Instruction manual | Deprecated: Function ereg() is deprecated in Z:\server\http\planet

Deprecated: Function ereg() is deprecated in Z:\server\http\planet
Hot Spot
Wireless Subscriber Gateway
WSG-404
User’s Manual
Copyright
Copyright (C) 2007 PLANET Technology Corp. All rights reserved.
The products and programs described in this User’s Manual are licensed products of PLANET
Technology, This User’s Manual contains proprietary information protected by copyright, and this
User’s Manual and all accompanying hardware, software, and documentation are copyrighted.
No part of this User’s Manual may be copied, photocopied, reproduced, translated, or reduced to
any electronic medium or machine-readable form by any means by electronic or mechanical.
Including photocopying, recording, or information storage and retrieval systems, for any purpose
other than the purchaser'
s personal use, and without the prior express written permission of
PLANET Technology.
Disclaimer
PLANET Technology does not warrant that the hardware will work properly in all environments and
applications, and makes no warranty and representation, either implied or expressed, with respect
to the quality, performance, merchantability, or fitness for a particular purpose.
PLANET has made every effort to ensure that this User’s Manual is accurate; PLANET disclaims
liability for any inaccuracies or omissions that may have occurred.
Information in this User’s Manual is subject to change without notice and does not represent a
commitment on the part of PLANET. PLANET assumes no responsibility for any inaccuracies that
may be contained in this User’s Manual. PLANET makes no commitment to update or keep current
the information in this User’s Manual, and reserves the right to make improvements to this User’s
Manual and/or to the products described in this User’s Manual, at any time without notice.
If you find information in this manual that is incorrect, misleading, or incomplete, we would
appreciate your comments and suggestions.
FCC Warning
This equipment has been tested and found to comply with the limits for a Class A digital device,
pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection
against harmful interference when the equipment is operated in a commercial environment. This
equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in
accordance with the Instruction manual, may cause harmful interference to radio communications.
Operation of this equipment in a residential area is likely to cause harmful interference in which
case the user will be required to correct the interference at his own expense.
CE mark Warning
The is a class B device, In a domestic environment, this product may cause radio interference, in
which case the user may be required to take adequate measures.
Trademarks
The PLANET logo is a trademark of PLANET Technology. This documentation may refer to
numerous hardware and software products by their trade names. In most, if not all cases, these
designations are claimed as trademarks or registered trademarks by their respective companies.
WEEE Warning
To avoid the potential effects on the environment and human health as a result of
the presence of hazardous substances in electrical and electronic equipment, end
users of electrical and electronic equipment should understand the meaning of the
crossed-out wheeled bin symbol. Do not dispose of WEEE as unsorted municipal
waste and have to collect such WEEE separately.
Revision
User’s Manual for PLANET Hot Spot Wireless Subscriber Gateway
Model: WSG-404
Rev: 1.0
Part No.: EM-WSG404v1 (2081-B41070-000)
2
WSG-404 User Guide
Table of Contents
1. Introduction..............................................................................................................................5
1.1 Package Contents...............................................................................................................5
1.2 Features .............................................................................................................................6
1.3 Precautions.........................................................................................................................7
1.4 Outlook ...............................................................................................................................7
1.4.1 Top Panel....................................................................................................................7
1.4.2 Rear Panel..................................................................................................................8
1.5 Technical Specifications ....................................................................................................10
1.5.1 Hardware Specifications ...........................................................................................10
1.5.2 Software Specifications............................................................................................. 11
2. Installation ..............................................................................................................................13
2.1 Installation Requirements..................................................................................................13
2.1.1 System Requirements...............................................................................................13
2.1.2 ISP Requirements.....................................................................................................13
2.1.3 Your PC Requirements .............................................................................................14
2.2 Hardware Connection and Installation...............................................................................15
2.2.1 Physical Installation ..................................................................................................15
2.3 Software Configuration......................................................................................................16
2.3.1 Quick Configuration ..................................................................................................16
2.3.2 External Network Access ..........................................................................................24
3. Web Interface Configuration .................................................................................................27
3.1 System Configuration........................................................................................................28
3.1.1 Configuration Wizard ................................................................................................28
3.1.2 System Information...................................................................................................29
3.1.3 WAN Configuration ...................................................................................................31
3.1.4 LAN1 & LAN2 Configuration .....................................................................................33
3.1.5 LAN3 & LAN4 Configuration .....................................................................................36
3.1.6 Wireless Configuration..............................................................................................39
3.2 User Authentication...........................................................................................................45
3.2.1 Authentication Configuration .....................................................................................45
3.2.1.1 Authentication Method - Local User Setting ...........................................................66
3.2.1.2 Authentication Method - POP3...............................................................................71
3.2.1.3 Authentication Method - RADIUS ...........................................................................72
3.2.1.4 Authentication Method - LDAP ...............................................................................74
3.2.1.5 Authentication Method - NTDomain .......................................................................75
3.2.2 Black List Configuration ............................................................................................76
3.2.3 Policy Configuration ..................................................................................................78
3.2.4 Guest User Configuration..........................................................................................82
3.2.5 Additional Configuration ............................................................................................83
3.3 Network Configuration ....................................................................................................100
3.3.1 Network Address Translate .....................................................................................100
Wireless Subscriber Gateway
3
3.3.2 Privilege Configuration............................................................................................104
3.3.3 Monitor IP Configuration .........................................................................................105
3.3.4 Walled Garden List .................................................................................................107
3.3.5 Proxy Server Properties..........................................................................................108
3.3.6 Dynamic DNS .........................................................................................................109
3.4 Utilities ............................................................................................................................ 110
3.4.1 Change Password .................................................................................................. 110
3.4.2 Backup/Restore Settings ........................................................................................ 112
3.4.3 Firmware Upgrade .................................................................................................. 113
3.4.4 Restart .................................................................................................................... 113
3.5 Status.............................................................................................................................. 114
3.5.1 System Status......................................................................................................... 114
3.5.2 Interface Status....................................................................................................... 116
3.5.3 Concurrent Users.................................................................................................... 118
3.5.4 Traffic History.......................................................................................................... 118
3.5.5 Notify Configuration ................................................................................................120
3.6 Help ................................................................................................................................121
4. Appendix A --- Console Interface ........................................................................................122
5. Appendix B --- Configuration on Authorize.Net .................................................................125
6. Appendix C --- Proxy Setting for Hotspot ...........................................................................130
7. Appendix D --- Proxy Setting for Enterprise.......................................................................133
8. Appendix E --- Disclaimer for On-Demand Users ..............................................................138
4
WSG-404 User Guide
1. Introduction
The PLANET Wireless Subscriber Gateway WSG-404 is a compact intelligent gateway integrated
with a four-port port-based switch. It provides Plug & Play Internet access, advanced security and
network management.
The WSG-404 is designed for service providers, system integrator or hotspot venue operator
without backend-RADIUS-Server to have integrated solution for rapid deployment, which can start
hotspot service quickly and easily and enhance service performance.
The WSG-404 is an ideal solution for hotel lobbies, coffee bars, airport lounges, conference
facilities and other sites that commonly host business travelers, and offers instant high-speed
Internet connections. With its IP Plug and Play technology, it accepts any client configuration login,
when client open browser the WSG-404 immediately recognizes new end-user and redirects their
browser to customized Web pages. There’s no need for end-user to change any of their default
network (Static IP), e-mail (SMTP Server behind firewall), or browser settings (HTTP Proxy) or load
any special software to access hotspot service. It’s completely Plug’ Play with any browser.
1.1 Package Contents
Please inspect your package. The following items should be included in the WSG-404 packages:
1x WSG-404 unit
1x Power Adapter
1x User’s Manual CD
1x Quick Installation Guide
1x RJ-45 Cable
1x RS-232
2x Antenna
If any of the above items are damaged or missing, please contact your dealer immediately.
Optional Product that can co-work with WSG-404:
WSG-ACG4 Account Generator Printer
1x Power Adapter
1x RJ-11 Cable
1x Quick Installation Guide
This Account Generator is an optional device that can work with WSG-404. With this Account
Generator it is much easier for operator to create the accounts for any guests. Without the Account
Generator, all the account generation can be done through Administrator’s Web management page.
The demand of this Account Generator can vary on the install site
Wireless Subscriber Gateway
5
1.2 Features
Ideal Hot Spot solution
Via the integrated 802.11g wireless interface, mobile users can establish high speed Internet
access without any configuration.
Zero configuration (Plug-n-Play) Internet access
WSG-404 translates proper IP address information for Internet access, all IP configurations,
either DHCP, Private IP or Static IP information will be turned into Internet-ready
configurations. Subscribers won’t feel the difference, and no need to face to the
inconvenience of IP reconfigurations.
Built-in proprietary AAA mechanism and billing system
PLANET WSG-404 integrates Web-based Authentication (including subscriber SSL logon
page), selective Web-based Accounting, and proprietary billing mechanism, which can help
you to prepare a billing mechanism in a very short time and bring most convenience, the least
efforts for billing applications.
RADIUS AAA support
WSG-404 provides standard based Radius Client to communicate with any standard based
Radius server, in order to support AAA (Authentication, Authorization and Accounting).
Exclusive Printer Accounting (Optional)
Machine operators may customize the printout information for different billing application.
Security and Firewall
With built-in 64/128-bit RC4 WEP Encryption, VLAN Security for Wireless, subscriber SSL
Login Page / Admin Page, VPN (IPSec/PPTP) Pass through…various security features,
PLANET WSG-404 bring you an ease-of-use and most comfort safe Internet access
environment.
Ease-of-Use and Management
The built-in web management interface in WSG-404 brings most convenience to system
administrators or machine operators while configuring machine or setting up subscriber
privileges in movements. With time increments, clerks or machine operators may print out,
billing and other user information with time increments are conveniently printed on the
button-operated printer included with the PLANET WSG-404. Time increments may be
compiled simply by pressing the printer button multiple times. No computers or complex
back-end subscriber management systems are required for deployment.
Virtual Server & DMZ Capability
The standard and user-defined Virtual server gives the WSG-404 has the most flexibility to
share local resources like Email, FTP or HTTP servers to the Internet in a more secure way.
The DMZ (De-Militarized Zone) capability helps LAN users to act like an independent Internet
node that communicates to the Internet in both directions while maintaining security for LAN
users.
Note:
The "PnP" Function only can be used with TCP/IP-based Network.
6
WSG-404 User Guide
1.3 Precautions
Never remove or open the cover. You may suffer serious injury if you touch these parts.
Never install the system in the wet locations.
Use only the original fitting AC power adapter otherwise there is a danger of severe electrical
shock.
Avoid exposing the WSG-404 to direct sunlight or another heat source.
Choose a well-ventilated area to position your WSG-404.
1.4 Outlook
Figure 1-1 WSG-404 Outlook
1.4.1 Top Panel
The top panel of the WSG-404 is shown below.
Figure 1-2 WSG-404 Top Panel
Wireless Subscriber Gateway
7
LEDs Indication
LED
Color
PWR
Green
WLAN
Green
WAN
Green
LAN
1~4
Green
Status
Off
On
Off
On
Flashing
Description
The device is turned off
The device is turned on
The wireless is not ready
The wireless is ready
The wireless data transmission
The WAN is not connected
Off
The WAN has a successful (10/100Mbps)
On
Ethernet connection
Flashing
The WAN is sending or receiving packet
The LAN is not connected
Off
The LAN has a successful (10/100Mbps)
On
Ethernet connection
Flashing
The LAN is sending or receiving packet
Note:
1. Use only the bundled DC adapter for the power system, other power adapter could damage the
device permantly.
2. During the firmware upgrade process, please do not power off the device, otherwise it could
damage the device permantly.
1.4.2 Rear Panel
The rear panel of the WSG-404 is shown below.
WAN
LAN
Console
12V DC
RESET
1
2
3
4
Figure 1-4 WSG-404 Rear Panel
Port Indication
Printed
on
Housin
g
Interfac
e
8
Powe
r
Reset
WAN
LAN 1
LAN 2
LAN 3
LAN 4
Consol
e
12V
DC
RESE
T
WAN
1
2
3
4
Consol
e
Power
Button
RJ-45
RJ-45
RJ-45
RJ-45
RJ-45
RJ-11
WSG-404 User Guide
POWER:
The power adaptor plugs here.
RESET:
Used for restarting the system.
WAN:
One RJ-45 port is used for connecting xDSL or Cable Mode to the Internet/Intranet.
LAN1~2:
Used for Connecting to the public LAN. It can be chosen to require authentication to access
network resource and the Internet.
LAN3~4:
Used for Connecting to the private LAN. Authentication is not required to access the network
resource from here.
Console:
Used for configuring the system via Hyper Terminal or connecting to the WSG-ACG4 (Ticket
Printer).
Wireless Subscriber Gateway
9
1.5 Technical Specifications
1.5.1 Hardware Specifications
Ports
LAN
WAN
Console
Wireless Data rate
Wireless Encryption
Wireless Authentication
Wireless Antenna Type
Wireless Operating Range
LED Indicators
Environmental
Electrical
Regulatory Compliance
Dimension
Weight
10
4 x RJ45 (10Base-T/100Base-TX, Auto-Negotiation, Auto MDI/MDI-X)
1 x 802.11g wireless AP interface
1 x RJ45 (10Base-T/100Base-TX, Auto-Negotiation)
1 x RJ11
Up to 54Mbps with Auto fall back with 802.11b
WEP 64/128 bit
WPA with TKIP
IEEE 802.1x (EAP-MD5, EAP-TLS, CHAP, PEAP)
WPA-PSK
2dBi (Max) Dual detachable diversity antenna with reverse SMA
Open Space: 100~300m
Indoors: 35~100m
1 x POWER LED
1 x WLAN Link/Activity LED
1 x WAN Link/Activity LED
4 x LAN Link/Activity LEDs
Operating
Temperature: 5 ~ 45 В°C
Relative Humidity: 10 ~ 80 % (non-condensing)
Storage
Temperature: - 25 ~ 55 В°C
Relative Humidity: 5 ~ 90 % (non-condensing)
External Power Adaptor
Power Input: 12V DC, 1.5A
FCC part 15 Class B
CE Mark Class B
230 x 150 x 45.5 mm (W x D x H)
1.4 Kg
WSG-404 User Guide
1.5.2 Software Specifications
Network
IEEE802.3 10BaseT Ethernet
IEEE802.3u 100BaseTX Fast Ethernet
IEEE802.11b 11Mbps
IEEE802.11g 54Mbps
Supports 50 Simultaneous Users
IP Plug and Play (IP PnP)
Supports External HTTP Proxy Servers; Built-in Proxy Server
WEP Data Encryption 64/128 bit
WPA with TKIP; Radius
SMTP Server Redirection
DHCP Server
DHCP Relay
NAT
IP Routing
Dynamic DNS
Walled Garden: Up to 20
Session Number: Max. 16384
Supports NTP (Network Time Protocol)
WAN Connection Type
DHCP WAN Client
PPPoE WAN Client
PPTP WAN Client
Static IP WAN Client
AAA / Billing
Built-in Authentication
Exclusive Printer Accounting without PC operating
Web-based Login Page Authentication
Web-based Accounting
Flexible Billing Profiles and Price Plan
Flexible Billing Mechanism
Flexible Time Mechanism (Time to Finish and Accumulation)
External DB25 Support (WSG-ACG4)
RADIUS Authentication
Credit Card Support (Authorize.net, *PayPal)
10 Customizable Billing Profile
Remaining Credit Reminder
Accumulation Billing
Account log
*Future feature
Security
Layer 2 Isolation
SSL Login Page
SSL Administration
VPN Pass through (IPSec/PPTP)
Pass through Destination IP/URL
Pass through Source IP/MAC
Restricted Destination Filtering IP/URL
Share LAN Resources
Customize SSL Certificate
DoS Attack Protection
IEEE 802.1x (EAP-MD5, EAP-TLS, CHAP, PEAP)
Management
Supports Multiple Authentication Methods (Local and On-demand, LDAP,
POP3(s), RADIUS, NT Domain)
Wireless Subscriber Gateway
11
Supports Multiple Logins with One Single Account
SSL Protected Login Portal Page
Administrator/Manager/Operator Management Access
Local Account: Max. 500
Supports Guest Accounts: Up to 10
Customize Login/Logout Page
Remote Browser-based Configuration and Management
Policy-based Access Control
IP-based/MAC-based Privilege List
Friendly Notification E-mail
Backup/Restore/Factory Default Setting
Remote Firmware Upgrade
System Information Table
Per-user Traffic History Log
Support External Syslog Server
Billing Report Summary
Bandwidth Control
Session Idle Timer
Session/Account Expiration Control
Secure Remote via PPTP VPN
Supports SNMP V2
SSL Certificate Upload
12
WSG-404 User Guide
2. Installation
The followings are instructions for setting up the WSG-404. Refer to the illustration and follow the
simple steps below to quickly install your WSG-404.
2.1 Installation Requirements
Before installing the WSG-404, make sure your network meets the following requirements.
2.1.1 System Requirements
Cable modem or DSL/ADSL modem.
Network cables: Use standard 10/100Base-TX network (UTP) cables with RJ45 connectors.
Subscriber PC installed with Wireless adapter that complied with 802.11b, or 802.11g.
Workstations of subscribers running Windows 95/98/ME, NT4.0, 2000/XP, MAC OS9 or later,
Linux, UNIX or other platform compatible with TCP/IP protocols.
<Optional> Account generator (Model No.: WSG-ACG4).
2.1.2 ISP Requirements
Verify whether your ISP use fixed or dynamic IP. If it is a fixed IP, be sure to get the IP from your ISP.
For dynamic IP, which is mostly used, the PC will get the IP automatically whenever it hooks up on
the modem.
Dynamic IP
Dynamic IP Setting
Fixed IP
Your fixed IP address for the WSG-404
Your subnet mask for the WSG-404
Your default gateway IP address
Your DNS IP address
PPPoE
Your user name from your ISP
Your password from your ISP
Wireless Subscriber Gateway
13
PPTP
PPTP Server IP Address from your ISP
PPTP Local IP address from your ISP
PPTP Local IP subnet mask from your ISP
Your user name from your ISP
Your password from your ISP
2.1.3 Your PC Requirements
The Static IP settings for the PC
Your PC’s fixed IP address
Your PC’s subnet mask
Your PC’s default gateway IP address
Your PC’s primary DNS IP address
Note:
1. The gateway’s default IP address setting is “LAN1&LAN2: 192.168.2.254, LAN3&LAN4:
192.168.1.254”
2. The gateway’s default subnet mask setting is “255.255.255.0”
The Dynamic IP settings for the PC
We recommend that you leave your IP settings as automatically assigned. By default, the
WSG-404 is a DHCP server, and it will give your PC the necessary IP settings.
Note:
Before turn on the WSG-404, make sure there is no other DHCP server in the LAN network;
otherwise it will influence the whole network operation.
14
WSG-404 User Guide
2.2 Hardware Connection and Installation
2.2.1 Physical Installation
Physical connection of WSG-404
1. Ensure the WSG-404 and the Cable/DSL modem are powered OFF before commencing. Leave
your Cable/DSL modem connected to its wall socket (phone line or cable input).
2. Use Ethernet cables to connect to the LAN1/LAN2 port on the rear panel. Connect the other
end of the Ethernet cable to an AP or Switch. (Note: Authentication is required for the clients to
access the network via LAN1/LAN2 port. The LAN port with authentication function is referred
to as Public LAN).
3. Use Ethernet cables to connect to the LAN3/LAN4 port on the rear panel. Connect the other
end of the Ethernet cable to a PC. (Note: Authentication is NOT required for the clients to
access the network via LAN3/LAN4 port. The LAN port with authentication function is referred
to as Private LAN).
4. Connect your Cable/DSL Modem to the WAN port on the rear panel. Use the cable supplied
with your Cable/DSL modem. If no cable was supplied with your modem, use a standard
network cable. Please make sure the connection is established (LED is on).
5. Connect the Power Adapter. Use only the unit provided.
6. Power ON. The PWR LED should stay on (If your network is connected, the WAN/WLAN/LAN
LED will be on, too).
7. Power on the PC that connected to the WSG-404.
Wireless Subscriber Gateway
15
2.3 Software Configuration
2.3.1 Quick Configuration
There are two ways to configure the system: using Configuration Wizard or change the setting by
demands manually. The Configuration Wizard has 7 steps providing a simple and easy way to guide
you through the setup of PLANET WSG-404. Follow the procedures and instructions given by the
Wizard to enter the required information step by step. After saving and restarting PLANET
WSG-404, it is ready to use. There will be 7 steps as listed below:
1. Change Admin’s Password
2. Choose System’s Time Zone
3. Set System Information
4. Select the Connection Type for WAN Port
5. Set Authentication Methods
6. Set Wireless – Access Point Connection
7. Save and Restart PLANET WSG-404
To access the web management interface, connect the PC and WSG-404 in advance via the Private
Port of WSG-404. Then, launch the web browser and enter the IP address of the gateway for that
port in the address field then pres Enter. Default IP address of the default gateway of the Private
Port is https://192.168.2.254 (Note: https is used for a secured connection).
The administrator login page will appear. Enter default username “admin” & default password
“admin” in the User Name and Password fields. Click Enter to login.
16
WSG-404 User Guide
After successfully logging into WSG-404, a web management interface with a welcome message
will appear.
Click System Configuration to the System Configuration screen and run the Configuration
Wizard to help you complete the configuration.
Wireless Subscriber Gateway
17
Click Run Wizard to begin the Configuration Wizard
After clicking Run Wizard, the Configuration Wizard will appear in a pop-up browser window.
Click “Next” to begin.
Step 1: Change Admin’s Password
Enter a new password for the admin account and retype it in the verify password field (Twenty
characters maximum and no spaces allowed).
Click “Next” to continue.
18
WSG-404 User Guide
Step 2: Choose System’s Time Zone
Select a proper time zone via the drop-down menu.
Click “Next” to continue.
Step 3: Set System Information
Home Page: Enter the URL that users should be initially directed to when successfully
authenticated to the network.
NTP Server: Enter the URL of external time server for WSG-404 time synchronization or use the
default server.
DNS Server: Enter a DNS Server provided by your ISP. Contact the ISP if the DNS IP Address is
unknown.
Click “Next” to continue.
Wireless Subscriber Gateway
19
Step 4: Select the Connection Type for WAN Port
Three are three types of WAN port to select from: Static IP Address, Dynamic IP Address and
PPPoE Client. Select a proper Internet connection type.
Click “Next” to continue.
Step 4(Cont): Set Static IP Address Information
Enter the IP Address, Subnet Mask and Default Gateway as the examples provided by the ISP.
Click “Next” to continue.
20
WSG-404 User Guide
Step 4(Cont): Set PPPoE Client’s Information after selecting PPPoE Client
Enter the Username and Password provided by the ISP.
Click “Next” to continue.
Step 5: Select Authentication Methods
Please specify the policy name for this authentication method. The Postfix field (e.g. Local) will be
used as the postfix name (e.g. username@Local). An authentication method has to be selected
from one of the five options appeared in this window (Local User is selected for this setup example).
Local User is an authentication method that uses the built-in user account database supported by
WSG-404.
Click “Next” to continue.
Wireless Subscriber Gateway
21
Step 5(Cont.): Add User
A new user can be added to the local user data base. To add a user here, enter the Username (e.g.
test), Password (e.g. test) and MAC (optional) and assign a policy to this particular user (or use the
default). Upon completing adding a user, more users can be added to this authentication method by
clicking the ADD bottom.
Click “Next” to continue.
Step 6: Set Wireless Access-Point Connection
SSID: Enter a SSID (Up to 32 characters) for the system. The default is WSG-404. SSID is a unique
identifier used for the wireless users’ devices to associate with WSG-404.
Transmission Mode: WSG-404 supports two transmission modes, 802.11b and 802.11(b+g).
Select the appropriate transmission mode to work with the wireless clients in the network.
Channel: If the default channel used by many other APs, it is necessary to select another channel
form the Channel field for a better performance.
Click “Next” to continue.
22
WSG-404 User Guide
Step 7: Save and Restart WSG-404
Click Restart to save the current settings and restart WSG-404. The Setup Wizard is now
completed.
During PLANET WSG-404 restart, a “Restarting now. Please wait for a moment...” message will
appear on the screen. Please do not interrupt PLANET WSG-404 until the Configuration Wizard
window has disappeared. This indicates that the restart process has completed
Note:
If you wish go back to modify the setting during every steps of the wizard. Please click the Back
button to go back to the previous step.
Wireless Subscriber Gateway
23
2.3.2 External Network Access
If all the steps are set properly, PLANET WSG-404 can be further connected to the managed
network to experience the controlled network access environment. Firstly, connect an end-user
device to the network at PLANET WSG-404’s LAN1/LAN2 and set to obtain an IP address
automatically. After the network address is obtained at the user end, open an Internet browser and
link to any website. Then, the default logon webpage will appear in the Internet browser.
1. First, connect a user-end device to LAN1/LAN2 port of the PLANET WSG-404, and set the
dynamical access network. After the user end obtains the network address, please open an
Internet browser and the default login webpage will appear on the Internet browser.
Key in the username and password created in the local user account or the on-demand user
account in the interface and then click Submit button. Here, we key in the local user account
(e.g. test@Local for the username and test for the password) to connect the network.
2. Login page appearing means PLANET WSG-404 has been installed and configured
successfully. Now, the user can browse the network or surf the Internet.
24
WSG-404 User Guide
3. If the screen shows “Sorry, this feature is available for on-demand user only”, the
“Remaining” button has been clicked. This button is only for on-demand users. For users other
than on-demand users, please click the Submit button.
4. An on-demand user can enter the username and password in the “User Login Page” and
click the Remaining button to view the remaining time the account.
5. When an on-demand user logs in successfully, the following Login Successfully screen will
appear. There is an extra line showing “Remaining usage” and a “Redeem” button.
Wireless Subscriber Gateway
25
Remaining usage: Show the rest of use time that the on-demand user can surf Internet.
Redeem: When the remaining time or data size is insufficient, the user has to pay for adding
credit at the counter, and then, the user will get a new username and password. After
clicking the Redeem button, a login screen will appear. Please enter the new
username and password obtained and click Redeem button. The total available use
time and data size after adding credit will show up.
Note:
The system will automatically reject the redeem process when the redeem amount exceeds the
maximum time/data volume provided by PLANET WSG-404.
26
WSG-404 User Guide
3. Web Interface Configuration
This chapter will guide you through further detailed settings. The following table shows all the
functions of PLANET WSG-404.
OPTION
FUNCTION
System
Configuration
User
Authentication
Network
Configuration
Utilities
Status
Configuration
Wizard
Authentication
Configuration
Network
Address
Translation
Change
Password
System
Status
System
Information
Black List
Configuration
Privilege
List
Backup/Restore
Settings
Interface
Status
WAN
Configuration
Policy
Configuration
Monitor IP
List
Firmware
Upgrade
Current
Users
LAN1 & LAN2
Configuration
Guest User
Configuration
Walled Garden
List
Restart
Traffic
History
LAN3 & LAN4
Configuration
Additional
Configuration
Proxy Server
Properties
Wireless
Configuration
Wireless Subscriber Gateway
Notify
Configuration
Dynamic DNS
27
3.1 System Configuration
This section includes the following functions:
Configuration Wizard, System Information, WAN Configuration, LAN1 & LAN2 Configuration,
LAN3 & LAN4 Configuration and Wireless Configuration.
3.1.1 Configuration Wizard
There are two ways to configure the system: using Configuration Wizard or change the setting by
demands manually. The Configuration Wizard has 7 steps providing a simple and easy way to go
through the basic setups of PLANET WSG-404 and is served as Quick Configuration. Please
refer to 2.3.1 Quick Configuration for the introduction and description of Configuration Wizard.
28
WSG-404 User Guide
3.1.2 System Information
These are some main information about PLANET WSG-404. Please refer to the following
description for these blanks:
System Name: Set the system’s name or use the default.
Administrator Info: Enter the Administrator’s information here, such as administrator’s name,
telephone number, e-mail address, etc. If users encountered problems in the connection of the
WAN port to the system, this information will appear on the user’s login screen.
Home Page: Enter the website of a Web Server to be the homepage. When users log in
successfully, they will be directed to the homepage set, such as http://www.yahoo.com.
Regardless of the original webpage set in the users’ computers, they will be redirect to this page
after login.
Access History IP: Specify an IP address of the administrator’s computer or a billing system to
get billing history information of PLANET WSG-404.
An example is provided as follows and
“10.2.3.213” is the WAN IP of PLANET WSG-404.
Wireless Subscriber Gateway
29
Traffic History https://10.2.3.213/status/history/2005-02-17
В On-demand History https://10.2.3.213/status/ondemand_history/2005-02-17
В Remote Manage IP: Set the IP block with a system which is able to connect to the web
management interface via the authenticated port. For example, 10.2.3.0/24 means that as long
as you are within the IP address range of 10.2.3.0/24, you can reach the administration page of
PLANET WSG-404.
SNMP: PLANET WSG-404 supports SNMPv2. If the function is enabled, administrators can
assign the Manager IP address and the SNMP community name used to access the
management information base (MIB) of the system.
User logon SSL: Enable to activate https (encryption) or disable to activate http (non encryption)
login page.
Time: PLANET WSG-404 supports NTP communication protocol to synchronize the network
time. Please specify the IP address of a server in the system configuration interface for
adjusting the time automatically. (Universal Time is Greenwich Mean Time, GMT). Time can be
set manually by selecting “Set Device Date and Time”. Please enter the date and time for
these fields.
30
WSG-404 User Guide
3.1.3 WAN Configuration
There are 4 methods of obtaining IP address for the WAN Port: Static IP Address, Dynamic IP
Address, PPPoE and PPTP Client.
Static IP Address: Manually specifying the IP address of the WAN Port is applicable for the
network environment where the DHCP service is unavailable. The fields with red asterisks are
required to be filled in.
IP address: the IP address of the WAN port.
Subnet mask: the subnet mask of the WAN port.
Default gateway: the gateway of the WAN port.
Preferred DNS Server: the primary DNS Server of the WAN port.
Alternate DNS Server: The substitute DNS Server of the WAN port. This is not required.
Dynamic IP address: It is only applicable for the network environment where the DHCP Server
is available in the network. Click the Renew button to get an IP address.
Wireless Subscriber Gateway
31
PPPoE Client: When selecting PPPoE to connect to the network, please set the “User Name”,
“Password”, “MTU” and “CLAMPMSS”. There is a Dial on demand function under PPPoE. If
this function is enabled, a Maximum Idle Time can be set. When the idle time is reached, the
system will automatically disconnect itself.
PPTP Client: Select STATIC to specify the IP address of the PPTP Client manually or select
DHCP to get the IP address automatically. The fields with red asterisks are required to be filled
in. There is a Dial on demand function under PPPoE. If this function is enabled, a Maximum
Idle Time can be set. When the idle time is reached, the system will automatically disconnect
itself.
32
WSG-404 User Guide
3.1.4 LAN1 & LAN2 Configuration
User authentication for the two LAN ports can be enabled or disabled.
LAN1 & LAN2 Port
IP PNP: Users can use static IP address to connect to the system. Regardless of what the IP
address at the user end is, users can still be authenticated through PLANET WSG-404 and
access the network.
Wireless Subscriber Gateway
33
User Authentication: Choose to enable or disable this function. If “User Authentication” is
disabled, users can access Internet without being authenticated.
Operation Mode: Choose one of the two modes, NAT mode and Router mode, by the
requirements.
IP Address: Enter the desired IP address for the LAN1 & LAN2 port.
Subnet Mask: Enter the desired subnet mask for the LAN1 & LAN2 port.
DHCP Server Configuration
There are three methods to set the DHCP server: Disable DHCP Server, Enable DHCP Server
and Enable DHCP Relay.
1. Disable DHCP Server: Disable DHCP Server function.
2. Enable DHCP Server: Choose “Enable DHCP Sever” function and set the appropriate
configuration for the DHCP server. The fields with red asterisks are required to be filled in.
DHCP Scope: Enter the “Start IP Address” and the “End IP Address” of this DHCP block.
These fields define the IP address range that will be assigned to the Public LAN clients.
Preferred DNS Server: The primary DNS server for the DHCP.
Alternate DNS Server: The substitute DNS server for the DHCP.
Domain Name: Enter the domain name.
WINS IP Address: Enter the IP address of WINS
Lease Time: Choose the time to change the DHCP.
34
WSG-404 User Guide
Reserved IP Address List: For reserved IP address settings in detail, please click the
hyperlink of Reserved IP Address. If using the Reserved IP Address List function for IP
address outside the DHCP range is desired, click on the Reserved IP Address List on the
management interface. Then, the setup of the Reserved IP Address List as shown in the
following figure will appear. Enter the related Reserved IP Address, MAC, and some
description (not mandatory). Click Apply to complete the setup.
3. Enable DHCP Relay: If enabling this function is desired, other DHCP Server IP address
must be specified. See the following figure.
Wireless Subscriber Gateway
35
3.1.5 LAN3 & LAN4 Configuration
In this section, set the related configuration for LAN3/LAN4 port and DHCP server.
LAN3 & LAN4 Port
Operation Mode: Choose one of the two modes, NAT mode and Router mode, by the
requirements.
IP Address: Enter the desired IP address for the LAN3 & LAN4 port.
Subnet Mask: Enter the desired subnet mask for the LAN3 & LAN4 port.
36
WSG-404 User Guide
DHCP Server Configuration
There are three methods to set the DHCP server: Disable DHCP Server, Enable DHCP Server
and Enable DHCP Relay.
1. Disable DHCP Server: Disable DHCP Server function.
2. Enable DHCP Server: Choose “Enable DHCP Sever” function and set the appropriate
configuration for the DHCP server. The fields with red asterisks are required to be filled in.
DHCP Scope: Enter the “Start IP Address” and the “End IP Address” of this DHCP block.
These fields define the IP address range that will be assigned to the Private LAN clients.
Preferred DNS Server: The primary DNS server for the DHCP.
Alternate DNS Server: The substitute DNS server for the DHCP.
Domain Name: Enter the domain name.
WINS IP Address: Enter the IP address of WINS.
Lease Time: Choose the time to update the DHCP.
Reserved IP Address List: For reserved IP address settings in detail, please click the
hyperlink of Reserved IP Address. If using the Reserved IP Address List function for IP
address outside the DHCP range is desired, click the Reserved IP Address List on the
management interface. The setup of the Reserved IP Address List as shown in the following
figure will appear. Enter the related Reserved IP Address, MAC, and some description (not
mandatory). Click Apply to complete the setup.
Wireless Subscriber Gateway
37
3. Enable DHCP Relay: If enabling this function is desired, other DHCP Server IP address
must be specified. See the following figure.
38
WSG-404 User Guide
3.1.6 Wireless Configuration
This section is for setting related configurations for the wireless port.
Wireless Subscriber Gateway
39
Basic Configuration
SSID: The SSID is the unique name shared among all devices in a wireless network. The SSID
must be the same for all devices in the wireless network. It is case sensitive, must not exceed 32
characters and may be any character on the keyboard. Administrators can give a new name in
this field or use the default name.
Sync to Ticket: Synchronize the SSID of ticket with this system.
Channel: Select the appropriate channel from the list to correspond to the network settings; for
example, 1 to 11 channels are suitable for the North America area. All points in the wireless
network must use the same channel in order to make sure correct connection.
Transmission Mode: There are 2 modes to select from, 802.11b (2.4G, 1~11Mbps) and 802.11
(b+g) (2.4G, 1~11Mbps and 2.4G, 54Mbps).
SSID Broadcast: Select to enable the SSID broadcast in the network. When configuring the
network, this function may be enabled but should be disabled when configuration is finished.
Since when SSID Broadcast is enabled, someone could easily obtain the SSID information with
the site survey software and get unauthorized access to the network.
Layer2 Client Isolation: This function can be enabled to isolate any client from each other.
Security: For security settings in detail, please click the hyperlink Security to go into the
Security page. Choose “Enable” to configure the setting.
40
WSG-404 User Guide
1. WEP Key: Wired Equivalent Privacy. If using this function is desired, please choose
“Enable”.
2. WEP Key Encryption: This is a data privacy mechanism based on a 64-bit or 128-bits
shared key algorithm.
3. Mode: There are two types of encryption, HEX and ASCII. After selecting one of them,
please enter the related information in the blanks below.
Advance: For advance settings in detail, please click the hyperlink Advance to go into the
Advance page.
1. Authentication Type: The default value is Auto. When “Auto” is selected, it will
auto-detect to authenticate by Shared Key type or Open System type. Shared Key is used
such that both the sender and the recipient share a WEP key for authentication. Open Key
is that the sender and the recipient do not share a WEP key for authentication. All points on
the network must use the same authentication type.
2. Transmission Rates: The default value is Auto. The range is from 1 to 54Mbps. The rate of
data transmission should be set depending on the speed of this particular wireless network.
Select from a range of transmission speeds or keep the default setting, Auto, to make the
Access Point use the fastest possible data rate automatically.
Wireless Subscriber Gateway
41
3. CTS Protection Mode: The default value is Disable. When enabled, a protection
mechanism will ensure that the 802.11b devices can connect to Access Point and not be
affected by many other 802.11g devices existing at the same time. However, the
performance of this 802.11g devices may decrease.
4. Basic Rate: The basic rate offers three options, All, Set1 and Set2 and the default value is
Set1. Depending on the wireless mode selected, PLANET WSG-404 will deliver a
pre-defined data rate. Select “All” to activate all transmission rates to be compatible with
the majority of the devices.
5. Beacon Interval: Enter a value between 20 and 1000 msec. The default value is 100
milliseconds. The entered time means how often the signal transmission occurs between the
access point and the wireless network.
6. RTS Threshold: Ready To Send threshold. The range is from 256 to 2346 and the default is
OFF. The administrator could set the value which is the time to wait before sending another
packet. It is recommended that the value remains in the range of 256 to 2346.
7. Fragmentation Threshold: The range is from 256 to 2346 and the default is OFF. The
value specifies the maximum size of packet allowed before data is fragmented into multiple
packets. It should be remained in the range of 256 to 2346. A smaller value results smaller
packets but with a larger numbers of packets in transmission.
8. DTIM Interval: This function indicates the interval of the Delivery Traffic Indication Message
(DTIM). DTIM is a countdown function to inform clients to listen to broadcast and multicast
messages. When an Access Point has buffered broadcast or multicast message from an
associated client, it sends the next DTIM at this interval rate (from 1~255), the client will hear
the beacons.
Wireless Port
IP PNP: Use any IP address to connect to the system. Regardless of what the IP address at the
users end is, they can still be authenticated through PLANET WSG-404 and access the
network.
User Authentication: If “User Authentication” is disabled, “Specific Route Profile” needs to
be specified for the users to access Internet.
Operation Mode: Choose one of the two modes, NAT mode and Router mode, by the
requirements.
IP Address: Enter desired IP address for the wireless port.
42
WSG-404 User Guide
Subnet Mask: Enter desired subnet mask for the wireless port.
DHCP Server Configuration
There are three methods to set the DHCP server: Disable DHCP Server, Enable DHCP Server
and Enable DHCP Relay.
1. Disable DHCP Server: Disable the DHCP Server function.
2. Enable DHCP Server: Choose “Enable DHCP Sever” function and set the appropriate
configuration for the DHCP server. The fields with red asterisks are required to be filled in.
DHCP Scope: Enter the “Start IP Address” and the “End IP Address” of this DHCP block.
These fields define the IP address range that will be assigned to the Wireless LAN clients.
Preferred DNS Server: The primary DNS server for the DHCP.
Alternate DNS Server: The substitute DNS server for the DHCP.
Domain Name: Enter the domain name.
WINS IP Address: Enter the IP address of WINS.
Lease Time: Choose the time to change the DHCP.
Wireless Subscriber Gateway
43
Reserved IP Address List: For reserved IP address settings in detail, please click the
hyperlink of Reserved IP Address. If using the Reserved IP Address List function for IP
address outside the DHCP range is desired, click on the Reserved IP Address List on the
management interface. The setup of the Reserved IP Address List as shown in the following
figure will appear. Enter the related Reserved IP Address, MAC, and some description (not
mandatory). Click Apply to complete the setup.
3. Enable DHCP Relay: If enabling this function is desired, other DHCP Server IP address
must be specified. See the following figure.
WDS configuration
This function can extend the range of accessing the network. It has to work with a repeater. A
repeater is a peripheral device supporting PLANET WSG-404 to extend the wireless access by
receiving requests from APs or clients and passing the requests to PLANET WSG-404 to obtain
authentication.
When “Enable” is clicked, there will be a warning box showing up.
44
WSG-404 User Guide
If this function is enabled, please enter the MAC address of repeater in the blanks. A maximum
of three repeaters are supported.
3.2 User Authentication
This section includes the following functions: Authentication Configuration, Black List
Configuration, Policy Configuration, Guest User Configuration and Additional Configuration.
3.2.1 Authentication Configuration
This function is to configure the settings for 802.1x authentication, authentication server, and
on-demand user authentication.
Wireless Subscriber Gateway
45
802.1x Authentication Configuration
There are two kinds of 802.1x authentication methods and one encryption mechanism: 802.1x,
WPA w/ 802.1x and WPA-PSK. Click the hyperlink 802.1x Authentication Configuration to
set the related configurations. After completing and clicking Apply to save the settings, go back
to the previous page to check the item box next to 802.1x Authentication Configuration to
enable this function. When using 802.1x authentications, the RADIUS attributes such as idle
timeout or session timeout have no effect.
1. 802.1x: Enable the 802.1x authentication method. The fields with red asterisks are required
to be filled in.
46
WSG-404 User Guide
Authentication Server IP: The IP address or domain name of the Authentication server.
Authentication Port: The port of the authentication server. The default value is 1812.
Secret Key: The secret key of the authentication sever for encryption and decryption.
Accounting Server IP: The IP address or domain name of the accounting server.
Account Port: The port of the accounting server. The default value is 1813.
Secret Key: The secret key of the accounting sever for encryption and decryption.
Accounting Service: Enable or disable accounting service.
Policy: There are three policies to select from.
2. WPA x/802.1x: Enable the supported WPA-Enterprise, Wireless Protection Access with
802.1x.
Authentication Server IP: The IP address or domain name of the Authentication server.
Authentication Port: The port of the authentication server. The default value is 1812.
Secret Key: The secret key of the authentication sever for encryption and decryption.
Accounting Server IP: The IP address or domain name of the accounting server.
Account Port: The port of the accounting server. The default value is 1813.
Secret Key: The secret key of the accounting sever for encryption and decryption.
Accounting Service: Enable or disable accounting service.
Policy: There are three policies to select from.
Group Re-key Time: Time interval for re-keying broadcast/multicast keys in seconds. The
maximum is 6000 sec.
Wireless Subscriber Gateway
47
3. WPA-PSK: Wireless Protection Access-PreShared Key, a kind of encryption mechanism
supporting WPA-SOHO. When using WPA-PSK, there is no user authentication required.
Group Re-key Time: Time interval for re-keying broadcast/multicast keys in seconds. The
maximum is 6000 sec.
PSK: The Pre-Shared Key uses 64 hexadecimal.
Passphrase: A kind of password using 8 to 63 ASCII characters.
Note:
After clicking Apply, there will be a restart message. You must click Restart to apply the settings.
Authentication Server Configuration
The system provides 3 servers and one on-demand server that the administrator can apply with
different policy. Click on the server name to set the related configurations for that particular
server. After completing and clicking Apply to save the settings, go back to the previous page to
choose a server to be the default server and enable or disable any server on the list. Users can
log into the default server without the postfix to allow faster login process.
48
WSG-404 User Guide
Server 1~3: There are 5 kinds of authentication methods, Local User, POP3, RADIUS,
LDAP and NTDomain to setup from.
Server Name: Set a name for the server using numbers (0 to 9), alphabets (a to z or A to Z),
dash (-), underline (_) and dot (.) with a maximum of 40 characters, all other letters are not
allowed.
Sever Status: The status shows that the server is enabled or disabled.
Postfix: Set a postfix that is easy to distinguish (e.g. Local) for the server using numbers (0
to 9), alphabets (a to z or A to Z), dash (-), underline (_) and dot (.) with a maximum of 40
characters, all other letters are not allowed.
Note:
The Policy Name cannot contain these words: MAC and IP.
Black List: There are 5 sets of the black lists. Select one of them or choose “None”. Please
refer to 4.2.2 Black List Configuration.
Authentication Methods: There are 5 authentication methods, Local, POP3, RADIUS,
LDAP and NT Domain to configure from. Select the desired method and click the link
besides the pull-down menu for more advanced configuration. For more details, please refer
to 4.2.1.1~5 Authentication Method.
Note:
Enabling two or more servers of the same authentication method is not allowed.
Policy: There are 3 policies to choose from to apply to this particular server.
Wireless Subscriber Gateway
49
1. On-demand User: This is for the customer’s need in a store environment. When the
customers need to use wireless Internet in the store, they have to get a printed receipt with
username and password from the store to log in the system for wireless access. There are
2000 On-demand User accounts available.
Server Status: The status shows that the server is enabled or disabled.
Postfix: Set a postfix that is easy to distinguish (e.g. Local) for the server using numbers (0
to 9), alphabets (a to z or A to Z), dash (-), underline (_) and dot (.) with a maximum of 40
characters, all other letters are not allowed.
Receipt Header: There are two fields, Receipt Header 1 and Receipt Header 2, for the
receipt’s header. Enter receipt header message or use the default.
Receipt Footer: Enter receipt footer message here or use the default.
Printer Baud Rate: Select the desired transmission baud rate. The default value is 9600.
Monetary Unit: Select the desired monetary unit.
Policy Name: Select a policy for the on-demand user.
WLAN ESSID: Enter the ESSID of the AP. Administrators can supply a new name or use the
default name.
Wireless Key: Enter the Wireless key of the AP such as WEP or WPA.
Remark: Enter any additional information that will appear at the bottom of the receipt.
Billing Notice Interval: While the on-demand user is still logged in, the system will update
the billing notice of the login successful page by the time interval defined here.
Twin Ticket: Enable this function to print duplicate receipts.
50
WSG-404 User Guide
Users List: Click to enter the On-demand Users List page. In the On-demand Users List,
detailed information will be documented here. By default, the On-demand user database is
empty.
Upload User: Click this to enter the Upload User interface. Click the Browse button to
select the text file for the user account upload. Then click Submit to complete the
upload process.
Wireless Subscriber Gateway
51
The uploading file should be a text file and the format of each line is " ID (Username),
Password, Type, Status, Available Data transfer or Session length, Activation
deadline (Date), Expired Date, Validity duration, Plan, Price, Total Data transfer or
Session length when bought, Generated Date, First Login Date, Last Logout Date,
Logout Cause” without the quotes. The separator between two columns in a line is a
comma. When uploading a file, any format error or duplicated username will terminate
the uploading process and no account will be uploaded. Please correct the format in the
uploading file or delete the duplicated user account in the database, then try again. The
unit of data transfer is byte. The unit of session length is second. ID (Username) and
Password must be given in upper case.
Example1: For Session Length type
The Type must be written as TIME, Set Status must be set as 0. Set Session Length in
seconds. Activation Deadline must be in the format of yyyy/mm/dd hh:mm:ss. Set
Validity Duration as 1, and give a Plan that’s already been generated and enabled
from Billing Configuration page. Provide a price in any monetary unit defined in
On-demand User Server Configuration page. Finally, set Session Length when
bought the same as Session Length. Leave other fields blank.
Example2: For Total Data Transfer type
The Type must be written as DATA, Set Status must be set as 0. Set Total Data
Transfer in bytes. Activation Deadline must be in the format of yyyy/mm/dd hh:mm:ss.
Set Validity Duration as 1, and give a Plan that’s already been generated and enabled
from Billing Configuration page. Provide a price in any monetary unit defined in
On-demand User Server Configuration page. Finally, set Total Data Transfer when
bought the same as Session Length. Leave other fields blank.
52
WSG-404 User Guide
Download User: Click this to create a .txt file and then save it on disk.
Search: Enter a keyword of a username that needs to be searched in the text field and
click this button to perform the search. All usernames matching the keyword will be
listed.
Username: The login name of the on-demand user.
Password: The login password of the on-demand user.
Remaining Time/Volume: The total time/Volume that the user can use currently.
Status: The status of the account. Normal indicates that the account is not in-use and
not overdue. Online indicates that the account is in-use and not overdue. Expire
indicates that the account is overdue and cannot be used.
Expiration Time: The expiration time of the account.
Del All: This will delete all the users at once.
Delete: This will delete the users individually.
Wireless Subscriber Gateway
53
Billing Configuration: Click this to enter the Billing Configuration page. In the Billing
Configuration screen, Administrator may configure up to 10 billing plans.
Status: Select to enable or disable this billing plan.
Type: Set the billing plan by “Data” (the maximum volume allowed is 9,999,999 Mbyte)
or “Time” (the maximum days allowed is 999 days).
Expiration time: This is the duration of time that the account has to be activated after
generation of the account. If the account is not activated during this duration the
account will self-expire
Valid Duration: This is the duration of time that the user can use the Internet after
activation of the account. After this duration, the account will self-expires.
Price: The price charged for this billing plan.
54
WSG-404 User Guide
Create On-demand User: Click this to enter the On-demand User Generate page.
Pressing the Create button for the desired rule, an On-demand user will be created, then
click Printout to print a receipt that will contain this on-demand user’s information.
Wireless Subscriber Gateway
55
Billing Report: Click this to enter the On-demand Summary report page. In On-demand
users Summary report page, Administrator can get a complete report or a report of a
particular period.
Report All: Click this to get a complete report including all the on-demand records. This
report shows the total expenses and individual accounting of each plan for all plans
available.
56
WSG-404 User Guide
Search: Select a time period to get a period report. The report tells the total expenses
and individual accounting of each plan for all plans available for that period of time.
Wireless Subscriber Gateway
57
Credit Card: Click this to enter the Credit Card Configuration page. This section is about
how independent HotSpot owners can enable the credit card billing function, making the
HotSpot an e-commerce environment for end users to pay for and get Internet access using
their credit cards. Before the “Credit Card” and related functions can be managed
appropriately, PLANET WSG-404 requires the merchant owners to have a valid
Authorize.Net (www.authorize.net) account, since Authorize.Net is the on-line payment
gateway that PLANET WSG-404 supports now. Please see Appendix B. The
Configuration on Authorize.Net to setup an Aurthourize.Net account and other necessary
information.
Note:
A payment gateway “Paypal” will be supported in the future.
58
WSG-404 User Guide
After getting an Authorize.Net account, set the following configuration in Credit Card
Configuration of PLANET WSG-404.
Credit Card General Configuration
Credit Card Payment: Click Enable to turn on this function or click Disable to turn off
this function.
Credit Card Payment Page Configuration
Merchant ID: The merchant ID is similar to a username and is used by the Payment
Gateway to authenticate transactions.
Merchant Transaction Key: The merchant transaction key is similar to a password and
is used by the Payment Gateway to authenticate transactions.
Payment Gateway URL: The Payment Gateway verifies the URL specified in the post
string against the URLs in this field.
Verify SSL Certificate: Secure Sockets Layer, a protocol developed by Netscape for
transmitting private documents via the Internet. SSL uses a cryptographic system that
uses two keys to encrypt data в€’ a public key known to everyone and a private or secret
key known only to the recipient of the message. Both Netscape Navigator and Internet
Explorer support SSL, and many Web sites use the protocol to obtain confidential user
information, such as credit card numbers. By convention, URLs that require an SSL
connection start with https: instead of http:.
Test Mode: It is possible to submit a test transaction to the payment gateway.
Transactions that are submitted while Test Mode is enabled are NOT actually
processed. The example as follows:
Wireless Subscriber Gateway
59
Click Submit to send out this transaction. There will be a confirm dialog box showing up.
Check the data again and the click OK to go on the transaction or click Cancel to revise
the data or cancel this transaction.
60
WSG-404 User Guide
After clicking OK, there will be another dialog box showing up to confirm this transaction
again. Click OK to complete the process or click Cancel to revise the data or cancel this
transaction.
Click OK to complete the transaction and a welcome screen will show up.
Wireless Subscriber Gateway
61
Click Start Internet Access to begin to use the Internet.
MD5 Hash: If transaction responses need to be encrypted by the Payment Gateway,
enter and confirm a MD5 Hash Value and select a reactive mode. The MD5 Hash
security feature enables merchants to verify that the results of a transaction, or
transaction response, received by their server were actually sent from the Payment
Gateway.
62
WSG-404 User Guide
Service Disclaimer Content
View service agreements and fees for the standard payment gateway services here as
well as adding new or editing services disclaimer.
Credit Card Payment Page Billing Configuration
These 10 plans are the plans in Billing Configuration, and desired plan can be
enabled.
Client’s Purchasing Record
Invoice Number: An invoice number may be provided as additional information against
a transaction. This is a reference field that may contain any format of information.
Description: Narrative text entered by a user to describe the nature of a transaction.
Email Header: Enter the information that should appear in the header of the invoice.
Wireless Subscriber Gateway
63
Credit Card Payment Page Fields Configuration
Display: Check the box to show this item on the customer’s payment interface.
Displayed Text: Enter what needs to be shown for this field.
Mandatory: Check the box to indicate this item as a required field.
Credit Card Number: Credit card number of the customer. The Payment Gateway will
only accept card numbers that correspond to the listed card types.
Credit Card Expiration Date: Month and year expiration date of the credit card. This
should be entered in the format of MMYY. For example, an expiration date of July 2005
should be entered as 0705.
Card Type: This value indicates the level of match between the Card Code entered on
a transaction and the value that is on file with a customer’s credit card company. A code
and narrative description are provided indicating the results returned by the processor.
Card Code: The three- or four-digit code assigned to a customer’s credit card number
(found either on the front of the card at the end of the credit card number or on the back
of the card).
Email: An email address may be provided along with the billing information of a
transaction. This is the customer’s email address and should contain an @ symbol.
64
WSG-404 User Guide
Customer ID: This is an internal identifier for a customer that may be associated with
the billing information of a transaction. This field may contain any format of information.
First Name: The first name of a customer associated with the billing or shipping
address of a transaction. In the case when John Doe places an order, enter John in the
First Name field indicating this customer’s name.
Last Name: The last name of a customer associated with the billing or shipping
address of a transaction. In the case when John Doe places an order, enter Doe in the
Last Name field indicating this customer’s name.
Company: The name of the company associated with the billing or shipping information
entered on a given transaction.
Address: The address entered either in the billing or shipping information of a given
transaction.
City: The city is associated with either the billing address or shipping address of a
transaction.
State: A state is associated with both the billing and shipping address of a transaction.
This may be entered as either a two-character abbreviation or the full text name of the
state.
Zip: The ZIP code represents the five or nine digit postal code associated with the
billing or shipping address of a transaction. This may be entered as five digits, nine
digits, or five digits and four digits.
Country: The country is associated with both the billing and shipping address of a
transaction. This may be entered as either an abbreviation or full value.
Phone: A phone number is associated with both a billing and shipping address of a
transaction. Phone number information may be entered as all number or it may include
parentheses or dashes to separate the area code and number.
Fax: A fax number may be associated with the billing information of a transaction. This
number may be entered as all number or contain parentheses and dashes to separate
the area code and number.
Credit Card Payment Page Remark Content
Enter additional details for the transaction such as Tax, Freight and Duty Amounts, Tax
Exempt status, and a Purchase Order Number, if applicable.
Wireless Subscriber Gateway
65
3.2.1.1 Authentication Method - Local User Setting
Choose “Local User” in the Authentication Method field, the hyperlink besides the pull-down
menu will become “Local User Setting”.
Click the hyperlink for further configuration.
Edit Local User List: Click this to enter the “Local User List” screen.
Add User: Click the hyperlink of Add User to enter the Add User interface.
Fill in the
necessary information such as “Username”, “Password”, “MAC” (optional) and “Remark”
(optional). Then, select a desired Policy and click Apply to complete adding the user or users.
66
WSG-404 User Guide
Input the users and enter the necessary information.
Wireless Subscriber Gateway
67
After inputting the users and all the information desired, click Apply.
Upload User: Click this to enter the Upload User interface. Click the Browse button to select
the text file for the user account upload. Then click Submit to complete the upload process.
The uploading file should be a text file and the format of each line is "ID, Password, MAC,
Policy, Remark" without the quotes. There must be no spaces between the fields and commas.
The MAC field could be omitted but the trailing comma must be retained. When adding user
accounts by uploading a file, the existing accounts in the embedded database will not be
replaced by new ones.
68
WSG-404 User Guide
Download User: Click this to enter the Users List page and the system will directly show a list
of all created user accounts. Click Download to create a .txt file and then save it on disk.
Wireless Subscriber Gateway
69
Refresh: Click this to renew the user list.
Search: Enter a keyword of a username to be searched in the text field and click this button to
perform the search. All usernames matching the keyword will be listed.
Del All: This will delete all the users at once.
Delete: This will delete the users individually.
Edit User: If editing the content of individual user account is desired, click the username of the
desired user account to enter the Edit User Interface for that particular user, and then modify or
add any desired information such as “Username”, “Password”, “MAC” (optional) and
“Remark” (optional). Then, click Apply to complete the modification.
70
WSG-404 User Guide
3.2.1.2 Authentication Method - POP3
Choose “POP3” in the Authentication Method field, the hyperlink beside the pull-down menu will
become “POP3 Setting”.
Click the hyperlink for further configuration. Enter the related information for the primary server
and/or the secondary server (the secondary server is not required). The blanks with red star are
necessary information. These settings will become effective immediately after clicking the Apply
button.
Wireless Subscriber Gateway
71
Server IP: Enter the IP address/domain name given by the ISP.
Port: Enter the Port given by the ISP. The default value is 100.
Enable SSL Connection: If this option is enabled, the POP3 protocol will perform the
authentication.
3.2.1.3 Authentication Method - RADIUS
Choose “Radius” in the Authentication Method field, the hyperlink beside the pull-down menu will
become “Radius Setting”.
72
WSG-404 User Guide
Click the hyperlink for further configuration. The Radius server sets the external authentication for
user accounts. Enter the related information for the primary server and/or the secondary server (the
secondary server is not required). The blanks with red star are necessary information. These
settings will become effective immediately after clicking the Apply button.
802.1X Authentication: Enable this function and the hyperlink of Radius Client List will appear.
Click the hyperlink to get into the Radius Client Configuration list for further configuration. In the
Radius Client Configuration table, the clients, which are using 802.1X as the authentication
method, shall be put into this table. PLANET WSG-404 will forward the authentication request
from these clients to the configured Radius Servers.
Wireless Subscriber Gateway
73
Trans Full Name: When enabled, the ID and postfix will be transferred to the RADIUS server for
authentication. When disabled, only the ID will be transferred to RADIUS server for
authentication.
NASID: Enter the NASID of the PLANET WSG-404 for the external RADIUS authentication
server.
Server IP: Enter the IP address/domain name of the RADIUS server.
Authentication Port: Enter the authentication port of the RADIUS server and the default value
is 1812.
Accounting Port: Enter the accounting port of the RADIUS server and the default value is
1813.
Secret Key: Enter the key for encryption and decryption.
Accounting Service: Select this to enable or disable the “Accounting Service” for accounting
capabilities.
Authentication Protocol: There are two methods, CHAP and PAP for selection.
3.2.1.4 Authentication Method - LDAP
Choose “LDAP” in the Authentication Method field, the hyperlink beside the pull-down menu will
become “LDAP Setting”.
74
WSG-404 User Guide
Click the hyperlink for further configuration. Enter the related information for the primary server
and/or the secondary server (the secondary server is not required). The blanks with red star are
necessary information. These settings will become effective immediately after clicking the Apply
button.
Server IP: Enter the IP address or domain name of the LDAP server.
Port: Enter the Port of the LDAP server, and the default value is 389.
Base DN: Enter the distinguished name of the LDAP server.
Account Attribute: Enter the account attribute of the LDAP server.
3.2.1.5 Authentication Method - NTDomain
Choose “NTDomain” in the Authentication Method field, the hyperlink beside the pull-down menu
will become “NTDomain Setting”.
Wireless Subscriber Gateway
75
Click the hyperlink for further configuration. Enter the server IP address and enable/disable the
transparent login function. These settings will become effective immediately after clicking the Apply
button.
Server IP address: Enter the server IP address of the domain controller.
Transparent Login: If the function is enabled, users will log into PLANET WSG-404
automatically when they log into the Windows domain.
3.2.2 Black List Configuration
The administrator can add, delete, or edit the black list for user access control. Each black list can
include 40 users at most. If a user in the black list wants to log into the system, the user’s access
will be denied. The administrator can use the pull-down menu to select the desired black list.
Select Black List: There are 5 lists to select from for the desired black list.
Name: Set the black list name and it will show on the pull-down menu above.
Add User to List: Click the hyperlink to add users to the selected black list.
76
WSG-404 User Guide
After entering the usernames in the “Username” blanks and the related information in the
“Remark” blank (not required).
Click Apply to add the users.
Wireless Subscriber Gateway
77
If removing a user from the black list is desired, select the user’s “Delete” check box and then
click the Delete button to remove that user from the black list.
3.2.3 Policy Configuration
Every Policy has three profiles, Firewall Profile, Specific Route Profile, and Schedule Profile as
well as one Bandwidth setting for that policy.
78
WSG-404 User Guide
Firewall Profile
Click the hyperlink of Setting for Firewall Profile, the Firewall Profiles list will appear. Click the
numbers of Filter Rule Item to edit individual rules and click Apply to save the settings. The
rule status will show on the list. Check “Active” to enable that rule.
Rule Item: This is the rule selected.
Rule Name: The rule name can be changed here.
Enable this Rule: After checking this function, the rule will be enabled.
Action: There are two options, Block and Pass. Block is to prevent packets from passing and
Pass is to permit packets passing.
Protocol: There are three protocols to select, TCP, UDP and ICMP, or choose ALL to use all
three protocols.
Wireless Subscriber Gateway
79
Source MAC Address: The MAC address of the source IP address. This is for specific MAC
address filter.
Source/Destination Interface: There are five interfaces to choose, ALL, WAN, Wireless,
Public LAN (LAN1/LAN2) and Private LAN (LAN3/LAN4).
Source/Destination IP: Enter the source and destination IP addresses.
Source/Destination Subnet Mask: Enter the source and destination subnet masks.
Source/Destination Start/End Port: Enter the range of source and destination ports.
Specific Route Profile
Click the hyperlink of Setting for Specific Route Profile, the Specific Route Profile list will
appear.
Profile Name: The profile name can be changed here.
IP Address: The destination IP address of the host or the network.
Subnet Netmask: Select a destination subnet netmask of the host or the network.
IP Address: The IP address of the next router to the destination.
Default: Check this option to apply the default value.
80
WSG-404 User Guide
Schedule Profile
Click the hyperlink of Setting for Schedule Profile to enter the Schedule Profile list. Select
“Enable” to show the list. This function is used to restrict the time the users can log in. Please
enable/disable the desired time slot and click Apply to save the settings. These settings will
become effective immediately after clicking the Apply button.
Bandwidth
Choose one bandwidth limit for that particular policy.
Wireless Subscriber Gateway
81
3.2.4 Guest User Configuration
This function can permit guests to log into the system. Select “Enable Guest User” and click
Apply to save the settings.
Guest User List: PLANET WSG-404 offers 10 guest users for log in. To activate a guest user,
just enter the password in the corresponding “Password” text field for that guest account.
Guest accounts with blank password will not be activated.
Policy: Select one policy to apply to.
Session Length: This restricts the connection time of the guest users. The default session
length is 6 hours and the available session time ranges from 1 to 12 hours or unlimited.
Idle Timer: If a guest user has been idled with no network activities at all, the system will
automatically kick out the user. The Idle timer can be set in the range of 1~1440 minutes, and
the default idle timer is 10 minutes.
82
WSG-404 User Guide
3.2.5 Additional Configuration
User Control: Functions under this section applies for all general users.
Idle Timer: If a user has been idled with no network activities at all, the system will automatically
kick out the user. The Idle timer can be set in the range of 1~1440 minutes, and the default Idle
timer is 10 minutes.
Multiple Login: When enabled, a user can log in from different computers with the same
account. (This function doesn’t support On-demand users and RADIUS authentication method.)
Friendly Logout: When a user logs into the system, a small window will appear to show the
user’s information and there is a logout button for users to logout. If enabled. When the users try
to close the small window, there will be a new popup window to confirm the action in case the
users close the login succeed page by accident.
Internet Connection Detection: Enter a specific URL or IP address and PLANET WSG-404
will try to detect the network connection by sending packets directly to that specific URL or IP
address. If there is a problem in the connection of the WAN port of the system such that the URL
or IP address specified cannot be reached, there will be a message showing that can be set in
the Administrator Info in System Information section on the users’ screen.
Upload File
Wireless Subscriber Gateway
83
1. Certificate: The administrator can upload new private key and customer certification. Click
the Browse button to select the file for the certificate upload. Then click Submit to complete
the upload process.
Click Use Default Certificate to use the default certificate and key.
2. Login Page: The administrator can use the default login page or get the customized login
page by setting the template page, uploading the page or downloading from the specific
website. After finishing the setting, click Preview to see the login page.
a. Choose Default Page to use the default login page.
84
WSG-404 User Guide
b.
Choose Template Page to make a customized login page here. Click Select to pick
up a color and then fill in all of the blanks. Click Preview to see the result first.
Wireless Subscriber Gateway
85
c. Choose Uploaded Page to upload new login page. Click the Browse button to select
the file for the login page upload. Then click Submit to complete the upload process.
After the upload process is completed, the new login page can be previewed by clicking
Preview button at the bottom.
86
WSG-404 User Guide
The user-defined login page must include the following HTML codes to provide the
necessary fields for username and password.
If the user-defined login page includes an image file, the image file path in the HTML code
must be the image file to be uploaded.
Then, enter or browse the filename of the images to upload in the Upload Images field on
the Upload Images Files page and then click Submit. The system will show the used
space and the maximum size of the image file of 512K. If the administrator wishes to
restore the factory default of the login page, click the Use Default Page button to restore
it to default.
After the image file is uploaded, the file name will show on the “Existing Image Files”
field. Check the file and click Delete to delete the file.
Wireless Subscriber Gateway
87
In PLANET WSG-404, the end user first gets a login page when she/he opens its web
browser right after associating with an access point. However, in some situations, the
hotspot owners or MIS staff may want to display “terms of use” or announcement
information before the login page. Hotspot owners or MIS staff can design a new
disclaimer/announcement page and save the page in their local server. After the
agreement shown on the page is read, users are asked whether they agree or disagree
with the disclaimer. By clicking I agree, users are able to log in. If users choose to decline,
they will get a popup window saying they are unable to log in. The basic design is to have
the disclaimer and login function in the same page but with the login function hidden until
users agree with the disclaimer.
For more details about the codes of the disclaimer, please refer to Appendix E.
If the page is successfully loaded, an upload success page will show up.
“Preview” can be clicked to see the uploaded page.
88
WSG-404 User Guide
If user checks “I agree” and clicks Next, then he/she is prompted to fill in the login name
and password.
If user checks “I disagree” and clicks Next, a window will pop up to tell user that he/she
cannot log in
Wireless Subscriber Gateway
89
d.
Choose the External Page selection and get the login page from the specific
website. Enter the website address in the “External Page Setting” field and then click
Apply.
The External Page prepared to be loaded here needs to have the following code as well
to let the
system work properly
After applying the setting, the new login page can be previewed by clicking Preview
button at the bottom of this page.
90
WSG-404 User Guide
3. Logout Page: The users can apply their own logout page here. The process is similar to
that of Logout Page.
The different part is the HTML code of the user-defined logout interface must include the
following HTML code that the user can enter the username and password. After the upload
is completed, the user-defined login user interface can be previewed by clicking Preview at
the bottom of this page. If want to restore the factory default setting of the logout interface,
click the “Use Default Page” button.
4. Login Succeed Page: The administrator can use the default login succeed page or get the
customized login succeed page by setting the template page, uploading the page or
downloading from the specific website. After finishing the setting, click Preview to see the
login succeed page.
a. Choose Default Page to use the default login succeed page.
Wireless Subscriber Gateway
91
b. Choose Template Page to make a customized login succeed page here. Click Select to
pick up a color and then fill in all of the blanks. Click Preview to see the result first.
c. Choose Uploaded Page and upload the login succeed page. Click the Browse button to
select the file for the login succeed page upload. Then click Submit to complete the
upload process.
92
WSG-404 User Guide
After the upload process is completed, the new login succeed page can be previewed by
clicking Preview button at the bottom.
Enter or browse the filename of the images to upload in the Upload Images field on the
Upload Images Files page and then click Submit. The system will show the used space
and the maximum size of the image file of 512K. If the administrator wishes to restore the
factory default of the login succeed page, click the Use Default Page button to restore it to
default.
After the image file is uploaded, the file name will show on the “Existing Image Files” field.
Check the file and click Delete to delete the file.
d. Choose the External Page selection and get the login succeed page from the specific
website. Enter the website address in the “External Page Setting” field and then click
Apply. After applying the setting, the new login succeed page can be previewed by
clicking Preview button at the bottom of this page.
5. Login Succeed Page for On-Demand: The administrator can use the default login succeed
page for On-Demand or get the customized login succeed page for On-Demand by setting
the template page, uploading the page or downloading from the specific website. After
finishing the setting, click Preview to see the login succeed page for On-Demand.
Wireless Subscriber Gateway
93
a. Choose Default Page to use the default login succeed page for On-Demand.
b. Choose Template Page to make a customized login succeed page for On-Demand here.
Click Select to pick up a color and then fill in all of the blanks. Click Preview to see the
result first.
94
WSG-404 User Guide
c. Choose Uploaded Page and click the Browse button to select the file for the login
succeed page for On-Demand upload. Then click Submit to complete the upload
process.
After the upload process is completed, the new login succeed page for On-Demand can be
previewed by clicking Preview button at the bottom.
If the user-defined login succeed page for On-Demand includes an image file, the image file
path in the HTML code must be the image file to be uploaded.
Enter or browse the filename of the images to upload in the Upload Images field on the
Upload Images Files page and then click Submit. The system will show the used space
and the maximum size of the image file of 512K. If the administrator wishes to restore the
factory default of the login succeed page for On-Demand, click the Use Default Page button
to restore it to default.
Wireless Subscriber Gateway
95
After the image file is uploaded, the file name will show on the “Existing Image Files” field.
Check the file and click Delete to delete the file.
d. Choose the External Page selection and get the login succeed page for On-Demand
from the specific website. Enter the website address in the “External Page Setting”
field and then click Apply. After applying the setting, the new login succeed page for
On-Demand can be previewed by clicking Preview button at the bottom of this page.
6. Logout Succeed Page: The administrator can use the default logout succeed page or get
the customized login succeed page by setting the template page, uploading the page or
downloading from the specific website. After finishing the setting, click Preview to see the
logout succeed page.
a. Choose Default Page to use the default logout succeed page.
96
WSG-404 User Guide
b. Choose Template Page to make a customized logout succeed page here. Click Select
to pick up a color and then fill in all of the blanks. Click Preview to see the result first.
c. Choose Uploaded Page and click the Browse button to select the file for the logout
succeed page upload. Then click Submit to complete the upload process.
Wireless Subscriber Gateway
97
After the upload process is completed, the new logout succeed page can be previewed by
clicking Preview button at the bottom.
If the user-defined logout succeed page includes an image file, the image file path in the
HTML code must be the image file to be uploaded.
Enter or browse the filename of the images to upload in the Upload Images field on the
Upload Images Files page and then click Submit. The system will show the used space
and the maximum size of the image file of 512K. If the administrator wishes to restore the
factory default of the login succeed page, click the Use Default Page button to restore it to
default.
After the image file is uploaded, the file name will show on the “Existing Image Files” field.
Check the file and click Delete to delete the file.
d. Choose the External Page selection and get the logout succeed page from the specific
website. Enter the website address in the “External Page Setting” field and then click
Apply. After applying the setting, the new logout succeed page can be previewed by
clicking Preview button at the bottom of this page.
98
WSG-404 User Guide
Credit Reminder: The administrator can enable this function to remind the on-demand users
before their credit run out. There are two kinds of reminder, Volume and Time. The default
reminding trigger level for Volume is 1Mbyte and the level for Time is 5 minutes.
POP3 Message: Before the users log into the network with their usernames and passwords, the
users will receive a welcome mail from PLANET WSG-404. The administrator can edit the
contents.
Enhance User Authentication: With this function, only the users with their MAC addresses in
this list can log into PLANET WSG-404. However, user authentication is still required for these
users. Please enter the MAC Address to fill in these MAC addresses, select Enable, and then
click Apply.
Note:
The format of the MAC address is: xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx.
Wireless Subscriber Gateway
99
3.3 Network Configuration
This section includes the following functions: Network Address Translation, Privilege List,
Monitor IP List, Walled Garden List, Proxy Server Properties and Dynamic DNS.
3.3.1 Network Address Translate
There are three parts, Static Assignment, Public Accessible Server and Port and Redirect,
need to be set.
100
WSG-404 User Guide
Static Assignments
A computer within the Static Assignment list is unprotected by firewall and typically all port
accesses are routed through to that computer. A router will forward all traffic to the computer
specified in the Static Assignment list if it does not otherwise have a rule for how to forward
traffic on a given port. There are 40 sets of static Internal IP Address and External IP Address
available. These static IP addresses can be set to the any host which itself needs a static IP
address to access the network through WAN port. These settings will become effective
immediately after clicking the Apply button.
Wireless Subscriber Gateway
101
Public Accessible Server
This function allows the administrator to set 40 virtual servers at most, so that the computers not
belonging to the managed network can access the servers in the managed network. Please
enter the “External Service Port”, “Local Server IP Address” and “Local Server Port”.
According to the different services provided, the network service can use the TCP protocol or
the UDP protocol. In the Enable column, check the desired server to enable. These settings will
become effective immediately after clicking the Apply button.
102
WSG-404 User Guide
Port and IP Redirect
This function allows the administrator to set 40 sets of the IP addresses at most for redirection
purpose. When the user attempts to connect to a destination IP address listed here, the
connection packet will be converted and redirected to the corresponding destination. Please
enter the “IP Address” and “Port” of Destination, and the “IP Address” and “Port” of
Translated to Destination. According to the different services provided, choose the “TCP”
protocol or the “UDP” protocol. These settings will become effective immediately after clicking
Apply.
Wireless Subscriber Gateway
103
3.3.2 Privilege Configuration
There are two parts, Privilege IP Address List and Privilege MAC Address List, can be set.
Privilege IP Address List
If there are some workstations belonging to the managed server that need to access the
network without authentication, enter the IP addresses of these workstations in this list. The
“Remark” blank is not necessary but is useful to keep track. PLANET WSG-404 allows 100
privilege IP addresses at most. These settings will become effective immediately after clicking
Apply.
Note:
Permitting specific IP addresses to have network access rights without going through standard
authentication process at the Public LAN (LAN1/LAN2) may cause security problems.
104
WSG-404 User Guide
Privilege MAC Address List
In addition to the IP address, the MAC address of the workstations that need to access the
network without authentication can also be set in this list. PLANET WSG-404 allows 100
privilege MAC addresses at most.
When manually creating the list, enter the MAC address (the format is xx:xx:xx:xx:xx:xx) as well
as the remark (not necessary). These settings will become effective immediately after clicking
Apply.
Note:
Permitting specific MAC addresses to have network access rights without going through standard
authentication process at the Public LAN (LAN1/LAN2) may cause security problems.
3.3.3 Monitor IP Configuration
PLANET WSG-404 will send out a packet periodically to monitor the connection status of the IP
addresses on the list. If the monitored IP address does not respond, the system will send an e-mail
to notify the administrator that such destination is not reachable. After entering the related
information, click Apply and these settings will become effective immediately. Click Monitor to
check the current status of all the monitored IP. The system provides 40 IP addresses for the
“Monitor IP List”.
Wireless Subscriber Gateway
105
Send From: The e-mail address of the administrator in charge of the monitoring. This will show
up as the sender’s e-mail.
Send To: The e-mail address of the person whom the monitoring result is for. This will be the
receiver’s e-mail.
Interval: The time interval to send the e-mail report.
SMTP Server: The IP address of the SMTP server.
Auth Method: The system provides four authentication methods, Plain, Login, CRAM-MD5
and NTLMv1, or “None” to use none of the above. Depending on which authentication method
selected, enter the Account Name, Password and Domain.
Send Test Email: To test the settings correct or not.
Monitor IP Address: The IP addresses under monitoring.
106
WSG-404 User Guide
3.3.4 Walled Garden List
This function provides some free services to the users to access websites listed here before login
and authentication. Up to 20 addresses or domain names of the websites can be defined in this list.
Users without the network access right can still have a chance to experience the actual network
service free of charge. Please enter the website IP Address or Domain Name in the list and these
settings will become effective immediately after clicking Apply.
Wireless Subscriber Gateway
107
3.3.5 Proxy Server Properties
PLANET WSG-404 supports Internal Proxy Server and External Proxy Server functions. Please
select an Access Gateway and then perform the necessary configurations.
External Proxy Server: Under the PLANET WSG-404 security management, the system will
match the External Proxy Server list to the end-users’ proxy setting. If there isn’t a match, then
the end-users will no be able to reach the login page and thus unable to access the network. If
there is a match, the end-users will be directed to the system first for authentication. After a
successful authentication, the end-users will be redirected back to the desired proxy servers
depending on various situations.
Internal Proxy Server: PLANET WSG-404 has a built-in proxy server. If this function is enabled,
the end users will be forced to treat PLANET WSG-404 as the proxy server regardless of the
end-users’ original proxy settings.
For more details about how to set up the proxy servers, please refer to Appendix C and
Appendix D.
108
WSG-404 User Guide
3.3.6 Dynamic DNS
PLANET WSG-404 provides a convenient DNS function to translate the IP address of WAN port to
a domain name that helps the administrator memorize and connect to WAN port. If the DHCP is
activated at WAN port, this function will also update the newest IP address regularly to the DNS
server. These settings will become effective immediately after clicking Apply.
DDNS: Enabling or disabling of this function.
Provider: Select the DNS provider.
Host name: The IP address/domain name of the WAN port.
Username/E-mail: The register ID (username or e-mail) for the DNS provider.
Password/Key: The register password for the DNS provider.
Wireless Subscriber Gateway
109
3.4 Utilities
This section provides four utilities to customize and maintain the system including Change
Password, Backup/Restore Setting, Firmware Upgrade and Restart.
3.4.1 Change Password
There are three levels of authorities to use: admin, manager or operator. The default usernames
and passwords are as follow:
Admin: The administrator can access all configuration pages of the PLANET WSG-404.
User Name: admin
Password: admin
Manager: The manager can only access the configuration pages under User Authentication to
manage the user accounts, but has no permission to change the settings of the profiles for Firewall,
Specific Route and Schedule.
User Name: manager
Password: manager
Operator: The operator can only access the configuration page of Create On-demand User to
create and print out the new on-demand user accounts.
User Name: operator
Password: operator
110
WSG-404 User Guide
The administrator can change the passwords here. Please enter the current password and then
enter the new password twice to verify. Click Apply to activate this new password.
Note:
If the administrator’s password is lost, the administrator’s password still can be changed through
the text mode management interface on the serial port, console/printer port.
Wireless Subscriber Gateway
111
3.4.2 Backup/Restore Settings
This function is used to backup/restore the PLANET WSG-404 settings. Also, PLANET WSG-404
can be restored to the factory default settings here.
Backup Current System Setting: Click Backup to create a .db database backup file and save
it on disk.
Restore System Setting: Click Browse to search for a .db database backup file created by
PLANET WSG-404 and click Restore to restore to the same settings at the time the backup file
was created.
Resetting to the Factory-Default configuration: Click Reset to load the factory default
settings of PLANET WSG-404.
112
WSG-404 User Guide
3.4.3 Firmware Upgrade
The administrator can download the latest firmware from website and upgrade the system here.
Click “Browse” to search for the firmware file and click “Apply” to go on with the firmware upgrade
process. It might be a few minutes before the upgrade process completes and the system needs to
be restarted afterwards to make the new firmware effective.
Note:
1. Firmware upgrade may cause the loss of some of the data. Please refer to the release notes
for the limitation before upgrading the firmware.
2. Please restart the system after upgrading the firmware. Do not power on/off the system during
the upgrade or the restart process. It may damage the system and cause it to malfunction.
3.4.4 Restart
This function allows the administrator to safely restart PLANET WSG-404 and the process should
take about three minutes. Click “YES” to restart PLANET WSG-404; click “NO” to go back to the
previous screen. If the power needs to be turned off, restarting PLANET WSG-404 first and then
turning off the power after completing the restart process is highly recommended.
Note:
The connection of all online users of the system will be disconnected when system is in the
process of restarting.
Wireless Subscriber Gateway
113
3.5 Status
This section includes System Status, Interface Status, Current Users, Traffic History, and
Notification Configuration to provide system status information and online user status.
3.5.1 System Status
This section provides an overview of the system for the administrator.
114
WSG-404 User Guide
The description of the table is as follows:
Item
Description
Current Firmware Version
The present firmware version of PLANET WSG-404
System Name
The system name. The default is PLANET WSG-404
The information to be shown on the login screen when a user
has a connection problem.
The page to which the users are directed after successful
Home Page
login.
The IP address and port number of the external Syslog
Syslog server-Traffic History
Server. N/A means that it is not configured.
The IP address and port number of the external Syslog
Syslog server-On demand User log
Server. N/A means that it is not configured.
Enabled/disabled stands for that the system is currently using
Proxy Server
the proxy server or not.
Enabled/disabled stands for the setting of hiding/displaying an
Friendly Logout
extra confirmation window when users close the login
succeed page.
Enabled/Disabled stands for the connection at WAN is normal
Internet Connection Detection
or abnormal (Internet Connection Detection) and all online
users are allowed/disallowed to log in the network.
The IP or IPs that is allowed for accessing the management
Remote Management IP
interface.
Management
Enabled/disabled stands for the current status of the SNMP
SNMP
management function.
Admin Info
Retained Days
History
Traffic log Email To
On-demand log Email To
NTP Server
The maximum number of days for the system to retain the
users’ information.
The email address to which that the traffic history information
will be sent.
The email address to which the history information about
on-demand users is sent.
The network time server that the system is set to align.
Time
Date Time(GMT+0:00)
Idle Timer
Multiple Login
User
Guest Account
DNS
The system time is shown as the local time.
The minutes allowed for the users to be inactive.
Enabled/disabled stands for the current setting to
allow/disallow multiple logins form the same account.
Enabled/disabled stands for the current status of allowing
Guest Accounts to log in.
Preferred DNS Server
IP address of the preferred DNS Server.
Alternate DNS Server
IP address of the alternate DNS Server.
Wireless Subscriber Gateway
115
3.5.2 Interface Status
This section provides an overview of the interface for the administrator including WAN, LAN1 &
LAN2, LAN3 & LAN4, and Wireless Port.
The description of the table is as follows.
Item
Description
MAC Address
WAN
IP Address
Subnet Mask
Wireless
Operation Mode
MAC Address
IP Address
Subnet Mask
SSID
Channel
116
The MAC address of the WAN port.
The IP address of the WAN port.
The Subnet Mask of the WAN port.
The mode of the wireless port.
The MAC address of the wireless port.
The IP address of the wireless port.
The Subnet Mask of the wireless port.
The ESSID of the wireless port.
The assigned Channel of the Wireless port.
WSG-404 User Guide
Encryption Function
Status
WINS IP Address
Wireless
DHCP Server
Start IP Address
The start IP address of the DHCP IP range.
End IP address
The end IP address of the DHCP IP range.
Lease Time
Minutes of the lease time of the IP address.
Mode
LAN1 & LAN2
MAC Address
IP Address
Subnet Mask
LAN1 & LAN2
DHCP Server
Enabled/disabled stands for the status of the encryption
function of the wireless port.
Enable/disable stands for status of the DHCP server on the
Wireless port.
The WINS server IP on DHCP server. N/A means that it is
not configured.
The mode of the LAN1 & LAN2 port.
The MAC address of the LAN1 & LAN2.
The IP address of the LAN1 & LAN2.
The Subnet Mask of the LAN1 & LAN2.
Status
Enable/disable stands for status of the DHCP server on the
LAN1 & LAN2.
WINS IP Address
The WINS server IP on DHCP server. N/A means that it is
not configured.
Start IP Address
The start IP address of the DHCP IP range.
End IP address
The end IP address of the DHCP IP range.
Lease Time
Minutes of the lease time of the IP address.
Mode
MAC Address
The mode of the LAN3 & LAN4.
The MAC address of the LAN3 & LAN4.
LAN3 & LAN4
IP Address
Subnet Mask
Status
WINS IP Address
LAN3 & LAN4
DHCP Server
Wireless Subscriber Gateway
The IP address of the LAN3 & LAN4.
The Subnet Mask of the LAN3 & LAN4.
Enable/disable stands for status of the DHCP server on the
LAN3 & LAN4 port
The WINS server IP on DHCP server. N/A means that it is
not configured.
Start IP Address
The start IP address of the DHCP IP range.
End IP address
The end IP Address of the DHCP IP range.
Lease Time
Minutes of the lease time of the IP address.
117
3.5.3 Concurrent Users
In this function, each online user’s information including Username, IP Address, MAC Address,
Pkts In, Bytes In, Pkts Out, Bytes Out, Idle and kick Out can be obtained. Administrator can use
this function to force a specific online user to log out. Click the hyperlink of Logout next to the online
user’s name to logout that particular user. Click Refresh to renew the current users list.
3.5.4 Traffic History
This function is used to check the history of PLANET WSG-404. The history of each day will be
saved separately in the DRAM for 3 days.
Note:
Since the history is saved in the DRAM, if you need to restart the system and also keep the
history, then please manually copy and save the information before restarting.
118
WSG-404 User Guide
If the History Email has been entered under the Notify Configuration page, then the system will
automatically send out the history information to that email address.
Traffic History
As shown in the following figure, each line is a traffic history record consisting of 9 fields, Date,
Type, Name, IP, MAC, Pkts In, Bytes In, Pkts Out, and Bytes Out, of user activities.
On-demand User Log
As shown in the following figure, each line is a on-demand user log record consisting of 13 fields,
Date, System Name, Type, Name, IP, MAC, Pkts In, Bytes In, Pkts Out, Bytes Out,
Expiretime, Validtime and Remark, of user activities.
Wireless Subscriber Gateway
119
3.5.5 Notify Configuration
The PLANET WSG-404 will save the traffic history into the internal DRAM. If the administrator
wants the system to automatically send out the history to a particular email address, please enter
the related information in these fields.
Send From: The e-mail address of the administrator in charge of the monitoring. This will
show up as the sender’s e-mail.
Send To: The e-mail address of the person whom the history email is for. This will be the
receiver’s e-mail.
Interval: The time interval to send the e-mail report.
SMTP Server: The IP address of the SMTP server.
Auth Method: The system provides four authentication methods, PLAIN, LOGIN, CRAM-MD5
and NTLMv1, or “NONE” to use none of the above. Depending on which authentication
method selected, enter the Account Name, Password and Domain.
NTLMv1 is not currently available for general use.
PLAIN and CRAM-MD5 are standardized authentication mechanisms while LOGIN and
NTLMv1 are Microsoft proprietary mechanisms. Only PLAIN and LOGIN can use the UNIX
login password. Netscape uses PLAIN. Outlook and Outlook express use LOGIN as default,
although they can be set to use NTLMv1.
Pegasus uses CRAM-MD5 or LOGIN but administrators can not configure which method to be
used.
120
WSG-404 User Guide
Send Test Email: To test the settings correct or not.
Syslog Server: It specifies the IP and Port of the Syslog server.
3.6 Help
On the screen, the Help button is on the upper right corner.
Click Help to the Online Help window and then click the hyperlink of the items to get the
information.
Wireless Subscriber Gateway
121
4. Appendix A --- Console Interface
Via this port to enter the console interface for the administrator to handle the problems and
situations occurred during operation.
1. In order to connect to the console port of PLANET WSG-404, a console, modem cable and a
terminal simulation program, such as the Hyper Terminal are needed.
2. If a Hyper Terminal is used, please set the parameters as 9600, 8, n, 1.
Note:
The main console is a menu-driven text interface with dialog boxes. Please use arrow keys on the
keyboard to browse the menu and press the Enter key to make selection or confirm what you
enter.
122
WSG-404 User Guide
3. Once the console port of PLANET WSG-404 is connected properly, the console main screen will
appear automatically. If the screen does not appear in the terminal simulation program
automatically, please try to press the arrow keys, so that the terminal simulation program will
send some messages to the system and the welcome screen or the main menu should appear.
If the welcome screen or the main menu of the console still can not show up, please check the
connection of the cables and the settings of the terminal simulation program.
Utilities for network debugging
The console interface provides several utilities to assist the Administrator to check the
system conditions and to debug any problems. The utilities are described as follow:
Ping host (IP): By sending ICMP echo request to a specified host and wait for the
response to test the network status.
Trace routing path: Trace and inquire the routing path to a specific target.
Display interface settings: It displays the information of each network interface
setting including the MAC address, IP address, and netmask.
Display the routing table: The internal routing table of the system is displayed, which
may help to confirm the Static Route settings.
Display ARP table: The internal ARP table of the system is displayed.
Display system up time: The system live time (time for system being turn on) is
displayed.
Wireless Subscriber Gateway
123
Check service status: Check and display the status of the system.
Set device into “safe mode”: If administrator is unable to use Web Management
Interface via the browser for the system failed inexplicitly. Administrator can choose
this utility and set PLANET WSG-404 into safe mode, then administrator can
management this device with browser again.
Synchronize clock with NTP server: Immediately synchronize the clock through the
NTP protocol and the specified network time server.
Since this interface does not
support manual setup for its internal clock, therefore we must reset the internal clock
through the NTP.
Print the kernel ring buffer: It is used to examine or control the kernel ring buffer. The
program helps users to print out their boot up messages instead of copying the
messages by hand.
Main menu: Go back to the main menu.
Change admin password
Besides supporting the use of console management interface through the connection of
null modem, the system also supports the SSH online connection for the setup. When
using a null modem to connect to the system console, we do not need to enter
administrator’s password to enter the console management interface. But connecting the
system by SSH, we have to enter the username and password.
The username is “admin” and the default password is also “admin”, which is the same as
for the web management interface. Password can also be changed here. If administrators
forget the password and are unable to log in the management interface from the web or
the remote end of the SSH, they can still use the null modem to connect the console
management interface and set the administrator’s password again.
Note:
Although it does not require a username and password for the connection via the serial port, the
same management interface can be accessed via SSH. Therefore, we recommend you to
immediately change the PLANET WSG-404 Admin username and password after logging in the
system for the first time.
Reload factory default
Choosing this option will reset the system configuration to the factory defaults.
Restart PLANET WSG-404
Choosing this option will restart PLANET WSG-404.
124
WSG-404 User Guide
5. Appendix B --- Configuration on Authorize.Net
Before the “Credit Card” and related functions can be managed appropriately, PLANET WSG-404
requires the merchant owners to have a valid Authorize.Net (www.authorize.net) account, since
Authorize.Net is the on-line payment gateway that PLANET WSG-404 supports now. The figure
below shows the process of the credit card billing and we will introduce some important procedures
for configurations on Authorize.Net.
Note:
A payment gateway “Paypal” will be supported in the future.
1. Setting Up
1.1 Open Accounts
As shown in the above figure, four elements are needed to begin an on-line business:
Element
E-COMMERCE WEB SITE
INTERNET MERCHANT
ACCOUNT
PAYMENT GATEWAY
ACCOUNT
CONNECTION METHOD
Wireless Subscriber Gateway
Description
PLANET WSG-404 has built-in web pages to present to
end users to use credit cards
A type of bank account that allows a business to accept
Internet credit card
An Authorize.Net account is the type of account that is
supported by PLANET WSG-404
PLANET WSG-404 will take care of the communication
with the Authorize.Net
125
Therefore, to set up PLANET WSG-404 to process credit card billing, the merchant owner will need
two accounts (Internet Merchant account and Authorize.Net account). If you are looking for a
merchant account or Internet payment gateway to process transactions, you can fill out the Inquiry
Form on http://www.authorize.net/solutions/merchantsolutions/merchantinquiryform/. When the four
elements are prepared, start configuring the settings on PLANET WSG-404 and Athorize.Net.
1.2 Configure PLANET WSG-404 using an Authorize.Net account
Please log in PLANET WSG-404. User Authentication
server On-demand User
Authentication Configuration
Click the
Click Credit Card
On-demand User Server Configuration
Credit Card Configuration
Some major fields are required:
Setting
Merchant Login ID
Description
This is the “Login ID” that comes with the Authorize.Net account.
Merchant Transaction
Key
To get a new key, please log in Authorize.Net
Click Settings and
Profile
Go to the “Security” section
Click Obtain Transaction
Key
Enter “Secret Answer”
Click Submit.
https://secure.authorize.net/gateway/transact.dll (default payment
gateway)
To enhance the transaction security, merchant owner can choose to
enable this function and enter a value in the text box: “MD5 Hash
Value”.
Payment Gateway
URL
MD5 Hash
Note:
For detailed description, please see P64 – Credit Card.
1.3 Configure the Authorize.Net Merchant Account to Match the Configuration of
PLANET WSG-404
Settings of the merchant account on Authorize.Net should be matched with the configuration of
PLANET WSG-404:
Setting
Description
MD5 Hash
To configure “MD5 Hash Value”, please log in Authorize.Net
Settings and Profile
Hash
Go to the “Security” section
Click
click MD5
Enter “New Hash Value” & “Confirm Hash Value”
Click
Submit.
Required Card Code
If the “Card Code” is set up as a required field, please log in
Authorize.Net
section
click Card Code Verification
Match (N) box
126
Click Settings and Profile
Go to the “Security”
Check the Does NOT
Click Submit.
WSG-404 User Guide
Required Address
After setting up the required address fields on the “Credit Card
Fields
Payment Page Fields Configuration” section of PLANET
WSG-404, the same requirements must be set on Authorize.Net. To
do so, please log in Authorize.Net
Go to the “Security” section
(AVS)
Click Settings and Profile
click Address Verification System
Check the boxes accordingly
Click Submit.
1.4 Test The Credit Card Payment via Authorize.Net
To test the connection between PLANET WSG-404 and Authorize.Net, please log in PLANET
WSG-404. User Authentication
User
Authentication Configuration
On-demand User Server Configuration
Credit Card
Go to “Credit Card Payment Page Configuration” section
Click the server On-demand
Credit Card Configuration
Enable the “Test Mode”
Click Try
Test and follow the instructions
2. Basic Maintenance
In order to maintain the operation, merchant owners will have to manage the accounts and
transactions via Authorize.Net as well as PLANET WSG-404.
2.1 Void A Transaction and Remove the On-demand Account Generate on PLANET
WSG-404
Sometimes, a transaction may need to be canceled as well as the related user account on PLANET
WSG-404 before it has been settled with the bank.
a. To void an unsettled transaction, please log in Authorize.Net. Click Unsettled Transactions
Try to locate the specific transaction record on the “List of Unsettled Transactions”
the Trans ID number
Click
Confirm and click Void.
Note:
To find the on-demand account name, click Show Itemized Order Information in the “Order
Information” section
Username can be found in the “Item Description”.
b. To remove the specific account from PLANET WSG-404, please log in PLANET WSG-404. User
Authentication
Authentication Configuration
On-demand User Server Configuration
Click the server On-demand User
Users List
Click Delete on the record with the
account name.
Wireless Subscriber Gateway
127
2.2 Refund A Settled Transaction and Remove The On-demand Account Generated
on PLANET WSG-404
a. To refund a credit card, please log in Authorize.Net. Click Virtual Terminal
Method
Click Refund a Credit Card
Select Payment
Payment/Authorization Information
information in at least three fields: Card Number, Expiration Date, and Amount
Type
Confirm and
click Submit.
b. To remove the specific account from PLANET WSG-404, please log in PLANET WSG-404. User
Authentication
Authentication Configuration
On-demand User Server Configuration
Click the server On-demand User
Users List
Click Delete on the record with the
account name.
2.3 Find the Username and Password for A Specific Customer
Please log in Authorize.Net. Click Unsettled Transactions
record on the “List of Unsettled Transactions”
Try to locate the specific transaction
Click the Trans ID number
Itemized Order Information in the “Order Information” section
Click Show
Username and Password can
be found in the “Item Description”.
2.4 Send An Email Receipt to A Customer
If a valid email address is provided, PLANET WSG-404 will automatically send the customer an
email receipt for each successful transaction via Authorize.Net. To change the information on the
receipt for customer, please log in PLANET WSG-404. User Authentication
Configuration
Credit Card
Click the server On-demand User
Credit Card Configuration
Authentication
On-demand User Server Configuration
Client's Purchasing Record
in the text boxes: “E-mail Header and Description”
Type in information
Confirm and click Apply.
2.5 Send An Email Receipt for Each Transaction to The Merchant Owner
To configure the contact person who will receive a receipt for each transaction, please log in
Authorize.Net. Click Settings and Profile
Contacts
click Add New Contact to
Check the “Transaction Receipt” box
128
Go to the “General” section
click Manage
Enter necessary contact information on this page
Click Submit.
WSG-404 User Guide
3. Reporting
During normal operation, the following steps will be necessary to generate transaction reports.
3.1 Transaction Statistics by Credit Card Type during A Period
Please log in Authorize.Net. Click Reports
Check “Statistics by Settlement Date” radio button
Select “Transaction Type”, “Start Date”, and “End Date” as the criteria
Click Run Report
3.2 Transaction Statistics by Different Location
a. To deploy more than one PLANET WSG-404, the way to distinguish transactions from different
locations is to make the invoice numbers different. To change the invoice setting, please log in
PLANET WSG-404. User Authentication
On-demand User
Configuration
Authentication Configuration
On-demand User Server Configuration
Click the server
Credit Card
Go to “Client's Purchasing Record” section
Credit Card
Check the “Reset” box
A
location-specific ID (for example, Hotspot-A) can be used as the first part of “Invoice Number”
Confirm and click Apply.
b. Please log in Authorize.Net
Click Search and Download
(or ALL Settled, Unsettled) in “Settlement Date” section
Specify the transaction period
Go to “Transaction” section
Enter the first part of invoice number plus an asterisk character (for example, Hotspot-A*) in the
“Invoice #” text box
Click Search
If transaction records can be found, the number of
accounts sold is the number of search results
Or, click Download To File to download
records and then use MS Excel to generate more detailed reports.
3.3 Search for The Transaction Details for A Specific Customer
Please log in Authorize.Net. Click Search and Download
Enter the information for a specific
customer as
criteria
Click Search
Click the Trans ID number to view the transaction details.
Note:
For more information about Authorize.Net, please see www.authorize.net.
Wireless Subscriber Gateway
129
6. Appendix C --- Proxy Setting for Hotspot
Hot Spot is a place such as a coffee shop, hotel, or a public area where provides Wi-Fi service for
mobile and temporary users. Hot Spot is usually implemented without complicated network
architecture and using some proxy servers provided by Internet Service Providers.
In Hot spots, users usually enable their proxy setting of the browsers such as IE and Firefox.
Therefore, so we need to set some proxy configuration in the Gateway need to be set. Please follow
the steps to complete the proxy configuration
вњЃ
1. Login Gateway by using “admin”.
2. Click the Network Configuration from top menu and the homepage of the Network
Configuration will appear.
130
WSG-404 User Guide
3. Click the Proxy Server Properties from left menu and the homepage of the Proxy Server
Properties will appear.
4. Add the ISP’s proxy Server IP and Port into External Proxy Server Setting.
Wireless Subscriber Gateway
131
5. Enable Built-in Proxy Server in Internal Proxy Server Setting.
6. Click Apply to save the settings.
132
WSG-404 User Guide
7. Appendix D --- Proxy Setting for Enterprise
Enterprises usually isolate their intranet and internet by using more elaborated network architecture.
Many enterprises have their own proxy server which is usually at intranet or DMZ under the firewall
protection.
In enterprises, network managers or MIS staff may often ask their users to enable their proxy setting
of the browsers such as IE and Firefox to reduce the internet access loading. Therefore some proxy
configurations in the Gateway need to be set.
Note:
Some enterprises will automatically redirect packets to proxy server by using core switch or Layer
7 devices. By the way, the clients don’t need to enable their browsers’ proxy settings, and
administrators don’t need to set any proxy configuration in the Gateway.
Wireless Subscriber Gateway
133
Please follow the steps to complete the proxy configuration
вњЃ
Gateway setting
1. Login Gateway by using “admin”.
2. Click the Network Configuration from top menu and the homepage of the Network
Configuration will appear.
3. Click the Proxy Server Properties from left menu and the homepage of the Proxy Server
Properties will appear.
134
WSG-404 User Guide
4. Add your proxy Server IP and Port into External Proxy Server Setting.
5. Disable Built-in Proxy Server in Internal Proxy Server Setting.
Wireless Subscriber Gateway
135
6. Click Apply to save the settings.
Note:
If your proxy server is disabled, it will make the user authentication operation abnormal. When
users open the browser, the login page won’t appear because the proxy server is down. Please
make sure your proxy server is always available.
Client setting
It is necessary for clients to add default gateway IP address into proxy exception information so
the user login successful page can show up normally.
1. Use command “ipconfig” to get Default Gateway IP Address.
2. Open browser to add default gateway IP address (e.g. 192.168.1.254) and logout page IP
address “1.1.1.1” into proxy exception information.
For I.E
136
WSG-404 User Guide
For firefox
Wireless Subscriber Gateway
137
8. Appendix E --- Disclaimer for On-Demand Users
In PLANET WSG-404, the end user first gets a login page when she/he opens its web browser right
after associating with an access point. However, in some situations, the hot spot owners or MIS staff
may want to display “terms of use” or announcement information before the login page. Hot spot
owners or MIS staff can design a new disclaimer/announcement page and save the page in their
local server. After the agreement shown on the page is read, users are asked whether they agree or
disagree with the disclaimer. By clicking “I agree,” users are able to log in. If users choose to decline,
they will get a popup window saying they are unable to log in. The basic design is to have the
disclaimer and login function in the same page but with the login function hidden until users agree
with the disclaimer.
Here the codes are supplied. Please note that the blue part is for the login feature, the red part is the
disclaimer, and the green part can be modified freely by administrators to suit the situation better.
Now the default is set to “I disagree” with the disclaimer. Administrators can change the purple part
to set “agree” as the default or set no default. These codes should be saved in local storage with a
name followed by .html, such as login_with_disclaimer.html.
<html>
<head>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
<link href="../include/style.css" rel="stylesheet" type="text/css">
<title>Login</title>
<script language="javascript1.2">
var pham = document.cookie;
var disableButton=false;
function getCookie(name)
{
name += "="; // append '
='to name string
var i = 0; // index of first name=value pair
while (i < pham.length) {
var offset = i + name.length; // end of section to compare name string
if (pham.substring(i, offset) == name) { // if string matches
var endstr = pham.indexOf(";", offset); //end of name=value pair
if (endstr == -1) endstr = pham.length;
return unescape(pham.substring(offset, endstr));
138
WSG-404 User Guide
// return cookie value section
}
i = pham.indexOf(" ", i) + 1; // move i to next name=value pair
if (i == 0) break; // no more values in cookie string
}
return null; // cookie not found
}
function CodeCookie(str)
{
var strRtn="";
for (var i=str.length-1;i>=0;i--)
{
strRtn+=str.charCodeAt(i);
if (i) strRtn+="a";
}
return strRtn;
}
function DecodeCookie(str)
{
var strArr;
var strRtn="";
strArr=str.split("a");
for(var i=strArr.length-1;i>=0;i--)
strRtn+=String.fromCharCode(eval(strArr[i]));
return strRtn;
}
function MM_swapImgRestore() { //v3.0
var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_preloadImages() { //v3.0
var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
Wireless Subscriber Gateway
139
}
function MM_findObj(n, d) { //v4.01
var p,i,x;
if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array;
for(i=0;i<(a.length-2);i+=3)
if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src;
x.src=a[i+2];}
}
function init(form)
{
id = getCookie("username");
if(id!="" && id!=null)
{
form.myusername.value = id;
}
disclaimer.style.display='
'
;
login.style.display='
none'
;
}
function Before_Submit(form)
{
if(form.myusername.value == "")
{
alert("Please enter username.");
form.myusername.focus();
form.myusername.select();
disableButton=false;
return false;
}
if(form.mypassword.value == "")
140
WSG-404 User Guide
{
alert("Please enter password.");
form.mypassword.focus();
form.mypassword.select();
disableButton=false;
return false;
}
if(disableButton==true)
{
alert("The system is now logging you in, please wait a moment.");
return false;
}
else
{
disableButton=true;
return true;
}
return true;
}
function reminder_onclick(form)
{
Reminder.myusername.value = form.myusername.value;
Reminder.mypassword.value = form.mypassword.value;
Reminder.submit();
}
function cancel_onclick(form)
{
form.reset();
}
function check_agree(form)
{
if(form.selection[1].checked == true)
{
alert("You disagree with the disclaimer, therefore you will NOT be able to log in.");
return false;
}
disclaimer.style.display='
none'
;
Wireless Subscriber Gateway
141
login.style.display='
'
;
return true;
}
</script>
</head>
<body style="font-family: Arial" bgcolor="#FFFFFF"
onload="init(Enter);MM_preloadImages('
../images/submit0.gif'
,'
../images/clear0.gif'
,'
../images/remai
ning0.gif'
)">
<ilayer width=&{marquee_width}; height=&{marquee_height}; name="cmarquee01">
<layer name="cmarquee02" width=&{marquee_width};
height=&{marquee_height};></layer>
</ilayer>
<form action="userlogin.shtml" method="post" name="Enter">
<table name="disclaimer" id="disclaimer" width="460" height="430" border="0" align="center"
background="../images/agreement.gif">
<tr>
<td height="50" align="center" valign="middle"><div align="center" class="style5">Service
Disclaimer</div></td>
</tr>
<tr>
<td height="260" align="center" valign="middle"><table width="370" height="260" border="0"
align="center">
<tr>
<td>
<textarea name="textarea" cols="50" rows="15" align="center" readonly>
We may collect and store the following personal information:
E-mail address, physical contact information, credit card numbers and transactional information
based on your activities on the Internet service provided by us.
If the information you provide cannot be verified, we may ask you to send us additional information
(such as your driver license, credit card statement, and/or a recent utility bill or other information
confirming your address), or to answer additional questions to help verify your information.
142
WSG-404 User Guide
Our primary purpose in collecting personal information is to provide you with a safe, smooth,
efficient, and customized experience. You agree that we may use your personal information to:
provide the services and customer support you request; resolve disputes, collect fees, and
troubleshoot problems; prevent potentially prohibited or illegal activities; customize, measure, and
improve our services and the site'
s content and layout; compare information for accuracy, and verify
it with third parties.
We may disclose personal information to respond to legal requirements, enforce our policies,
respond to claims that an activity violates the rights of others, or protect anyone'
s rights, property, or
safety.
We may also share your personal information with:
members of our corporate family to help detect and prevent potentially illegal acts; service providers
under contract who help with our business operations; (such as fraud investigations and bill
collection) other third parties to whom you explicitly ask us to send your information; (or about whom
you are otherwise explicitly notified and consent to when using a specific service) law enforcement
or other governmental officials, in response to a verified request relating to a criminal investigation
or alleged illegal activity; (In such events we will disclose name, city, state, telephone number, email
address, User ID history, and fraud complaints)
xxxxx participants under confidentiality agreement, as we in our sole discretion believe necessary or
appropriate in connection with an investigation of fraud, intellectual property infringement, piracy, or
other unlawful activity; (In such events we will disclose name, street address, city, state, zip code,
country, phone number, email, and company name.) and other business entities, should we plan to
merge with, or be acquired by that business entity. (Should such a combination occur, we will
require that the new combined entity follow this privacy policy with respect to your personal
information. If your personal information will be used contrary to this policy, you will receive prior
notice.)
Without limiting the above, in an effort to respect your privacy and our ability to keep the community
free from bad actors, we will not otherwise disclose your personal information to law enforcement,
other government officials, or other third parties without a subpoena, court order or substantially
similar legal procedure, except when we believe in good faith that the disclosure of information is
necessary to prevent imminent physical harm or financial loss or to report suspected illegal activity.
Wireless Subscriber Gateway
143
Your password is the key to your account. Do not disclose your password to anyone. Your
information is stored on our servers. We treat data as an asset that must be protected and use lots
of tools (encryption, passwords, physical security, etc.) to protect your personal information against
unauthorized access and disclosure. However, as you probably know, third parties may unlawfully
intercept or access transmissions or private communications, and other users may abuse or misuse
your personal information that they collect from the site. Therefore, although we work very hard to
protect your privacy, we do not promise, and you should not expect, that your personal information
or private communications will always remain private.
By agreeing above, I hereby authorize xxxxx to process my service charge(s) by way of my credit
card.
</textarea>
</td>
</tr>
</table></td>
</tr>
<tr>
<td height="40"><table width="170" height="20" border="0" align="center" cellpadding="2">
<tr>
<td align="left"><input name="selection" value="1" type="radio"></td>
<td><span class="style4">I agree.</span></td>
</tr>
<tr>
<td align="left"><input name="selection" value="2" checked type="radio"></td>
<td><span class="style4">I disagree.</span></td>
</tr>
</table></td>
</tr>
<tr>
<td height="30"><table width="110" height="20" border="0" align="center" cellpadding="2">
<tr>
<td width="45" align="center" valign="middle"><input name="next_button" type="button"
value="Next" onclick="javascript:check_agree(Enter)"></td>
</tr>
</table></td>
</tr>
<tr>
<td height="20">&nbsp;</td>
</tr>
</table>
144
WSG-404 User Guide
<div align="center">
<table name="login" id="login" width="497" height="328" border="0" align="center" cellpadding="2"
cellspacing="0" background="../images/userlogin.gif">
<tr>
<td height="146" colspan="2">&nbsp;</td>
</tr>
<tr>
<td width="43%" height="53">&nbsp;</td>
<td><input type="text" name="myusername" size="20"></td>
</tr>
<tr>
<td height="42">&nbsp;</td>
<td><input type="password" name="mypassword" size="20"></td>
</tr>
<tr>
<td colspan="2">
<div align="center">
<a onclick="javascript:if(Before_Submit(Enter)){Enter.submit();}"
onMouseOut="MM_swapImgRestore()"
onMouseOver="MM_swapImage('
Image3'
,'
'
,'
../images/submit0.gif'
,1)">
<img src="../images/submit.gif" name="Image3" width="124" height="38" border="0"
>
</a>
<a onclick="cancel_onclick(Enter)" onMouseOut="MM_swapImgRestore()"
onMouseOver="MM_swapImage('
Image5'
,'
'
,'
../images/clear0.gif'
,1)">
<img src="../images/clear1.gif" name="Image5" width="124" height="38"
border="0">
</a>
<a onclick="javascript:if(Before_Submit(Enter)){reminder_onclick(Enter);}"
onMouseOut="MM_swapImgRestore()"
onMouseOver="MM_swapImage('
Image4'
,'
'
,'
../images/remaining0.gif'
,1)">
<img src="../images/remaining.gif" name="Image4" width="124" height="38"
border="0">
</a>
</div>
</td>
</tr>
</table>
<table>
Wireless Subscriber Gateway
145
<tr>
<td width="100%">
<font color="#808080" size="2"><script language="JavaScript">if( creditcardenable ==
"Enabled" ) document.write("<a href=\"../loginpages/credit_agree.shtml\">Click here to purchase by
Credit Card Online.<a>");</script></font>
</td>
</tr>
</table>
</div>
</form>
<form action="reminder.shtml" method="post" name="Reminder">
<input type=hidden name=myusername value="">
<input type=hidden name=mypassword value="">
</form>
<br>
<div align="center">
<table>
<tr>
<td width="100%">
<font color="#808080" size="2"><script
language="JavaScript">document.write(copyright);</script></font></td>
</tr>
</table>
</div>
</body>
</html>
146
WSG-404 User Guide
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising