ZyXEL Communications UAG4100 Application Note
  1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Gateway
  5. UAG4100
  6. Application note
ZyXEL Communications UAG4100 Application Note

ZyXEL Communications UAG4100 Application Note

Unified access gateway
Hide thumbs Also See for UAG4100:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual
www.zyxel.com
Unified Access Gateway
Application Note
May. 2017
Copyright © 2017 Zyxel Communications Corporation

Advertisement

Table of Contents
loading

Related Manuals for ZyXEL Communications UAG4100

Summary of Contents for ZyXEL Communications UAG4100

  • Page 1 Unified Access Gateway Application Note May. 2017 Copyright © 2017 Zyxel Communications Corporation...
  • Page 2 www.zyxel.com...

  • Page 3: Table Of Contents

    www.zyxel.com Table of Contents Scenario 1 – Activate a Paid Access Hotspot ................3 Print ticket to access the Internet ....................4 Pay with PayPal payment service to access the Internet ........... 8 Scenario 2 – Activate a Free Access Hotspot ................13 User Agreement ..........................

  • Page 4: Scenario 1 - Activate A Paid Access Hotspot

    Internet, there are two ways to achieve this on the UAG4100. One method is by using a printer, and the other method is the PayPal payment service. As for the printer, customers can purchase tickets that are generated by the thermal printer, from the reception desk.

  • Page 5: Print Ticket To Access The Internet

    www.zyxel.com 2) Customer can pay with PayPal or buy tickets from the reception to access the Internet. Print ticket to access the Internet Step 1: Configure the Printer Manager GUI (1) Configuration > Printer Manager > check General > Edit port with printer: 9100.
  • Page 6 www.zyxel.com Step 2: Configuration > Monitor > Printer Status > check the Status with “sync success“...
  • Page 7 www.zyxel.com Step 3: Select Configuration > Printer Manager > check Printout Configuration > you can choose Use Customized Printout Configuration to upload a customized printout configuration. Then you can customize the ticket information by downloading the example and modifying the ticket.
  • Page 8 www.zyxel.com Step 4: Configuration > Printer Manager > check Printout Configuration > you can choose Use Default or Customized Printout Configuration > Preview: click Printout Preview > a pop=up window will be displayed with the Default printout configuration or the Customized printout configuration ticket format for preview.

  • Page 9: Pay With Paypal Payment Service To Access The Internet

    www.zyxel.com Pay with PayPal payment service to access the Internet Step 1: Configuration > Billing > Payment Service > Enable Payment Service > Enter the seller Account and Identity Token. Step 2: Test the dynamic account to pay the bill by payment function (1) Open the Login page after enabling the payment function.
  • Page 10 www.zyxel.com (2) Click the link on the screen > then the page will redirect you to the billing profile page.
  • Page 11 www.zyxel.com (3) As the test, you can Select 3 hour billing profile > click OK > then the device will redirect you to the PayPal authentication page. (4) After logging into the PayPal page, you can check your order.
  • Page 12 www.zyxel.com (5) After clicking on the Agree and Continue button > then you can click on the Pay Now button to pay the bill. (6) After clicking on the Pay Now button > PayPal will display a pop-up window to the following web page > and then redirect the login information to you after 10 seconds.
  • Page 13 www.zyxel.com (7) You can see the login username and password on the screen. (8) Then you can login to the device with the username and password during the allocated time period.

  • Page 14: Scenario 2 - Activate A Free Access Hotspot

    The UAG4100 can authenticate people by forcing them to receive an authentication code via SMS on their phone. In this way, the UAG4100 can authorize user Internet access via their mobile phone number and keep track of the device in case of illegal activities via the hotspot.
  • Page 15 www.zyxel.com Free Time...

  • Page 16: User Agreement

    www.zyxel.com Network Conditions WAN: 10.59.3.54 LAN 1: 172.16.0.1/255.255.0.0 User’s laptop: 172.16.2.0 Goals to Achieve (1) Users must fill-in their personal information and accept the service usage agreement before they can access the Internet. After the form is submitted, the advertisement webpage will pop-up in a new window. (2) Allow any user to get account information by SMS and use the Internet free of charge for a limited time.
  • Page 17 www.zyxel.com Step 2: Configuration > Advertisement (1) Enable Advertisement. (2) Add the URL of the website.

  • Page 18: Verification

    www.zyxel.com Verification 1. When the user opens the browser, he/she will be redirected to the user agreement page. Fill-in all the required information and click “Agree”. 2. Click “OK” and then the user can access the Internet.

  • Page 19: Free Time

    www.zyxel.com 3. The advertisement webpage will be displayed in a new window as the first page whenever the user connects to the Internet. Free Time Task . Enable SMS service on the UAG and select SMS as the delivery method in Free Time.
  • Page 20 www.zyxel.com Fill in all the required information. After the form has been submitted, the account information will be sent to your Email address.
  • Page 21 www.zyxel.com Purchase SMS credits Fill in the prepaid plan and your mobile number. The activation code will be sent to your mobile phone number.
  • Page 22 www.zyxel.com Enter the activation code to proceed to make payment. Fill in the credit card information to complete the payment.
  • Page 23 www.zyxel.com Payment is complete. Step 2: After the ViaNett account is ready, go to Configuration > SMS (1) Enable SMS. (2) Fill-in your local phone country code as the default country code. (3) Add authentication policy for every source.
  • Page 24 www.zyxel.com Step 3: Configuration > Free Time (1) Enable Free Time and set up the free time period. By default, the Reset time will be at AM 00:00. You can also setup how many times a MAC address can access the Internet. (2) Select “SMS”...

  • Page 25: Verification

    www.zyxel.com Verification 1. Users will be redirected to the login page before being permitted to access the Internet. Click on the link to get a free account. 2. Select the “Free Time” on the screen and submit your mobile phone number.
  • Page 26 www.zyxel.com 3. The account and password will be sent to your mobile phone. 4. Check your account information.
  • Page 27 www.zyxel.com 5. Fill-in the account information received on your mobile phone and click “Login”. 6. You can start to access the Internet.

  • Page 28: Scenario 3 - Bwm Controls Trial And Billing Users

    LAN2: 172.17.0.1 Goal to Achieve UAG4100 can support adding of rules on the device to control different user types by the BWM function for controlling the bandwidth based on a user account. Task 1: Add the AP profiles on the device.
  • Page 29 www.zyxel.com Add the other SSID for Billing users. Go to Configuration > Object > AP Profile > Radio to Broadcast these two SSIDs via the 2.4 GHz and 5 GHz radios.
  • Page 30 www.zyxel.com Task 2: Enable the Free Time function on the device. Step 1: Go to Configuration > Free time page to enable the Free time function (you can configure the duration and how many times that user can access the Internet for free).
  • Page 31 www.zyxel.com Task 3: Add the Billing profiles on the device. Step 1: Go to Configuration > Billing > Billing profile page to add the billing profile. Ex: 1 hour = 1€, 2 hours = 2€, 3 hours= 3€...
  • Page 32 www.zyxel.com Step 2: Go to Configuration > Billing> General page to check the general setting of the billing function. Ensure that the accounting method type and currency settings are correct Add the SSID profile in the general setting.
  • Page 33 www.zyxel.com Task 4: Configuring the Payment service page. Ensure that the Payment service has already been configured correctly. Task 5: Add the policy to limit the user bandwidth via the BWM function. Step 1: Go to Configuration > BWM > Add the policy to limit the Bandwidth by user type.
  • Page 34 www.zyxel.com Billing-Users, Inbound=2000 Kbps, Out bound=2000 Kbps, Priority =1 Enable BWM function. Task 6: Enable the web authentication policy on the device. Go to Configuration > Web Authentication > Web Authentication > Web Portal. Enable web authentication policy to force LAN2 user to authentication with the device.
  • Page 35 www.zyxel.com Task 7: Login to the device via the trial user. Step 1: Click on the link to get a dynamic user account. Step 2: After clicking on the link on the login page, the device will redirect the billing profile to you.
  • Page 36 www.zyxel.com...
  • Page 37 www.zyxel.com Step 3: Then device will display a pop-up window with the user name and password. Or you can click on the “Login Now” button to login to device directly. Step 4: Visit the website “http://www.speedtest.net/” to test the speed. The test result is around 1 Mbps, which is the same as our setup.
  • Page 38 www.zyxel.com Task 7: Login to device via the billing-user, and test the speed. Step 1: Click on the link to get a dynamic account to access the Internet. Step 2: Select the 1-hour profile to test this.
  • Page 39 www.zyxel.com Step 3: Then device will display the PayPal page in pop-up window. Please enter the correct user name and password in the fields, and then click on the “Log in” button on the browser. PayPal will show you the balance. Then you can click on the “Pay Now” button.
  • Page 40 www.zyxel.com Step 4: After you click on the “Pay Now” button, PayPal will redirected the user name and password to you. You can then click on the “Login now” button to directly access the Internet. Step 5: Visit the website “http://www.speedtest.net/” to test the Speed. The test result is around 2 Mbps, which is the same as our setup.

  • Page 41: Scenario 4 - Layer 2 Isolation And White List

    Layer2 Isolation function. We can prevent the clients from accessing each other’s laptops. And by using a White list, we can also manage the clients as well as access the online printer. Network Conditions UAG4100: LAN 1: 172.16.0.1/255.255.0.0 Printer IP: 172.16.1.1 Client 1’s laptop: 172.16.1.2 Client 2’s laptop: 172.16.2.0...
  • Page 42 Task 1. Enable the “Layer2 Isolation” function to prevent internal users from connecting with each other. Step 1: Connect the Printer on the UAG4100 Lan1, and ensure that the client’s laptop is also in the same Lan1 subnet. Printer IP address:...
  • Page 43 www.zyxel.com Step 2: Since the Layer2 Isolation function only takes effect if the firewall is enabled, therefore, you have to enable firewall first. Configuration > Network > Firewall > Enable Firewall Step 3: Configuration > Network > Layer 2 Isolation (1) Enable Layer 2 Isolation.
  • Page 44 www.zyxel.com Verification Client2’s laptop cannot connect to the online printer (172.16.1.1), and Client1’s laptop (172.16.1.2).
  • Page 45 www.zyxel.com Task 2. Use the White List function to manage the client’s side, as well as the ability to access the online printer. Step 1: Using IP/MAC Binding to make sure the Printer IP is correct host. Configuration > Network > IP/MAC Binding > lan1 (1) Enable IP/MAC Binding.
  • Page 46 www.zyxel.com Verification Client2’s laptop can connect to the online Printer (172.16.1.1) that is in the White List, but still cannot connect to the client1’s laptop (172.16.1.2).

  • Page 47: Scenario 5 - Send The System Log To A Remote Syslog Server And Usb Device

    Internet connection. The administrator can use these reports as a troubleshooting reference. In this scenario, we demonstrate how the UAG4100 exports system logs to a Kiwi syslog server and a USB device connected to the UAG4100.

  • Page 48: Remote Syslog Server

    Task . Install Kiwi syslog server on the PC and send log information to Kiwi syslog server. Step 1: Install Kiwi syslog server on the PC and connect the PC to LAN of the UAG4100. This is the website for the Kiwi syslog server:...
  • Page 49 www.zyxel.com Step 2: Configuration > Log & Report > Log Settings and click on “Remote Server 1” to edit the log in the Kiwi syslog server. Step 3: Type the server name or the IP address of the Kiwi syslog server and check “Active”...
  • Page 50 www.zyxel.com Verification 1. Open the Kiwi syslog server console and click Manage > Start the Syslog service to start syslog service. 2. Go to File > Setup and click “Log to file” to edit the path and file name of the log file.
  • Page 51 www.zyxel.com...

  • Page 52: Usb Device

    USB storage devices with FAT16, FAT32, EXT2, or EXT3 file systems are supported for connection to the USB port of the UAG4100. Also, you have to set a disk full warning limit once the storage space is less than this criterion.
  • Page 53 www.zyxel.com Step 3: Configuration > Log & Report > Log Settings and click on “USB storage” to edit the log on the USB storage setting. Step 4: Check “Duplicate logs to USB storage” and select what information you want to log from each log category. You can simply enable normal logs to save all normal logs to the USB device.
  • Page 54 www.zyxel.com Verification Go to Maintenance > Diagnostics > System Log and click “Download” to view the log.

  • Page 55: Scenario 6 - Manage Multiple Aps Using An Ap Profile

    AP profile to manage and control multiple APs with multiple SSIDs. In this scenario, we use the UAG4100 to control and manage the AP of NWA5123-NI that connects to the UAG4100 LAN2. Since we use different subnets with two SSIDs, we have set up two SSIDs in different VLANs.
  • Page 56 www.zyxel.com Task 1. Configure the VLAN interface to allow two SSIDs that can belong to different VLANs. Step 1: Configuration > Network > Interface > VLAN (1) Add an internal VLAN based on the LAN 2 port, and set the VLAN ID: 10. (2) Set the VLAN interface IP address as 172.88.10.1/24.
  • Page 57 www.zyxel.com (3) Set the DHCP server with the IP Pool Start address from 172.88.10.2. Step 2: Configuration > Network > Interface > VLAN (1) Add an internal VLAN based on the LAN 2 port, and set VLAN ID: 20. (2) Set the VLAN interface IP address as 172.88.20.1/24.
  • Page 58 www.zyxel.com (3) Set the DHCP server with the IP Pool Start address from 172.88.20.2. Task 2. Control the AP by AP Profile to provide an SSID for access. Step 1: Configuration > Object > AP Profile > SSID > Add...
  • Page 59 www.zyxel.com (1) Add the SSID of “VIP” for VIP use. (2) Select the VLAN ID: “10” to connect with VLAN10. (3) Choose VLAN Support as “On”. Step 2: Configuration > Object > AP Profile > SSID > Add another SSID. (1) Add the SSID of “Client”...
  • Page 60 www.zyxel.com Step 3: Configuration > Object > AP Profile > Ratio > you can select default 2.4G or default2 5G by device ratio. (1) Set SSID Profile with “for_VIP” which was configured as the AP profile. (2) Set SSID Profile with “for_client” which was configured as AP profile.
  • Page 61 Verification 1. Connect the NWA5123-NI AP directly under the UAG4100 Lan2 and check Configuration > Wireless > AP Management. (1) Ensure that the UAG4100 can manage and control the NWA5123-NI. (2) Ensure that the the NWA5123-NI AP has got the IP address 172.17.1.1 under LAN 2.
  • Page 62 www.zyxel.com 3. Connect the laptop with SSID “VIP”, and you can get the IP address of 172.88.10.3 under VLAN10 from the AP. 4. Connect the laptop with the SSID “Client”, and you can get the IP address of 172.88.20.3 under VLAN 20 from the AP.

  • Page 63: Scenario 7 -How To Configure Facebook Wi-Fi

    www.zyxel.com Scenario 7 –How to Configure Facebook Wi-Fi The following figure depicts how a business partner links their local business Facebook page and the UAG device together to provide Wi-Fi access to users after interacting with their Facebook accounts. When a user first access the Internet, the UAG device will redirect the browser to the business partner’s Facebook page.

  • Page 64: Configurations

    www.zyxel.com Configurations 1. First, enable web authentication through the UAG’s web GUI. Go to Configuration > Web Authentication > General screen’s Global Setting section. Select the Enable Web Authentication check box. 2. Enable Facebook Wi-Fi and pair up with your page. Go to Configuration >...
  • Page 65 www.zyxel.com 3. Click the Configure button to go to Facebook. Log into your Facebook account on the browser before continuing with the steps below. You can click Create Page or select an existing page to pair up with the UAG. 4.
  • Page 66 www.zyxel.com You can configure the following: Bypass Mode: to allow users to skip check-in for Wi-Fi access. Session Length: sets how long the users can have Wi-Fi access. Add your own Terms of Service. For more information on this screen, please contact Facebook support. 5.

  • Page 67: Verification

    www.zyxel.com Select the Force User Authentication check box and select facebook wi-fi as the Authentication Type. This policy is to ensure that clients must go through Facebook Wi-Fi check-in before having Wi-Fi access. Verification Connect to Wi-Fi and the check-in process should be like this:...

Table of Contents