SlideShare a Scribd company logo

Wifi hotspot ruckus with freeradius radiojungle aaa

S
smoscato
Technology
1 of 4
Download to read offline
How to setup WiFi HotSpot service with Ruckus Wireless and FreeRADIUS server RadioJungle AAA Introduction • Walled garden: The purpose of the walled garden is to let unauthenticated users access This document describes how ZoneDirector support online registration, payment services, or other Wi-Fi hotspot service with Radio Jungle AAA through websites (such as a hotel reservation page) WISPr based features: universal authentication without needing to login first. All other sites are method or UAM (browser based login at a captive off limits. portal). • WISPr and Hotspot Service: For our RadioJungle AAA appliance is a highly flexible and implementation of hotspot service is based on configurable RADIUS server based on FreeRADIUS WISPr. In this document, WISPr Service and v2.x with web-based management GUI developed by Hotspot Service are interchangeable. In some 3TSolutions s.r.l. sense, hotspot is generic while WISPr is technically defined. RadioJungle AAA provides the professional and easy to use solution to control your network access and How a Wi-Fi Hotspot Works track the activities of users in the network. 1. Hotspot client associates with the hotspot Terminology WLAN (which is typically open). • Hotspot client: A wireless client (device) associating with (which is typically encrypted) hotspot service. • Hotspot user: A human being using the hotspot service on the hotspot client. • Login page: The web page which is hosted on an external Hotspot WLAN HTTP server for user login. • Logout page: The web page which is hosted on an 2. The hotspot user tries to browse the web on external HTTP server for user logout. the hotspot client by going to www.google.com • WISP: Wireless Internet Service Provider. • UAM (Universal Authentication Method): The UAM allows a subscriber to access and login to WISP services with just a Wi-Fi network interface and Internet browser on the user’s device. • Authenticated users: The users who pass the authentication. • Unauthenticated users: The users who have not passed authentication or have failed authentication.
How to setup WiFi HotSpot service with Ruckus Wireless and FreeRADIUS server RadioJungle AAA 3. The hotspot user is re-directed to the 3TSolutions ZoneDirector Setup Web Portal server by the Ruckus ZoneDirector. 4.1 Requirements • External Web Server (Apache, IIS or equivalent) with a properly configured login portal page (if interested in 3TSolutions Captive Portal please contact us by email). • RADIUS authentication and accounting server (RADIUS RJAAA is recommended). 4.2 Configure AAA server on the ZoneDirector • Under the Configure ---> AAA server sections, enter appropriate settings for your AAA server 4. After the hotspot user types in authentication and for your RADIUS Accounting server. information, the information is sent to the UAM RJAAA is also available as Remote RADIUS server on the Ruckus ZoneDirector (1), the server. ZoneDirector then sends the access request to the RADIUS server RJAAA (2), the RADIUS server RJAAA then responds back to the ZoneDirector with an accept/reject message (3). 4.3 Configure RADIUS accounting server 5. After the user is authenticated, they will be on the ZoneDirector redirected to their original web page they requested. • Under the Configure ---> AAA server sections, Optionally, administrators can redirect them to another enter appropriate settings for your RADIUS appropriate web page (such as an airport homepage accounting server. for example).
How to setup WiFi HotSpot service with Ruckus Wireless and FreeRADIUS server RadioJungle AAA 4.4 Create a hotspot service • Idle timeout: If selected, the user is automatically disconnected if there is no traffic • Under the Configure ---> Hotspot services section, between the client and AP for specifi ed amount enter appropriate settings to create the new hotspot of time. Re-authentication is required after idle service. timeout. The idle timeout period is implemented at 10-minute intervals. If you set idle timeout to 12 minutes, ZoneDirector will terminate sessions that are idle for 20 minutes. Likewise, if you set idle timeout to 5 minutes, ZoneDirector will terminate sessions that are idle for 10 minutes. If RADIUS idle timeout attribute is included in RADIUS Access Accept, the user’s maximum idle time shall be the value of the attribute. • Authentication server: Choose the AAA server you confi gured earlier. • Accounting server: Choose the RADIUS accounting server you configured earlier. Choose an interim-update interval between 2- 120 minutes. The interim-update interval determines how often the ZoneDirector sends updates to the RADIUS accounting server. If An example of Captive portal is available at using a RADIUS accounting server, note that the 3TSolutions Web site following information is tracked: Login/logout timestamp, Total session time, Bytes • Name: Enter a descriptive name for the hotspot sent/received, Packets sent/received. service here. • Login Page: Unauthenticated users are redirected 4.5 Create hotspot WLAN to this login page. It must be a valid URL. The ZoneDirector will redirect HTTP requests from all • Under the Configure ---> WLAN section, enter unauthenticated users to this login page. This URL appropriate settings to create a WLAN that uses will be added to the walled garden by the the hotspot service. ZoneDirector automatically. • Name/ESSID: Enter the desired wireless • Start page: The administrator has the option to network name. This is how a hotspot user will allow, after authentication, the hotspot client to be identify your network when connecting redirected to the original URL that the user intended wirelessly. to visit or to another URL. For example: The user originally requested www.google.com, and was • Description: Enter a descriptive name for your redirected to the login page because they were convenience. Type: Choose “Hotspot service” to unauthenticated. After successful authentication if enable the WLAN for hotspot use. “redirect to the URL that the user intends to visit” is selected that user will be redirected to • Authentication: “Open” is the only available www.google.com. option. Authentication will automatically be If “redirect to the following URL” is selected then the handled through the UAM and AAA server. user will be redirected to URL specified in the field (a hotel homepage for example). • Session timeout: If selected, the user is automatically disconnected after session time is elapsed. Re-authentication is required after session timeout. If RADIUS session timeout attribute is included in RADIUS Access Accept for specific user, the user’s maximum session time shall be the value of the attribute.
How to setup WiFi HotSpot service with Ruckus Wireless and FreeRADIUS server RadioJungle AAA RadioJungle AAA RADIUS Setup example 5.1 User creation Opening the management in RadioJungle AAA interface, you can create a new account with user/password and specifing WISPr attributes. • Encryption method: “None” is the default setting and is recommended for most hotspot networks for ease of use. For hotspot networks where encryption is required, WPA/ WPA2 and WEP are supported. Keep in mind the hotspot user will need to enter a valid encryption key fi rst before they can associate to the network, and additionally will need to login to the hotspot service after association. 5.1 User Accounting • Available Hotspot Service: Select the Hotspot Accounting menu shows on the top a summuray Service you created earlier. of all user’s sessions and in the bottom a detailed row of each session for selected user. 4.6 Configure Group Roles • Under the Confi gure ---> Roles, make sure that the role that your users belong to are allowed access either to all WLANs, or at least to the specific hotspot WLAN you just created. 3TSolutions srl © - Registered Office Via Enrico Fermi, 3 - 20060 Bussero (MI) Italy info@3ts.it

Recommended

Managing HotSpot Clients With FreeRadius
Managing HotSpot Clients With FreeRadiusManaging HotSpot Clients With FreeRadius
Managing HotSpot Clients With FreeRadius
Dashamir Hoxha
 
Atm Industry For VN
Atm Industry For VNAtm Industry For VN
Atm Industry For VN
Phi Jack
 
Zylstrategy Presentation Wifi@Rail (Bwcs, London, Jun08)
Zylstrategy Presentation Wifi@Rail (Bwcs, London, Jun08)Zylstrategy Presentation Wifi@Rail (Bwcs, London, Jun08)
Zylstrategy Presentation Wifi@Rail (Bwcs, London, Jun08)
zylstra
 
"Apps - What's your Strategy?" 28th Jan '10
"Apps - What's your Strategy?" 28th Jan '10"Apps - What's your Strategy?" 28th Jan '10
"Apps - What's your Strategy?" 28th Jan '10
mashup* Event
 
OneZone: Toronto metro-WiFi network overview
OneZone: Toronto metro-WiFi network overviewOneZone: Toronto metro-WiFi network overview
OneZone: Toronto metro-WiFi network overview
Phil Vlach
 
How to Setup ATM Business in India
How to Setup ATM Business in IndiaHow to Setup ATM Business in India
How to Setup ATM Business in India
MyOnlineCA.in
 
ALTO Network Profile 2017
ALTO Network Profile 2017ALTO Network Profile 2017
ALTO Network Profile 2017
Ikhsan F. Perdana
 
Wifi Presentation
Wifi PresentationWifi Presentation
Wifi Presentation
Momentum Plus
 

Recommended

Managing HotSpot Clients With FreeRadius
Managing HotSpot Clients With FreeRadiusManaging HotSpot Clients With FreeRadius
Managing HotSpot Clients With FreeRadius
Dashamir Hoxha
 
Atm Industry For VN
Atm Industry For VNAtm Industry For VN
Atm Industry For VN
Phi Jack
 
Zylstrategy Presentation Wifi@Rail (Bwcs, London, Jun08)
Zylstrategy Presentation Wifi@Rail (Bwcs, London, Jun08)Zylstrategy Presentation Wifi@Rail (Bwcs, London, Jun08)
Zylstrategy Presentation Wifi@Rail (Bwcs, London, Jun08)
zylstra
 
"Apps - What's your Strategy?" 28th Jan '10
"Apps - What's your Strategy?" 28th Jan '10"Apps - What's your Strategy?" 28th Jan '10
"Apps - What's your Strategy?" 28th Jan '10
mashup* Event
 
OneZone: Toronto metro-WiFi network overview
OneZone: Toronto metro-WiFi network overviewOneZone: Toronto metro-WiFi network overview
OneZone: Toronto metro-WiFi network overview
Phil Vlach
 
How to Setup ATM Business in India
How to Setup ATM Business in IndiaHow to Setup ATM Business in India
How to Setup ATM Business in India
MyOnlineCA.in
 
ALTO Network Profile 2017
ALTO Network Profile 2017ALTO Network Profile 2017
ALTO Network Profile 2017
Ikhsan F. Perdana
 
Wifi Presentation
Wifi PresentationWifi Presentation
Wifi Presentation
Momentum Plus
 
Atm
AtmAtm
Atm
Vinoth Kumar
 
Employee Engagement Wifi Model
Employee Engagement Wifi ModelEmployee Engagement Wifi Model
Employee Engagement Wifi Model
Laurence Yap M.A. (UM) CHRM
 
Service Provider Wi-Fi
Service Provider Wi-FiService Provider Wi-Fi
Service Provider Wi-Fi
Cisco Canada
 
Indonesia ina002 1366687034
Indonesia ina002 1366687034Indonesia ina002 1366687034
Indonesia ina002 1366687034
Nurul Yakin
 
Secure Business WiFi
Secure Business WiFiSecure Business WiFi
Secure Business WiFi
Kim Devins
 
Business Case for Providing Public WiFi
Business Case for Providing Public WiFiBusiness Case for Providing Public WiFi
Business Case for Providing Public WiFi
Chad Williams
 
WIFI Solution for Service Provider
WIFI Solution for Service ProviderWIFI Solution for Service Provider
WIFI Solution for Service Provider
Ritthikrai Khunthaveeramongkol
 
Exercises menu and restaurant phrases - with answer key
Exercises menu and restaurant phrases - with answer keyExercises menu and restaurant phrases - with answer key
Exercises menu and restaurant phrases - with answer key
Alberto
 
Monetizing Wi-Fi Networks
Monetizing Wi-Fi NetworksMonetizing Wi-Fi Networks
Monetizing Wi-Fi Networks
Douglas Peris
 
Steve Chung Ruckus Wireless Presentation CommsDay 2014
Steve Chung Ruckus Wireless Presentation CommsDay 2014Steve Chung Ruckus Wireless Presentation CommsDay 2014
Steve Chung Ruckus Wireless Presentation CommsDay 2014
Veronica Kennedy-Good
 
WiFi for Events - a guide to getting it right
WiFi for Events - a guide to getting it rightWiFi for Events - a guide to getting it right
WiFi for Events - a guide to getting it right
Randle Stonier
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
ChristopherTHyatt
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Remote DBA Services
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 

More Related Content

Viewers also liked

Indonesia ina002 1366687034
Indonesia ina002 1366687034Indonesia ina002 1366687034
Indonesia ina002 1366687034
Nurul Yakin
 
Exercises menu and restaurant phrases - with answer key
Exercises menu and restaurant phrases - with answer keyExercises menu and restaurant phrases - with answer key
Exercises menu and restaurant phrases - with answer key
Alberto
 

Viewers also liked (11)

Atm
AtmAtm
Atm
 
Employee Engagement Wifi Model
Employee Engagement Wifi ModelEmployee Engagement Wifi Model
Employee Engagement Wifi Model
 
Service Provider Wi-Fi
Service Provider Wi-FiService Provider Wi-Fi
Service Provider Wi-Fi
 
Indonesia ina002 1366687034
Indonesia ina002 1366687034Indonesia ina002 1366687034
Indonesia ina002 1366687034
 
Secure Business WiFi
Secure Business WiFiSecure Business WiFi
Secure Business WiFi
 
Business Case for Providing Public WiFi
Business Case for Providing Public WiFiBusiness Case for Providing Public WiFi
Business Case for Providing Public WiFi
 
WIFI Solution for Service Provider
WIFI Solution for Service ProviderWIFI Solution for Service Provider
WIFI Solution for Service Provider
 
Exercises menu and restaurant phrases - with answer key
Exercises menu and restaurant phrases - with answer keyExercises menu and restaurant phrases - with answer key
Exercises menu and restaurant phrases - with answer key
 
Monetizing Wi-Fi Networks
Monetizing Wi-Fi NetworksMonetizing Wi-Fi Networks
Monetizing Wi-Fi Networks
 
Steve Chung Ruckus Wireless Presentation CommsDay 2014
Steve Chung Ruckus Wireless Presentation CommsDay 2014Steve Chung Ruckus Wireless Presentation CommsDay 2014
Steve Chung Ruckus Wireless Presentation CommsDay 2014
 
WiFi for Events - a guide to getting it right
WiFi for Events - a guide to getting it rightWiFi for Events - a guide to getting it right
WiFi for Events - a guide to getting it right
 

Recently uploaded

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Recently uploaded (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Wifi hotspot ruckus with freeradius radiojungle aaa

  • 1. How to setup WiFi HotSpot service with Ruckus Wireless and FreeRADIUS server RadioJungle AAA Introduction • Walled garden: The purpose of the walled garden is to let unauthenticated users access This document describes how ZoneDirector support online registration, payment services, or other Wi-Fi hotspot service with Radio Jungle AAA through websites (such as a hotel reservation page) WISPr based features: universal authentication without needing to login first. All other sites are method or UAM (browser based login at a captive off limits. portal). • WISPr and Hotspot Service: For our RadioJungle AAA appliance is a highly flexible and implementation of hotspot service is based on configurable RADIUS server based on FreeRADIUS WISPr. In this document, WISPr Service and v2.x with web-based management GUI developed by Hotspot Service are interchangeable. In some 3TSolutions s.r.l. sense, hotspot is generic while WISPr is technically defined. RadioJungle AAA provides the professional and easy to use solution to control your network access and How a Wi-Fi Hotspot Works track the activities of users in the network. 1. Hotspot client associates with the hotspot Terminology WLAN (which is typically open). • Hotspot client: A wireless client (device) associating with (which is typically encrypted) hotspot service. • Hotspot user: A human being using the hotspot service on the hotspot client. • Login page: The web page which is hosted on an external Hotspot WLAN HTTP server for user login. • Logout page: The web page which is hosted on an 2. The hotspot user tries to browse the web on external HTTP server for user logout. the hotspot client by going to www.google.com • WISP: Wireless Internet Service Provider. • UAM (Universal Authentication Method): The UAM allows a subscriber to access and login to WISP services with just a Wi-Fi network interface and Internet browser on the user’s device. • Authenticated users: The users who pass the authentication. • Unauthenticated users: The users who have not passed authentication or have failed authentication.
  • 2. How to setup WiFi HotSpot service with Ruckus Wireless and FreeRADIUS server RadioJungle AAA 3. The hotspot user is re-directed to the 3TSolutions ZoneDirector Setup Web Portal server by the Ruckus ZoneDirector. 4.1 Requirements • External Web Server (Apache, IIS or equivalent) with a properly configured login portal page (if interested in 3TSolutions Captive Portal please contact us by email). • RADIUS authentication and accounting server (RADIUS RJAAA is recommended). 4.2 Configure AAA server on the ZoneDirector • Under the Configure ---> AAA server sections, enter appropriate settings for your AAA server 4. After the hotspot user types in authentication and for your RADIUS Accounting server. information, the information is sent to the UAM RJAAA is also available as Remote RADIUS server on the Ruckus ZoneDirector (1), the server. ZoneDirector then sends the access request to the RADIUS server RJAAA (2), the RADIUS server RJAAA then responds back to the ZoneDirector with an accept/reject message (3). 4.3 Configure RADIUS accounting server 5. After the user is authenticated, they will be on the ZoneDirector redirected to their original web page they requested. • Under the Configure ---> AAA server sections, Optionally, administrators can redirect them to another enter appropriate settings for your RADIUS appropriate web page (such as an airport homepage accounting server. for example).
  • 3. How to setup WiFi HotSpot service with Ruckus Wireless and FreeRADIUS server RadioJungle AAA 4.4 Create a hotspot service • Idle timeout: If selected, the user is automatically disconnected if there is no traffic • Under the Configure ---> Hotspot services section, between the client and AP for specifi ed amount enter appropriate settings to create the new hotspot of time. Re-authentication is required after idle service. timeout. The idle timeout period is implemented at 10-minute intervals. If you set idle timeout to 12 minutes, ZoneDirector will terminate sessions that are idle for 20 minutes. Likewise, if you set idle timeout to 5 minutes, ZoneDirector will terminate sessions that are idle for 10 minutes. If RADIUS idle timeout attribute is included in RADIUS Access Accept, the user’s maximum idle time shall be the value of the attribute. • Authentication server: Choose the AAA server you confi gured earlier. • Accounting server: Choose the RADIUS accounting server you configured earlier. Choose an interim-update interval between 2- 120 minutes. The interim-update interval determines how often the ZoneDirector sends updates to the RADIUS accounting server. If An example of Captive portal is available at using a RADIUS accounting server, note that the 3TSolutions Web site following information is tracked: Login/logout timestamp, Total session time, Bytes • Name: Enter a descriptive name for the hotspot sent/received, Packets sent/received. service here. • Login Page: Unauthenticated users are redirected 4.5 Create hotspot WLAN to this login page. It must be a valid URL. The ZoneDirector will redirect HTTP requests from all • Under the Configure ---> WLAN section, enter unauthenticated users to this login page. This URL appropriate settings to create a WLAN that uses will be added to the walled garden by the the hotspot service. ZoneDirector automatically. • Name/ESSID: Enter the desired wireless • Start page: The administrator has the option to network name. This is how a hotspot user will allow, after authentication, the hotspot client to be identify your network when connecting redirected to the original URL that the user intended wirelessly. to visit or to another URL. For example: The user originally requested www.google.com, and was • Description: Enter a descriptive name for your redirected to the login page because they were convenience. Type: Choose “Hotspot service” to unauthenticated. After successful authentication if enable the WLAN for hotspot use. “redirect to the URL that the user intends to visit” is selected that user will be redirected to • Authentication: “Open” is the only available www.google.com. option. Authentication will automatically be If “redirect to the following URL” is selected then the handled through the UAM and AAA server. user will be redirected to URL specified in the field (a hotel homepage for example). • Session timeout: If selected, the user is automatically disconnected after session time is elapsed. Re-authentication is required after session timeout. If RADIUS session timeout attribute is included in RADIUS Access Accept for specific user, the user’s maximum session time shall be the value of the attribute.
  • 4. How to setup WiFi HotSpot service with Ruckus Wireless and FreeRADIUS server RadioJungle AAA RadioJungle AAA RADIUS Setup example 5.1 User creation Opening the management in RadioJungle AAA interface, you can create a new account with user/password and specifing WISPr attributes. • Encryption method: “None” is the default setting and is recommended for most hotspot networks for ease of use. For hotspot networks where encryption is required, WPA/ WPA2 and WEP are supported. Keep in mind the hotspot user will need to enter a valid encryption key fi rst before they can associate to the network, and additionally will need to login to the hotspot service after association. 5.1 User Accounting • Available Hotspot Service: Select the Hotspot Accounting menu shows on the top a summuray Service you created earlier. of all user’s sessions and in the bottom a detailed row of each session for selected user. 4.6 Configure Group Roles • Under the Confi gure ---> Roles, make sure that the role that your users belong to are allowed access either to all WLANs, or at least to the specific hotspot WLAN you just created. 3TSolutions srl © - Registered Office Via Enrico Fermi, 3 - 20060 Bussero (MI) Italy info@3ts.it