TopGlobal MB8000 Hotspots Solution

Similar documents
Exam HP2-Z32 Implementing HP MSM Wireless Networks Version: 7.1 [ Total Questions: 115 ]

Network Policy Controller UAM/RADIUS Guide

802.1X: Deployment Experiences and Obstacles to Widespread Adoption

Cisco Exam Questions & Answers

Configuring a VAP on the WAP351, WAP131, and WAP371

Authentication and Security: IEEE 802.1x and protocols EAP based

Configuring the Client Adapter through Windows CE.NET

Configuring OfficeExtend Access Points

Configuring Authentication Types

BW1330. High Performance Hotspot Access Point

Grandstream Networks, Inc. Captive Portal Authentication via RADIUS

Application Example (Standalone EAP)

Csci388. Wireless and Mobile Security Access Control: 802.1X, EAP, and RADIUS. Importance of Access Control. WEP Weakness. Wi-Fi and IEEE 802.

What is Eavedropping?

Vendor: HP. Exam Code: HP2-Z32. Exam Name: Implementing HP MSM Wireless Networks. Version: Demo

Configuring 802.1X Settings on the WAP351

Configuring the Client Adapter through the Windows XP Operating System

Expected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy

802.1x. ACSAC 2002 Las Vegas

Summary. Deployment Guide: Configuring the Cisco Wireless Security Suite 1 OL

Agile Controller-Campus V100R002C10. Permission Control Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.

FAQ on Cisco Aironet Wireless Security

Wireless LAN Controller Web Authentication Configuration Example

Access Connections 5.1 for Windows Vista: User Guide

Configuring WLANs CHAPTER

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

Light Mesh AP. User s Guide. 2009/2/20 v1.0 draft

BW1330. High Performance Hotspot Access Point. Browan Communications. 6 August 2007 Version 1.0

IEEE 802.1x, RADIUS AND DYNAMIC VLAN ASSIGNMENT

Securing a Wireless LAN

Cisco Exam Questions and Answers (PDF) Cisco Exam Questions BrainDumps

Wireless technology Principles of Security

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

Configuring RADIUS Servers

Configuring the EAPs Globally via Omada Controller

Deployment Guide for Cisco Guest Access Using the Cisco Wireless LAN Controller, Release 4.1

Configuring the WMIC for the First Time

Table of Contents. 4 System Guard Configuration 4-1 System Guard Overview 4-1 Guard Against IP Attacks 4-1 Guard Against TCN Attacks 4-1

Radiator. EAP-SIM and EAP- AKA Support

Release Notes for Avaya WLAN 9100 AOS-Lite Operating System WAP9112 Release WAP9114 Release 8.1.0

Configuring the Xirrus Array

Radiator. EAP-SIM and EAP- AKA Support

Wireless Integration Overview

Configuring Settings on the Cisco Unified Wireless IP Phone

Vendor: Cisco. Exam Code: Exam Name: Implementing Advanced Cisco Unified Wireless Security (IAUWS) v2.0. Version: Demo

Protected EAP (PEAP) Application Note

Network Controller 3500 Quick Start Guide

802.11a g Dual Band Wireless Access Point. User s Manual

Configuring the Client Adapter through the Windows XP Operating System

PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL

Web and MAC Authentication

Authentication and Security: IEEE 802.1x and protocols EAP based

Cisco Exam Securing Wireless Enterprise Networks Version: 7.0 [ Total Questions: 53 ]

WL 5011s g Wireless Network Adapter Client Utility User Guide

Standard For IIUM Wireless Networking

Configuring Hybrid REAP

Seamless Yet Secure -Hotspot Roaming

Configuring RADIUS and TACACS+ Servers

WL-5420AP. User s Guide

Configuring Client Profiling

Network Controller. Complete Control and Management of Public Access Networks

Wireless LAN Security. Gabriel Clothier

b/g/n 1T1R Wireless USB Adapter. User s Manual

Add a Wireless Network to an Existing Wired Network using a Wireless Access Point (WAP)

D. The bank s web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.

EnGenius Quick Start Guide

HPE IMC UAM BYOD Quick Deployment on Mobile Device Configuration Examples

Configuring Layer2 Security

AmbiCom WL11-SD Wireless LAN SD Card. User Manual

Configuring Local EAP

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]

COPYRIGHTED MATERIAL. Contents

What Is Wireless Setup

Zebra Setup Utility, Zebra Mobile Printer, Microsoft NPS, Cisco Controller, PEAP and WPA-PEAP

ENHANCING PUBLIC WIFI SECURITY

NCR. Wi-Fi Setup Assistant. User guide

802.1x Configuration. FSOS 802.1X Configuration

Integration of and Third-Generation Wireless Data Networks

Prestige 660HW Series. Prestige 660H Series. Quick Start Guide

Grandstream Networks, Inc. GWN76xx Wi-Fi Access Points Master/Slave Architecture Guide

cnpilot Enterprise AP Release Notes

Cisco Unified IP Phone Installation

PePWave Mesh Connector User Manual

DPX8000 Series Deep Service Switching Gateway User Configuration Guide BRAS Service Board Module v1.0

Network Security 1. Module 7 Configure Trust and Identity at Layer 2

Securing Your Wireless LAN

BASIC INSTRUCTIONS TO CONFIGURE ZYXEL P870HNU-51B CPE USING THE WEB INTERFACE

Controlled/uncontrolled port and port authorization status

DCWS-6028 Enterprise-Class Smart Wireless Access Controller. The Simple and Powerful Enterprise Smart Wireless LAN Controller

Configuring WLANsWireless Device Access

TestsDumps. Latest Test Dumps for IT Exam Certification

Exam : PW Title : Certified wireless security professional(cwsp) Version : DEMO

Zebra Mobile Printer, Zebra Setup Utility, Cisco ACS, Cisco Controller PEAP and WPA-PEAP

Security Setup CHAPTER

Designing AirPort Extreme n Networks

Cisco Exam Questions & Answers

Configuring FlexConnect Groups

Configuring the Access Point/Bridge for the First Time

Table of Contents X Configuration 1-1

RADIUS Configuration. Overview. Introduction to RADIUS. Client/Server Model

Transcription:

MB8000 s MB8000 is a mobile/portable wireless communication gateway. It combines the best of Wi-Fi technology and 2.5G/3G mobile communication technology. WISP can deploy their wireless hotspots with MB8000 rapidly with minimal installation and maintenance. MB8000 has many significant features which are suitable for wireless hotspots. MB8000 has a build-in RADIUS client module, which implements a widely used protocol for authentication, authorization and accounting (AAA), and MB8000 does access control according to the result of AAA. This application notes shows how to deploy a wireless hotspot rapidly with MB8000. How does MB8000 meet the requirements for a hotspot deployment MB8000 is configurable to run a DHCP Server or to act as a DHCP relay agent for assignment of end-user IP address. An end-user can obtain a dynamic IP address from MB8000. MB8000 implements RADIUS Client. When configured to enabled, it will send authentication request packets to the RADIUS Server when an access request received. The end-users can access the Internet only after pass the authentication successfully. MB8000 supports RADIUS MAC authentication, IEEE 802.1X and WEB Portal authentication. RADIUS MAC authentication: The MAC address of the end-user s WLAN card will be regarded as a unique ID (username) to authenticate by RADIUS Server. 802.1X authentication: MB8000 supports many EAP types for 802.1X authentication, such as: EAP-MD5, EAP-PEAP, EAP-TLS, EAP-TTLS, EAP-SIM, and so on. This needs the end-users have IEEE 802.1X supplicant installed and the RADIUS Server must support EAP authentication. WEB Portal authentication: This is the most convenient method for the end-users. They don t need to install any additional software or any extra configurations on their laptops or handsets. When an end-user attempts to access the Internet, MB8000 would prompt an IE window to request for the username and password and then send an authentication request to the RADIUS Server to authenticate this user. Note that the end-user s password will never presented in the network traffic all through the procedure. When using WEB Portal, MB8000 supports SSL for the HTTPs POST when the end-users post their credentials for the authentication. MB8000 also can redirect the unauthenticated user s HTTP GET request to a login page hosted by a remote WEB Server. This enhances roaming agreement for the wireless ISPs. MB8000 supports RADIUS accounting. It will send accounting requests to the specified RADIUS accounting server when an accounting session starting and stopping, and send interim accounting requests periodically during the session.

Application Notes MB8000 provides variable data encryption to protect WLAN privacy: 40/128bit WEP encryption and WPA TKIP encryption. MB8000 is configurable to reject bad-guys from accessing the network by setting MAC address filter. And when setting InterBSS relay to disabled, the end-users in the same BSS will not be able to access each other directly. This protects the privacy of the end-users in a public wireless network. MB8000 can be managed concentratively by RCM (Remote Central Management) system, which is software that can manage and configure MB8000 in group, remotely and concentratively. MB8000 supports a secondary RADIUS Server as a backup in case of the primary Server be down or unavailable. Also, WISPs can deploy their RADIUS Authentication Server and RADIUS Accounting Server as two independent servers, which could be located in two places. Application scenario1: Deploy Hotspots with MB8000 With MB8000, WISPs can deploy their hotspots and mobile hotspots rapidly with low cost. The wireless hotspots can be widely deployed in any places of 3G coverage, the airports, cafés, and gymnasiums, even in the job sites, the train, the buses and yachts.

Application scenario2: Deploy Hotspots as a member of Airpath Provider Alliance with MB8000 Airpath Provider Alliance (APA) is Airpath's proprietary back-end settlement and clearinghouse for tying Hot Spots into one large ubiquitous network. You may reference to http://www.airpath.com to get more information and business model. Deploy your hotspots and join APA, the users will come. MB8000 has been approved by Airpath Approval. This means that MB8000 can be deployed and used with Airpath systems straightforward. You don t have to deploy your own AAA and billing system, nor plenty of Advertisement to attract users. Joined the APA, you may share the APA s users and clients. MB8000 Configurations for Hotspot You may need 3 steps to finish the configuration for hotspot. Step1. Choose and configure the authentication scheme: You may choose one of the following 3 authentication scheme: 1) Configure to RADIUS MAC: Login to the MB8000 s configuration page, go to Advanced -> RADIUS Authentication page, and set the RADIUS MAC Access Control Status to Enable. 2) Configure to 802.1X authentication: Go to the Advanced -> Encryption page, and set the Network Authentication to NonWPA-802dot1XOnly, or WPA. We strongly suggest that WPA be selected. 3) Configure to WEB Portal: Go to the Advanced -> WEB Portal page, and set the WEB Portal Status to Enable. Step2. Configure the RADIUS settings: 1) Go to Advanced -> RADIUS Authentication page, according to the network TOPO, you need to select one interface for the MB8000 communicating with the RADIUS Server. If the RADIUS Server is connected with MB8000 in a wired-lan, you may set this value to LAN in

the Interface field, else WAN might be selected. 2) Configure the primary RADIUS authentication server for user authentication. The Server Status field MUST set to Enable, and then fill in the IP address and shared secret. If you have a secondary RADIUS authentication server, you may fill in the settings just as the primary one. 3) Configure the primary RADIUS accounting server for accounting. The Server Status field MUST set to Enable, and then fill in the IP address and shared secret. If you have a secondary RADIUS accounting server, you may fill in the settings just as the primary one. Step3. Configure the WLAN data encryption scheme: You might decide the WLAN data encryption scheme according to your hotspot s operation. You can choose a non-encryption network or WEP encryption or TKIP encryption. 1) Non-encryption network: Go to the Advanced -> Encryption page, and set the Network Authentication field to Open, make sure that Data Encryption field be set to Disable as following settings: 2) 40/128bit WEP encryption: The following figure shows typical 40bit WEP encryption

settings. You can set 128bit WEP encryption if needed. 3) TKIP encryption: Set Network Authentication field to WPA or WPA-PSK, TKIP encryption scheme will be automatically selected. Annex: RADIUS Attributes that MB8000 supports RADIUS Attributes Auth Request Auth Reply Accounting Request [1]User-Name [2]User-Password [4]NAS-IP-Address [6]Service-Type [8]Framed-IP-Address [18]Reply-Message [24]State [25]Class [27]Session-Timeout [28]Idle-Timeout [30]Called-Station-ID [31]Calling-Station-ID [32]NAS-ID [40]Acct-Status-Type 1 - Start, 2 - Stop, 3 - Interim Update [41]Acct-Delay-Time [42]Acct-Input-Octets [43]Acct-Output-Octets [44]Acct-Session-ID [46]Acct-Session-Time

[47]Acct-Input-Packets [48]Acct-Output-Packets [49]Acct-Terminate-Case [61]NAS-Port-Type 15 - Ethernet, 19-802.11 [85]Acct-interim-Interval ADDR : 8/F REWARD BUILDING, No.203 Wangjing Li Ze Zhongyuan,Chaoyang District,Beijing. 100102,China TEL: +86-010-64390528 TOP Global Technology Ltd. FAX: +86-010-64392901 http://www.topglobalusa.com/

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback