RADIUS (HotSpot)

• Integrated RADIUS support
• Integrated Mikrotik HotSpot support
• Possible to use also for verification of clients and other services ( eg. login to Mikrotik )‏

• Support of verification by name and password or by MAC
• Easy mangament of tariffs including defining individual tariff parametres
• Complete statistics about connected clients

A client requiring Internet connection in the range of the device will receive the IP address automatically from the DHCP server and at the attempt to opena page in the browser a login page will show up. If the user name and password were accepted, the server authorizes the access to the internet provider and selects an IP (or a range of addresses) and other parametres of connection, which may be for instance time for which the user can be connected, the connection speed which the user may use, or other restrictions.

• RADIUS system released for the cooperation with the hotspots

• For full functioning of the RADIUS module you must have an activated license of the ISP admin for RADIUS

• You can set a checkbox "Use RADIUS" for every router when editing it. If this checbox is set, you can enter a "Radius secret", which is a password for communication of mikrotik with the radius server. You must reload the configurations of a running radius server when changing the "Radius secret". The radius server will be rebooted automatically within 5 minutes.

• In the menu of "Settings / Tariffs", you can add a tariff of "RADIUS" type. After adding a tariff, the RADIUS type can be edited for every individual RADIUS attributes. These attributes may be added by click on the icon of "attributes" located next to the icon for editing a tariff. When adding an attribute, you can select an attribute from a popup menu and enter the respective value.

• When adding the Internet service, you can select "User type" RADIUS for the client.

• In case the "User type" on RADIUS is selected, you can enter the user name and password which will serve for login to the Hotspot Mikrotik. If login through Hostpot is being used, the IP address of the client does not have to be assigned because this IP address wil be set dynamically during the client login according to the Hotspot settings.

• In the menu of "Routers / Radius / Log verification", there is information about logged in users, data transmissions of the assigned IP, about the time of connection and MAC address of the client. If the client is active ( currently online ), the green icon is displayed "active".

• In the menu of "Routers / Radius / Active clients", only active clients are displayed.

• A checbox of "Accounting" must be activated for the Mikrotik Hotspot in the bookmark of "Server profiles / RADIUS" so that the ISP admin shows the information about the active clients who connect to the Mikrotik Hotspot; and in this checkbox there must be "Interim Update" set to 00:00:15. Thus the information about the logging clients will be updated every 15s.

• A detailed description of the Hotspot settings on the Mikrotik is currently in preparing.

WiFi Hotspot - wireless Internet for cell phones

Solution for wireless access to the Internet at public places

Offer a simple and easy access to the Internet Plug & Play to your customers, visitors or guests. Software installation is not required, nor are any changes in the configuration of the laptop or PDA. Hotspot providers will like the possibility of easy and inexpensive running. The Hotspot technology offers several possibilities and options for running the service for free or in the form of billing.

Where will you find usage for wireless hotspot applications?

hotels - the Internet access for the Czech and international clients. You can publish some updated service offers in a certain time or at a certain place.

airports - the Internet access for travellers. You can provide the travellers and visitors with the current online information about arrivals, departures, but also about local offers.

congress centers - connection for the Czech and international visitors of congresses, managers and the VIP guests. WiFi hotspot may be used even for free of charge communication between the organizers by means of the VoWiFi VoIP telephony

cultural, social and sports centers, facilities - the Internet access for visitors, accredited guests, VIP visitors and journalists in the course of social and sports events.

enterteinment centers - for the Internet access for guests of the center. There is also a possibility of publishing the current offers and promotions for the visitors.

schools, universities, libraries, student dormitories for the Internet access for students, teachers, the Czech and international guests within conferences or seminars, alternatively also the MBA courses. The Internet options may be used during and outside the classes.

firms and training centers - mobile Internet access for employees, guests. The Internet access may be used during training, presentations, alternatively during meetings.

restaurants and cafes - for the Internet access for customers. Mainly smaller and simpler applications are of use in this case.

pull-ups and highway service stations - the Internet access mainly for sales managers and travellers. Offer your customers an exra service. Ensure their regular visit rate.

The Hotspot solution for providing connectivity at public places has these components:

User end device. This may be a laptop, PDA, handheld or other devices equipped with a wireless network card according to the standard 802.11b. Wireless WiFi infrastructure of the hotspot: Wireless access points to the Internet network according to the standard 802.11b.

Hotspot Gateway - a gateway which allows the client to access the network with no necessity of any software or configuration changes in their device. This provides the provider with complete data for billing.

How does this work?

The user enters the "hotspotu" area. The user opens the Internet browser on their laptop (or other mobile device) and in this browser they enter the home page of the provider. Then they enter their user name and password which is transmitted through a safe SSL channel into the hotspot gateway.

The gateway identifies the user, assigns a pre-paid or by the contract given width of the area and watches data necessary for billing - the time of connection, speed, transmitted data bulk.

The user will receive the Internet access or the VPN connection into their company network.

Plug and Play access to the network for every user.

A patented function Dynamic Address TranslationTM allows the real plug-and-play solution of the user`s access to the network. The user does not need any special software and it does not matter what the configuration of the laptop is. It does not matter if it is configured with a static IP address, DHCP, DNS or with proxy. The only needed thing is the Internet browser where the user enters the home page address of the hotspot provider. There is no need even for change of the configuration of the wireless card. DATTM also ensures the DNS server availability by means of the function of redirecting the DNS. This function redirects the user DNS requirement to the closest local DNS server and improves thus the time of reply.

Home Page Redirecting

Home Page Redirecting (HPR) allows redirecting the user automatically to a new home page, being it inner USG or external one. Redirecting may be user related according to the Radius for every user in a different way. .

Identification of the place of connection

In relation to the network architecture, it is possible to specify the particular place where the user has logged in the network. This may be used for service customizing, eg. web pages with the information about flights will appear to the visitor of an airport, the information about the hotels will appear for the hotel guest, menu for the restaurant customer, etc.

Selective managing of the network access

The Hotspot gateway allows creating a so called "walled garden", which is an area not protected by an access password allowing free access to pre-defined Internet pages, services or applications to every visitor with an appropriate hardware equipment. This area may have a content of up to 300 defined IP addresses. This may be used for providing a free access to sponsored pages or to advertisement bringing takings for the provider. For instance, a hotel guest is allowed to access the Internet pages of the local service providers for free, these services are from the hotel surroundings and may sound interesting to the guest - eg. stores, hairdresser, pizza restaurants, gym, taxi, etc.

Bandwidth Management

The Bandtwidth management module allows defining speed of the data transmission for every user on the basis of the MAC addresses. The speed is defined in assymetrically mainly for download and upload. The user may have more speeds defined, from which he can choose. The speed and time are displayed on the Java console which is seen in the browser window.

Authentication, Authorizaton and Accounting

A user is identified by means of the MAC address, user name and password, or the port through which they are connected. AAA (Authentication, Authorization and Accounting) module provides possibilities for watching and accounting the customer including the RADIUS server support and the support of payment card payments. There are also options of newly coming authentication methods according to the IEEE 802.1x and client-based solutions such as iPass, the aim of which is to automatize authentication proccess so that it is possible to provide transparent global roaming for the clients among the individual WLAN networks on the basis of wholesale offer.

Safety of the network access

The safety of the network access is not based on one shared safety code. The problem of accessing the network through public hotspots requires completely different approach. The essential thing is a safe authentization of every user through the SSL channel. In the future, an integration of newly coming safety standards of 802.1x with the possibility of dynamic keys usage is expected to come.

The Hotspot gateway brings a reliable solution regardless of the client hardware and regardless of the wireless infrastructure used.

RADIUS

The Hotspot gateway has an integrated RADIUS client allowing watching and billing the user in relation to the number of connections, transmitted data bulk, the time of connection, connection location, etc. with the use of the central database of customer profiles on the Radius server.

XML interface

The XML interface allows an easy integration of Hotspot into existing systems and allows flexible customer`s edits, and providing of other services with an added value to the customers.

Flexible network architecture

Flexible architecture allows creating number of smaller hotspots which are remotely managed by means of the central hotspot gateway, or by the central controller. In this case the hotspot may be created by the only simple and inexpensive access point, and the whole functionality is provided from a remote box - the cenral hotspot gateway.

On the other hand, extensive installations of large hotspots, such as airports, congress centers, large hotels, are another possibility. In these cases, it is advisable to install the Hotspot gateway box including the controller locally to reach more effective management of these.