beautypg.com

Ap-2500 authentication methods – Proxim ORiNOCO AP-2500 User Manual

Page 60

background image

60

AP-2500 Authentication Methods

Some applications require a public IP address to function properly over the Internet (such as certain VPN
applications, on-line gaming, and Web hosting). Customers who require a public IP address may be willing to
a premium for this service.

The subscriber’s wireless card must be configured to obtain an IP address from a DHCP server to use the IP
Upsell feature (that is, this feature doesn’t work if the subscriber’s computer is assigned a static IP address).

5. Click OK to save your changes to the DHCP Server settings.
6. Click the

DNS Server

tab to configure Domain Name Service (DNS) settings. This information may already be

provided for you if the AP’s IP Address Type is Dynamic.

Enter a DNS Host Name for the AP. The default setting is suitable for most configurations unless you have
multiple APs and want to assign each one a different Host Name.

Enter the DNS Domain name. This name is provided by your ISP or network administrator.

Enter up to three DNS Server IP addresses in the fields provided. You must configure at least the Primary
DNS Server IP address. These IP addresses should be provided by your ISP or network administrator.

NOTE

The AP must be configured with a valid DNS Server IP address to function correctly. If you are setting up a
demo with this equipment, the AP must be able to communicate with a valid DNS server before it will function
as expected. If you do not configure DNS, then all Internet locations must be in IP address format, including
HTTP requests from subscribers.

7. Click OK to save your changes to the DNS Server settings.
8. Click the Public Space button.
9. Click the AAA tab.
10. Place a check mark in the Enable AAA Services box.
11. Place a check mark in the Enable XML Interface box.

You must enable XML support if you plan to use an External Web Server.

12. Enter the IP address of your External Web Server in the XML Sender IP Address field.
13. Set Authorization Method to External.
14. Click OK.
15. Click the External tab.
16. Enter the IP address of the External Web Server in the IP Address field.
17. Enter the location of the subscriber login page in the External Login Page URL field.

The AP will redirect unauthenticated customers to this page.

Be sure to enter your External Web Server’s IP address in the

Passthrough IP Table

so unauthenticated users

can access the external login page.

If your external login page is a secure HTTPS page, configure the AAA Passthrough Port 443 to allow secure
traffic to pass through from unauthenticated clients. See

Passthrough AAA Port

.

NOTE

The Secret Key parameter is reserved for future use. You can leave the parameter set to default value.

18. Click OK.
19. Click the Passthrough tab.
20. Enter the IP Address of the External Web Server in the Passthrough IP Table.
21. Enter the DNS Names for all of the Web sites that you want to include in your “walled garden” in the Passthrough

DNS Table (if applicable).

A “walled garden” is a list of Web site that your customers can access for free without logging into the AP.

If you want to provide free access to customers for a limited number of sites, you can include links to these
pages on your custom login page.

You can enter a single World Wide Web address (such as www.yahoo.com) or you can enter Domain Names
(such as *.yahoo.com). Entering the Domain Name provides users will full access to the specified Domain’s
Web sites. For example, if you enter www.yahoo.com in the DNS Passthrough Table, customers will not be
able to access sites such as http://finance.yahoo.com as part of the walled garden.