireless The description of the above mentioned table is as follows Oe TIT page users are directed to after initial login success The IP address and port number of the external SYSLOG Server N A means that it is not configured SYSLOG server System Log The IP address and port number of the external SYSLOG Server N A means that it is not configured L Fm status of built in Proxy Server Shows whether the status for the connection at WAN is normal or abnormal Internet Connection Detection and all online users are allowed disallowed to log in the network SNMP Shows status of option to enable or disabled system info retrieval via
177. x Wireless Ticket Generator 2I 1 x Printer 1 x DB9 Adapter cable DI DI DI 1 x Printer thermal paper roll 1 x 8 AVDC 3A Power adapter for Printer 1 x 5V BA DC Power adapter for Wireless Ticket Generator ee a 1 x WiFi antenna for Wireless Ticket Generator If any of these items are missing or damaged please contact NetComm Wireless Support immediately The NetComm Wireless Support website can be found at http support netcommwireless com We recommend that you keep the original packaging materials in case repair or maintenance is necessary This will protect the HS1200N from damage during transport NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 6 gt NetCommWireless system concept The HS1200N is capable of managing user authentication authorisation and accounting The user account information is stored in the local database or a specified external RADIUS database server Featuring user authentication and integrated with an external payment gateway the HS1200N allows users to easily pay the designated fee using credit cards through a variety of payment gateways including Authorize Net PayPal SecurePay and WorldPay to gain access to your Internet service The HS1200N introduces the concept of Zones a Private Zone and Public Zone each with its own definable access control profiles Clients in the Private Zone are not required to be authenticated before using the network services w
178. y 18 i19 20 21 22 25 OO i 2 s 4 5 amp 5 7 j i 11 12 15 14 15 16 ave rate 01 05 00 0 00 kbit s 01 06 00 i i j 0 00 kbit s 03 15 00 i j kbit s 03 16 00 kbit s HOHCOP Nil 04 05 00 kbit s 08 14 13 kbit s 08 15 13 kbit s 08 20 13 kbit s estimated cocco month total avg rate Jan 00 O KiB 0 00 kbit s Mar 700 i 52 Mi 3 12 MiB 0 01 kbit s Traffic of the Month Apr o0 311 KiB 0 00 kbit s Aug 13 10 18 MiB 0 05 khit z estimated i i 15 MiB day rx tx total ave rate 08 14 13 1 78 MiB 3 56 MiB 5 34 MiB 0 51 kbit s 08 15 13 2 39 MiB 2 45 MiB 4 84 MiB 0 46 kbit s Traffic of the top 10 03 16 00 60d KiB 2 51 MiB 3 10 MiB 0 29 kbit s 04 05 00 246 KiB 65 KiB 311 KiB 0 03 kbit s 03 15 00 15 KiB 3 KiB 18 KiB 0 00 kbit s NetComm Wireless HS1200N Wireless N Hotspot www netcommwireless com 94 A NetCommWireless The description of the above mentioned table is as follows EE ae Description n WAN interface settings Static Dynamic PPPoE or PPTP ELLEN Address The MAC address of the WAN port IP LU The IP address of the WAN port ama Mask The Subnet Mask of the WAN port Address The IPv6 address of WAN port if applicable a Prefix The IPv6 prefix if applicable operation mode of the zone ia Address The MAC address of the zone Zone General IP a The IP address of the zone p Mask The Subnet Mask of the zone p w Address The IPv6 address of the zone if appli
179. ype Umac sessionlength byteamount idletimeout acct interim interval L ogouturl Change passwd url ondemand creation url Vlanid Gwip client ip SZ Group Policy max_uplink Value String String LOCAL RADIUS ONDEMAND POP3 LDAP SIP NT Domain MAC format separated by Integer Sec Integer Bytes Integer Sec Integer Sec String URL encoded String URL encoded String URL encoded Integer 1 4096 IP format IP format Integer Integer Integer Integer b s NetComm Wireless HS1200N Wireless N Hotspot 142 Description User ID postfix is included Authentication server name Client MAC address RADIUS user session length Only available for RADIUS user RADIUS user volume limit Only available for RADIUS user Idle timeout RADIUS accounting interim update interval Only available for RADIUS user The URL which shall be submitted when user want to logout The URL which shall be submitted when user want to change password Only available for LOCAL user The URL which shall be submitted when user want to create on demand user Only available for LOCAL user VLAN ID Gateway activated WAN IP address Client IP address service Zone ID Group index Policy index Maximum up link rate WWwW netcommwireless com gt NetCommWireless max downlink req uplink reg downlink next page CLASS WISPR SESSION TERMINATE TIME WISPR SESS
Download Pdf Manuals
Related Search