3 proxy-arp, 4 hotspot / ip redirect, Proxy-arp – Motorola Series Switch WS5100 User Manual
Page 19: Hotspot / ip redirect
Overview
1-9
destination IP address and/or TCP/UDP port number. Rate limiting allows the definition of two rates: a
guaranteed minimum bandwidth and a second burst size. Rate limiting is performed as part of the flow
control process (WISP protocol) between access ports and the switch.
1.2.2.3 Proxy-ARP
Proxy ARP is provided for MU's in PSP mode whose IP address is known. The WLAN generates an ARP reply
on behalf of a MU, if the MU's IP address is known. The ARP reply contains the MAC address of the MU (not
the MAC address of switch). Thus, the MU is not woken to send ARP replies (increasing battery life and
conserving wireless bandwidth).
If an MU goes into PSP mode without transmitting at least one packet, its Proxy ARP will not work for such
an MU.
1.2.2.4 HotSpot / IP Redirect
A hotspot is a Web page that users are forced to visit before they are granted access to the Internet. With
the advent of Wi-Fi enabled client devices (such as laptops and PDAs) commercial hotspots are common and
can be found at many airports, hotels and coffee shops.The Hotspot / IP Redirect feature allows the switch
to function as a single on-site switch supporting WLAN hotspots. The Hotspot feature re-directs user traffic
(for a hotspot enabled WLAN) to a Web page that requires them to authenticate before granting access to
the WLAN. The IP-Redirection requires no special software on the client but its does require the client be set
to receive its IP configuration through DHCP. The following is a typical sequence of events for hotspot access:
1. A visitor with a laptop requires hotspot access at a site.
2. A user ID/ Password and the hotspot ESSID are issued by the site receptionist or IT staff.
3. The user connects their laptop to this ESSID
4. The laptop receives its IP configuration via DHCP. The DHCP service can be provided by an external DHCP
server or provided by the internal DHCP server located on the switch.
5. The user opens a Web browser and connects to their home page.
6. The switch re-directs them to the hotspot Web page for authentication.
7. The user enters their User ID/ Password.
8. A Radius server authenticates the user.
9. Upon successful authentication, the user is directed to a Welcome Page that lists among other things an
Acceptable Use Policy, connection time remaining and an I Agree button.
10.The user accepts by clicking the I Agree button and is granted access to the Internet. (or other network
services).
To redirect user traffic from a default home page to a login page, the switch uses destination network
address translation (destination NAT is similar to the source NAT/ PAT but the destination IP address and
port get modified instead of the source as in traditional NAT). More specifically, when the switch receives
an HTTP Web page request from the user (when the client first launches its browser after connecting to the
WLAN), a protocol stack on the switch intercepts the request and sends back an HTTP response after
modifying the network and port address in the packet. Therefore, acting like a proxy between the user and
the Web site they are trying to access.
To setup a hotspot, create a WLAN ESSID and select Hotspot authentication from the Authentication menu.
This is simply another way to authenticate a WLAN user for it would be impractical to authenticate visitors
using 802.1x authentications. Motorola also recommends reviewing the WS5100 Migration Guide (available