Skip navigation
Banner: skynetworks

Simple HotSpot Setup

Simple HotSpot Setup

 

Contents

 [hide]

 

[edit]

HotSpot Setup using UAM authentication


[edit]

Example: Using HotSpot localhost as UAM authenticator

You will need 1 device setted up with latest Ikarus O.S version(no bridge mode) and internet access .

Initial state of the HotSpot for example:

  • Host eth0(Enabled):192.168.1.119
  • Host ath0(Enabled):0.0.0.0
  • Default Gateway:192.168.1.240(...to internet)
  • Open the INMS
  • Right click to the AP node and choose "Advanced node configuration"
  • Choose "HotSpot" tab from the horizontal third row of tabs
  • Click Enable HotSpot and start the wizard
  • Select as WAN interface the one that will connect to the internet
  • Choose static ip and fill in the appropriate fields
  • Click Next
  • Select the physical interfaces to be used as Hotspot's interfaces for users to connect
  • Press the ">>>" sign to add them
  • When Hotspot is initialized these interfaces will be bridged under a bridge called br_HotSpot
  • Click Next
  • Hotspot will assign HotSpot users with an IP address in the range of the configured dynamic IP addresses subnet you choose.
  • If DNS values are set to 0.0.0.0, the Hotspot will assign the router's DNS IP addresses.
  • Click Next
  • If the NAT Enable option is selected, HotSpot users' IP addresses will be translated to the WAN's IP address (Network Address Translation, Masquerade)
  • Protection is performed through firewall rules. According to the protection level used, appropriate firewall rules will be generated. (The comment “Added_By_Hotspot” will be automatically generated.)
  • Click Next
  • If there are wireless interfaces used as HotSpot interfaces make the desired settings
  • Click Next
  • The radius server used to authenticate HotSpot users.
  • Either the IP address or Domain name of at least one Radius Server must be configured. The second Radius server is used as a backup server (if present).
  • Make the appropriate settings
  • Click Next
  • In this examble you click to enable UAM authentication
  • UAM is the common Web-redirection authentication type. Hotspot users, after they have obtained an IP address, and opened a Web browser, will be redirected to the HotSpot's Web page to provide their Username and Password.
  • In the domain field type localhost
  • Click-enable Local
  • Click Next
  • Leave defaults or change as needed
  • Click Next
  • Leave defaults or change as needed
  • Click Next
  • Leave defaults or change as needed
  • Click Next
  • Check Hotspot configuration
  • Click Submit to end the procedure and initialize the Hotspot
  • Select Network tab on the above pane
  • You should see the LAN interfaces you choose earlier bridged under br_HotSpot
  • User being connected to one of the Hotspot's LAN interfaces when trying to connect to the internet should see the image below
  • Username and Password for login to succeed must exist in Radius system database!

 


[edit]

Example:Using a remote PC as UAM authenticator



You will need 1 device setted up with latest Ikarus O.S version(no bridge mode) and internet access .

Initial state of the HotSpot for examble:

  • Host eth0(Enabled):192.168.1.119
  • Host ath0(Enabled):0.0.0.0
  • Default Gateway:192.168.1.240(...to internet)
  • Open the INMS
  • Right click to the AP node and choose "Advanced node configuration"
  • Choose "HotSpot" tab from the horizontal third row of tabs
  • Click Enable HotSpot and start the wizard
  • Select as WAN interface the one that will connect to the internet
  • Choose static ip and fill in the appropriate fields
  • Click Next
  • Select the physical interfaces to be used as Hotspot's interfaces for users to connect
  • Press the ">>>" sign to add them
  • When Hotspot is initialized these interfaces will be bridged under a bridge called br_HotSpot
  • Click Next
  • Hotspot will assign HotSpot users with an IP address in the range of the configured dynamic IP addresses subnet you choose.
  • If DNS values are set to 0.0.0.0, the Hotspot will assign the router's DNS IP addresses.
  • Click Next
  • If the NAT Enable option is selected, HotSpot users' IP addresses will be translated to the WAN's IP address (Network Address Translation, Masquerade)
  • Protection is performed through firewall rules. According to the protection level used, appropriate firewall rules will be generated. (The comment “Added_By_Hotspot” will be automatically generated.)
  • Click Next
  • If there are wireless interfaces used as HotSpot interfaces make the desired settings
  • Click Next
  • The radius server used to authenticate HotSpot users.
  • Either the IP address or Domain name of at least one Radius Server must be configured. The second Radius server is used as a backup server (if present).
  • Make the appropriate settings
  • Click Next
  • In this example you click to enable UAM authentication
  • UAM is the common Web-redirection authentication type. Hotspot users, after they have obtained an IP address, and opened a Web browser, will be redirected to the HotSpot's Web page to provide their Username and Password.
  • Take under consideration that if you want to follow this kind of UAM authentication the remote PC should be able to respond to secure requests("Https")
  • In the domain field type the full URL of the PC that holds the Hotspotlogin.cgi file e.g HTTPS://192.168.1.116/cgi-bin/Hotspotlogin.cgi
  • Leave secret empty
  • If you decide to type a secret have in mind that you have to alter the Hotspotlogin.cgi code to conform to the new secret
  • Click Next
  • Leave defaults or change as needed
  • Click Next
  • Leave defaults or change as needed
  • Click Next
  • Leave defaults or change as needed
  • Click Next
  • Check Hotspot configuration
  • Click Submit to end the procedure and initialize the Hotspot
  • Select Network tab on the above pane
  • You should see the LAN interfaces you choose earlier bridged under br_HotSpot
  • User being connected to one of the Hotspot's LAN interfaces when trying to connect to the internet should see the image below
  • Username and Password for login to succeed must exist in Radius system database.