Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Related Manuals for Nomadix AG-2000W
Summary of Contents for Nomadix AG-2000W
- Page 2 Nomadix AG-2000w ™ Copyright © 2003 Nomadix, Inc. All Rights Reserved. This product also includes software developed by: The University of California, Berkeley and its contributors; Carnegie Mellon University, Copyright © 1998 by Carnegie Mellon University All Rights Reserved; Go Ahead Software, Inc., Copyright © 1999 Go Ahead Software, Inc.
-
Page 3: Product Information
Trademarks symbol, , AG-2000w™, AG-2000wa™ and Nomadix Service Engine™ are trademarks of Nomadix, Inc. All other trademarks and brand names are marks of their respective holders. Product Information Telephone: +1.818.597.1500 Fax: +1.818.597.1502 For technical support information, see the Appendix in this User’s Guide. - Page 4 Nomadix, Inc. makes no warranty, either express or implied, including but not limited to any implied warranties of merchantability and fitness for a particular purpose, regarding the product described herein. In no event shall Nomadix, Inc. be liable to anyone for special, collateral, incidental, or consequential damages in connection with or arising from the use of Nomadix, Inc.
-
Page 5: Table Of Contents
Table of Contents Introduction ......................7 About this User’s Guide ..................... 7 Organization........................ 7 Why Choose Wireless? ....................8 Welcome to the Nomadix AG-2000w and AG-2000wa..........9 Product Definitions....................9 Ensuring Compatibility..................9 Offering Speed and Efficiency ................10 Optimizing Performance..................10 Providing Effective Security ................ - Page 6 Portal Page Redirect ..................22 Port Mapping..................... 23 RADIUS-driven Auto Configuration..............23 RADIUS Client....................23 RADIUS Proxy (not available with the AG-2000w) .......... 24 Remember Me and RADIUS Re-Authentication ..........24 Secure Management................... 24 Secure Socket Layer (SSL)................. 25 Secure XML API ....................26 Session Rate Limiting (SRL) ................
- Page 7 Establishing the Basic Configuration for Subscribers ..........53 Setting the DHCP Options................. 53 Setting the DNS Options ..................55 Archiving Your Configuration Settings..............56 Installing the Nomadix Private MIB................. 57 Chapter 2: System Administration ..............59 Enabling Wireless Connectivity ................59 Choosing a Remote Connection ................60 Using the Web Management Interface (WMI)...........
- Page 8 AG-2000 ™ / AG-2000 ™ OMADIX Network Info Menu ....................110 Displaying ARP Table Entries {ARP} ............. 110 Displaying DAT Sessions {DAT}..............110 Displaying the Host Table {Hosts}..............111 Displaying ICMP Statistics {ICMP}..............111 Displaying the Network Interfaces {Interfaces} ..........112 Displaying the IP Statistics {IP}..............
- Page 9 Establishing Session Rate Limiting {Session Limit}........166 Adding Static Ports {Static Port-mapping Add}..........167 Deleting Static Ports {Static Port-mapping Delete}........169 Updating the AG-2000w Firmware {Upgrade}..........170 Defining the Wireless Configuration {Wireless Configuration} ..... 171 Chapter 3: The Subscriber Interface............. 175 Overview.........................
- Page 10 Private Key Generation ................... 211 Create a Certificate Signing Request (CSR) File ..........214 Create a Public Key File (server.pem) ............215 Setting Up AG-2000w™ for SSL Secure Login ..........218 Setting Up the Portal Page ................219 Mirroring Billing Records ..................219 Sending Billing Records ..................
-
Page 11: Introduction
AG-2000wa products successfully and efficiently. Use this guide to take full advantage of product functionality and features. For convenience, all references in this document are to the AG-2000w when data and procedures are common across the AG-2000w and AG-2000wa products. When information is specific to either product, these instances are clearly highlighted. -
Page 12: Why Choose Wireless
AG-2000 ™ / AG-2000 ™ OMADIX Why Choose Wireless? Wireless Local Area Networks (WLANs) are cellular computer networks that transmit and receive data with radio signals instead of wires. Wireless LANs are used increasingly in both home and office environments, and Public-access locations such as airports, coffee shops and universities. -
Page 13: Welcome To The Nomadix Ag-2000W And Ag-2000Wa
Macintosh, Linux and Windows, and can be easily integrated into a large network. Nomadix AG-2000w By strictly adhering to IEEE standards, the AG-2000w allows users to securely access the data they want, when and where they want it, and enjoy the freedom that wireless networking delivers. -
Page 14: Offering Speed And Efficiency
Internet. By offering transfer rates up to 54 Mbps, the AG-2000w enables large data packets to travel from the router to a remote desktop or roaming laptop PC at up to five times the speed of previous wireless devices. -
Page 15: Providing Effective Security
(Wired Equivalent Privacy). Enabling Flexible Deployment Options The AG-2000w enables a wide variety of network deployment options by supporting IEEE 802.11a/b/g for maximum flexibility in the types of users supported, and the 10/ 100 WAN interface enables connectivity into a variety of backhaul types. -
Page 16: Key Features And Benefits
™ / AG-2000 ™ OMADIX Key Features and Benefits The AG-2000w allows carriers to deploy Wi-Fi service into a wide range of large or small Public-access locations while keeping deployment costs low. Key features and benefits include: Transparent Connectivity Resolving configuration conflicts is difficult and time consuming for network users who are constantly on the move, and costly to the solution provider. -
Page 17: Local Content And Services
Access Control and Authentication The AG-2000w allows for the creation of a unique “Walled Garden” enabling users to access certain predetermined Web sites before they have been authenticated and paid for their service. All traffic to the Internet is blocked until authentication has been completed creating an additional level of security in the network. -
Page 18: 5-Step Service Branding
™ / AG-2000 ™ OMADIX 5-Step Service Branding A network enabled with the Nomadix AG-2000w (or any other Nomadix Access Gateway) offers a 5-Step service branding methodology for Public-access operators and their partners, comprising: Initial Flash Page branding. Initial Portal Page Redirect (Pre-Authentication). Typically, this is used to redirect the user to a venue-specific Welcome and Login page. -
Page 19: Nse Core Functionality
™ OMADIX NSE Core Functionality Powering Nomadix’ family of Access Gateways, the Nomadix Service Engine (NSE) delivers a full range of features needed to successfully deploy Wi-Fi Public-access networks. These “core” features solve issues of connectivity, security, billing, and roaming in a Wi-Fi Public-access network. -
Page 20: Access Control
With the Nomadix Information and Control Console (ICC) feature enabled, subscribers can increase or decrease their own bandwidth dynamically (by the minute, or on an hourly, daily, weekly, or monthly basis), and also adjust the pricing plan for their service (see graphic). -
Page 21: Bridge Mode
Command Line Interface The Command Line Interface (CLI) is a character-based user interface that can be accessed remotely. Until your Nomadix product is up and running on the network, the CLI is the Network Administrator’s window to the system. Software upgrades can... -
Page 22: End User Licensee Count
Take advantage of the comprehensive Nomadix XML API to implement more complex billing plans. Recycle existing Web page content for the centrally hosted portal page. If you choose to use the EWS interface, Nomadix Technical Support can provide you with sample scripts. See also, “Contact Information” on page 227. -
Page 23: Inat
™ OMADIX iNAT™ Nomadix invented a new way of intelligently supporting multiple VPN connections to the same termination at the same time (iNAT™), thus solving a key problem of many Public-access networks. Nomadix’ patent-pending iNAT™ (intelligent Network Address Translation) feature contains an advanced, real-time translation engine that analyzes all data packets being communicated between the private address realm and the public address realm. -
Page 24: Information And Control Console
OMADIX Information and Control Console The Nomadix Information and Control Console (ICC) is a HTML-based pop-up window that is presented to subscribers with their Web browser. The ICC allows subscribers to select their bandwidth and billing options quickly and efficiently from a simple pull-down menu. -
Page 25: International Language Support
AG-2000 ™ / AG-2000 ™ OMADIX International Language Support The NSE allows you to define the text displayed to your users by the IWS without any HTML or ASP knowledge. The language you select determines the language encoding that the IWS instructs the browser to use. See also, “Internal Web Server”... -
Page 26: Mac Filtering
(Submit, Reset, Reboot, Add, Delete, etc.), but operators cannot change any system settings. When Administration Concurrency is enabled, one manager and three operators can access the AG-2000w platform at any one time. NTP Support The NSE supports Network Time Protocol (NTP), an Internet standard protocol that assures accurate synchronization (to the millisecond) of computer clock times in a network of computers. -
Page 27: Port Mapping
Optionally, the RADIUS authentication process and FTP download can be secured by sending the traffic through a peer-to-peer IPSec tunnel established by the Nomadix gateway and terminated at the NOC (Network Operations Center). See also, “Secure... -
Page 28: Radius Proxy (Not Available With The Ag-2000W)
™ / AG-2000 ™ OMADIX RADIUS Proxy (not available with the AG-2000w) The RADIUS Proxy feature relays authentication and accounting packets between the parties performing the authentication process. Different realms can be set up to directly channel RADIUS messages to the various RADIUS servers. This... -
Page 29: Secure Socket Layer (Ssl)
Nomadix gateway using any preferred management protocol, but also the secure management of third party devices (for example, WLAN Access Points and 802.3 switches) on private subnets on the subscriber side of the Nomadix gateway. See also, “Enabling Secure Management {VPN Tunnel}”... -
Page 30: Secure Xml Api
XML enables solution providers to customize and enhance their product installations. This feature allows the operator to use Nomadix' popular XML API using the built-in SSL certificate functionality in the NSE so that parameters passed between the Gateway and the centralized Web server are secured via SSL. -
Page 31: Snmp Nomadix Private Mib
™ OMADIX SNMP Nomadix Private MIB Nomadix’ Access Gateways can be easily managed over the Internet with an SNMP client manager (for example, HP OpenView or Castle Rock). To take advantage of the functionality provided with Nomadix’ private MIB (Management Information Base), simply import the file from the nomadix.mib... -
Page 32: Walled Garden
“Walled Garden” within the Internet where unauthenticated users can be granted or denied access to sites of your choosing. Web Management Interface Nomadix’ Access Gateways can be managed remotely via the built-in Web Management Interface where various levels of administration can be established. See also, “Using the Web Management Interface (WMI)”... -
Page 33: Optional Nse Modules
The NSE outputs a call accounting record to the PMS system whenever a subscriber purchases Internet service and decides to post the charges to their room. Nomadix’ Access Gateways are equipped with a dedicated PMS port to facilitate connectivity with a customer’s Property Management System. -
Page 34: Credit Card Module
The optional High Availability Module offers enhanced network uptime and service availability when delivering high-quality Wi-Fi service by providing Fail-Over functionality. This module allows a secondary Nomadix Access Gateway to be placed in the network that can take over if the primary device fails, ensuring Wi-Fi service remains uninterrupted. -
Page 35: Network Architecture (Sample)
™ OMADIX Network Architecture (Sample) The AG-2000w is an ideal solution for single cell Public-access environments. Other Nomadix products (for example, HotSpot Gateway and Universal Subscriber Gateway II) are more suited to dual cell and multi cell Public-access environments. Introduction... -
Page 36: Product Specifications
OMADIX Product Specifications Specifications UBLIC ACCESS User Support: Nomadix recommends a maximum of 50 users per unit Dynamic Address Translation Home Page Redirection (Pre and Post Authentication) iNAT (for seamless VPN connectivity) SMTP Redirection Full Authorization, Authentication and Accounting Support... - Page 37 AG-2000 ™ / AG-2000 ™ OMADIX Specifications ETWORKING IEEE 802.3 / 3u IEEE 802.1d PoE per IEEE 802.3af DHCP Server DHCP Relay DHCP Client RADIUS Client (MD-5, PAP, CHAP, MS-CHAPv1, v2) PPPoE Client ECURITY 64-bit/128-bit WEP with dynamic keying iNAT MAC Address Filtering and Session Limiting NTENNA 802.11b/g: 2dBi...
- Page 38 FCC Part 15 CE Mark CE/R&TTE: EN301328 / EN301893 / EN301489-1, EN301489-17 VCCI Class B, Telec UL 1950, CSA22.2 No 950, TÜV/GS(EN60950) For further information on the certifications for the AG-2000w product, visit http://www.nomadix.com/downloads. OMPATIBILITY Communicates with all Wi-Fi certified wireless adapters HYSICAL 9.25(L) x 6.25(W) x 1.5(H) inches...
- Page 39 AG-2000 ™ / AG-2000 ™ OMADIX Specifications RANSMITTER UTPUT OWER 11g TX Power Specification: Typical RF Output Power at each Data Rate and at room ° temperature: 25 +13dBm at 54Mbps +15dBm at 48Mbps +17dBm at 36Mbps +18dBm at 24, 18, 12, 9, & 6Mbps ALC loop to control transmit power within 0.9dB tolerance in room temperature 11b TX Power Specification:...
-
Page 40: Online Help (Webhelp)
Internet Explorer or Netscape Navigator (see note). WebHelp is best viewed using Internet Explorer, version 4.0 or higher. WebHelp is useful when you have an Internet connection to the AG-2000w and you want to access information quickly and efficiently. It contains all the information you will find in this User’s Guide. -
Page 41: Chapter 1: Installing The Ag-2000W
OMADIX Installing the AG-2000w This chapter provides installation instructions for the hardware and software components of the AG-2000w. It also includes an overview of the management interface, some helpful hints for system administrators, and procedures for the following tasks: Connecting the system. -
Page 42: Unpacking The Ag-2000W
Rubber feet Protective cardboard ends AG-2000w or AG-2000wa unit End User License Agreement (EULA) Accessories CD-ROM (containing this User’s Guide, README file, Quick Start Guide, NOMADIX private MIB file, and any other useful accessories. Customer welcome letter Installing the AG-2000w... -
Page 43: Installation Workflow
AG-2000w successfully. Review this flowchart before attempting to install the AG-2000w on the customer’s network. Place the AG-2000w on a flat and stable work surface and connect the power cord. Connect the AG-2000w to a “live” network. Start a Telnet session to communicate with the AG-2000w via the product’s IP address (172.30.30.172) or its default DHCP address. -
Page 44: Connecting The System
Use this procedure to connect the system. See also, “Installation Considerations” on page Place the AG-2000w on a flat and stable work surface. Connect the system (see graphic), including the power cord and adapter, and Ethernet cable. to Power Cord... -
Page 45: Installation Considerations
OMADIX Installation Considerations Designed with an indoor range of up to 328 feet (100 meters), the AG-2000w wireless gateway allows you to access your network using a wireless connection from virtually anywhere. However, the number, thickness and location of walls, ceilings or other objects that the wireless signals must pass through may limit the range. -
Page 46: Logging In To The Command Line Interface
If this is an initial installation which requires the AG-2000w to receive a license key from the Nomadix License Key Server, you must accept the End User License Agreement (EULA). -
Page 47: The Management Interfaces (Cli And Web)
Command Line Interface (CLI). The CLI is the administrator’s initial window to the system. This is where you establish all the AG-2000w start-up configuration parameters, depending on the customer’s network architecture. The AG Menu is your starting point. From here, you access all the system administration items from the four primary menus available: configuration, network info, subscribers, and system. -
Page 48: Menu Organization (Web Management Interface)
OMADIX Menu Organization (Web Management Interface) When you have successfully installed and configured the AG-2000w from the CLI, you can then access the AG-2000w from its embedded Web Management Interface (WMI). The WMI is easier to use (point and click) and includes some items not found in the CLI. -
Page 49: Inputting Data - Maximum Character Lengths
Label (billing options plan) Location settings (all fields) Partner Image File Name Password (adding subscriber profiles) Port Description (finding ports by description) Redirection Frequency (in minutes) 2,147,483,647 (recommend 3600) Reservation Number Username (adding subscriber profiles) Valid SSL Certificate DNS Name Installing the AG-2000w... -
Page 50: Online Documentation And Help
Help system Other online documentation resources, available from our corporate Web site (www.nomadix.com), include a full PDF version of this User’s Guide (viewable with Acrobat™ Reader, version 4.0 or higher), white papers, technical notes, and business cases. The PDF version of this User’s Guide and associated README files are also available on the “Accessories”... -
Page 51: Establishing The Start Up Configuration
Web Management Interface, an SNMP client manager of your choice, or a simple Telnet interface. The start up configuration must be established before connecting the AG-2000w to a customer’s network. The “start up” configuration settings include: Assigning a Login Name and Password –... -
Page 52: Assigning Login User Names And Passwords
Add, Delete, etc.), but operators cannot change any system settings. When Administration Concurrency is enabled, one manager and three operators can access the AG-2000w at any one time (the default setting for this feature is “disabled”). Enter (system) at the AG Menu. -
Page 53: Setting The Snmp Parameters (Optional)
OMADIX Setting the SNMP Parameters (optional) You can address the AG-2000w using an SNMP client manager (for example, HP OpenView). SNMP is the standard protocol that regulates network management over the Internet. To do this, you must set up the SNMP communities and identifiers. For more information about SNMP, see “Using an SNMP Manager”... -
Page 54: Enabling The Logging Options (Recommended)
IP addresses. When system logging is enabled, the standard SYSLOG protocol (UDP) is used to send all message logs generated by the AG-2000w to the specified server. Enter (logging) at the Configuration menu. -
Page 55: Assigning The Location Information And Ip Addresses
IP address, the subnet mask, and the default gateway IP address. All of these “location” parameters must be set up as part of the system’s start up configuration (otherwise the AG-2000w will not be “visible” on the network). - Page 56 Default gateway IP 192.168.0.1 Rebooting ... Your new settings are displayed and the AG-2000w reboots. When the system restarts, the Telnet interface is enabled (based on your new configuration settings which are saved to the AG-2000w’s on-board flash memory). Go to “Establishing the Basic Configuration for Subscribers”...
-
Page 57: Establishing The Basic Configuration For Subscribers
Most users have DHCP capability on their computer. To enable this service on the AG-2000w, you can either enable the DHCP relay (routed to an external DHCP server IP address), or you can enable the AG- 2000w to act as its own DHCP server. - Page 58 When assigning a DHCP Relay Agent IP address for the DHCP Relay, ensure that the IP address you use does not conflict with devices on the network side of the AG-2000w. Although you cannot enable the DHCP relay and the DHCP service at the same time, it is possible to “disable”...
-
Page 59: Setting The Dns Options
The system displays the current domain (the default is “nomadix”). Enter a valid domain name (the Internet domain that DNS requests will utilize). Enter the host name (the DNS name of the AG-2000w). The host name must not contain any spaces. -
Page 60: Archiving Your Configuration Settings
URLs into the correct IP addresses automatically. Archiving Your Configuration Settings Once you have installed your AG-2000w and established the configuration settings, you should write the settings to an archive file. If you ever experience problems with the system, your archived settings can be restored at any time. -
Page 61: Installing The Nomadix Private Mib
Procedure Import the nomadix.mib file into your SNMP client manager. Connect to the AG-2000w from a node on the network that is accessible via the AG-2000w’s network port. Be sure to enable the SNMP daemon on the AG- 2000w (available on the CLI or Web Management Interface, under the Configuration menu –... - Page 62 AG-2000 ™ / AG-2000 ™ OMADIX Notes Use this page for your notes. Installing the AG-2000w...
-
Page 63: Chapter 2: System Administration
802.11a wireless standard at speeds up to 54 Mbps—effectively eliminating interference by other devices that may be operating in the 2.4 GHz frequency range. Before you can use your AG-2000w in a wireless environment, you must configure the unit for wireless connectivity. To configure the AG-2000w using the product’s embedded Web Management Interface, go to “Defining the Wireless Configuration... -
Page 64: Choosing A Remote Connection
– allowing remote “Windows” management using an SNMP client manager (for example, HP OpenView). However, before you can use SNMP to access the AG-2000w, you must set up the appropriate SNMP communities. For more information, refer to “Managing the SNMP Communities {SNMP}”... -
Page 65: Using An Snmp Manager
Using an SNMP Manager Once the SNMP communities are established, you can connect to the AG-2000w via the Internet using an SNMP client manager (for example, HP OpenView). SNMP is the standard protocol used in the Network Management (NM) system. This system contains two primary elements: –... -
Page 66: Using A Telnet Client
™ OMADIX Using a Telnet Client There are many Telnet clients that you can use to connect with the AG-2000w. Using Telnet provides a simple terminal emulation that allows you to see and interact with the AG-2000w’s Command Line Interface. -
Page 67: Configuration Menu
Defining the AAA Services {AAA} This procedure shows you how to set up the AAA (Authentication, Authorization, and Accounting) service options. AAA Services are used by the AG-2000w to authenticate, authorize, and subsequently bill subscribers for their use of the customer’s network. - Page 68 XML (eXtensible Markup Language) is used by the AG-2000w’s subscriber management module for port location and user administration. Enabling the XML interface allows the AG-2000w to accept and process XML commands from an external source. XML commands are sent over the network to the AG- 2000w.
- Page 69 – The IWS is “flashed” into the system’s memory and the subscriber’s login page is served directly from the AG-2000w. In this mode, the login page consists of a simple request for the subscriber’s ID (user name) and password. Enabling AAA Services with an External Web Server –...
-
Page 70: Enabling Aaa Services With The Internal Web Server
OMADIX Enabling AAA Services with the Internal Web Server You are here because you want to enable the AAA Services with the AG-2000w’s Internal Web Server. The AG-2000w maintains an internal database of authorized subscribers, based on their MAC (hardware address) and user name (if enabled). By referring to its database record, also known as an authorization table, the AG-2000w instantly recognizes new subscribers on the network. - Page 71 206. SSL support allows for the creation of an end-to-end encrypted link between the AG-2000w and its clients by enabling the Internal Web Server (IWS) to display pages under a secure link—important when transmitting AAA information in a network. Adding SSL support to the AG-2000w requires service providers to obtain digital certificates from VeriSign™...
- Page 72 Credit Card Service enabled, subscribers are prompted for their credit card information (for billing purposes). The AG-2000w is configured to use either Authorize.net or Chainfusion (selected from a pull-down menu). You will need to open a merchant account with Authorize.net, Chainfusion or Datacenter (Luxembourg) before this feature can be used.
-
Page 73: Enabling Aaa Services With An External Web Server
External Web Server After enabling the External Web Server you must enter a Secret Key. The Secret Key ensures that the response the AG-2000w gets from the EWS is valid. Enter the (The AG-2000w and the external authorization server must... - Page 74 AG-2000 ™ / AG-2000 ™ OMADIX You can assign a session idle timeout parameter for subscribers (see following note). To assign an idle timeout, simply enter a numeric value (in seconds) in the box (the default is 1200). Subscriber Idle Timeout Subscriber Idle Timeout does not apply to RADIUS subscribers.
-
Page 75: Establishing Secure Administration {Access Control
“Source IP” list contained on the AG-2000w. If a match is not made with the “Source IP list,” the login is denied, even if a correct login name and password are supplied. The access control list for source IPs supports up to 50 (fifty) entries in the form of a specific IP address or range of IP addresses. - Page 76 Do not enable the blocking of all interfaces without setting up and enabling SNMP. Enabling the blocking of all interfaces and disabling SNMP will completely block access to the AG-2000w administration interface. For assistance, contact Nomadix Technical Support. Click the check box for...
-
Page 77: Defining Automatic Configuration Settings {Auto Configuration
™ / AG-2000 ™ OMADIX Defining Automatic Configuration Settings {Auto Configuration} The AG-2000w allows you to define parameters to enable the automatic configuration of the system. See also: “RADIUS-driven Auto Configuration” on page From the Web Management Interface, click on... -
Page 78: Enabling Auto Configuration
Nomadix devices: A flow of RADIUS Authentication Request and Reply messages between the Nomadix gateway and the centralized RADIUS server that specifies the location of the meta configuration file (containing a listing of the individual configuration files and their download frequency status) are downloaded from an FTP server into the flash of the Nomadix device. - Page 79 The following diagram shows a sample RADIUS configuration file, meta file and illustration of the FTP server setup. The Nomadix device will automatically initiate one reboot to enable the new settings. Configuration updates for network maintenance can be accomplished by simply enabling the Auto-Configuration option and rebooting the device (for example, using SNMP).
-
Page 80: Setting Up Bandwidth Management {Bandwidth Management
™ OMADIX Setting Up Bandwidth Management {Bandwidth Management} The AG-2000w allows system administrators to manage the bandwidth for subscribers, defined in Kbps (Kilobits per seconds) for both upstream and downstream data transmissions. With the ICC feature enabled, subscribers can increase or decrease their own bandwidth dynamically (by the minute, or on an hourly, daily, weekly, or monthly basis), and also adjust the pricing plan for their service. -
Page 81: Establishing Billing Records "Mirroring" {Bill Record Mirroring
The AG-2000w assumes control of billing transmissions and saving billing records. By “mirroring” the billing data, the AG-2000w can also send copies of billing records to predefined “carbon copy” servers. Additionally, if the primary and secondary servers are down, the AG-2000w can store up to 2,000 credit card transaction records. - Page 82 Primary IP Secret Key The AG-2000w and the “mirror” servers must use the same secret key. Repeat Step 4 for the secondary server (if any) and all carbon copy servers. Define the “fail-safe” provisions, including: – Alternate, or do not alternate.
-
Page 83: Managing The Dhcp Service Options {Dhcp
Most users have DHCP capability on their computer. To enable this service on the AG-2000w, you can either enable the DHCP relay (routed to an external DHCP server IP address), or you can enable the AG- 2000w to act as its own DHCP server. - Page 84 By default, the AG-2000w is configured to act as its own DHCP server and the relay feature is “disabled.” If you want the AG-2000w to act as its own DHCP server, do not enable the relay. Go directly to Step 8.
- Page 85 AG-2000 ™ / AG-2000 ™ OMADIX If you want to add a new DHCP Pool, click on the button. The Add DHCP Pools screen appears: Enter a valid address for the DHCP server. DHCP Server IP Enter the DHCP Server Netmask Enter the starting and ending IP addresses for the DHCP address pool you want to use: DHCP Pool Start IP...
- Page 86 “Managing the DNS Options {DNS}” on page The existing lease pool and lease table are deleted and the AG-2000w reboots. The AG-2000w can issue IP addresses to any DHCP enabled subscriber who enters the network.
-
Page 87: Managing The Dns Options {Dns
IP addresses) by automatically converting the URLs into the correct IP addresses. You can assign a primary, secondary, or tertiary (third) DNS server. The AG-2000w utilizes whichever server is currently available. Use the following procedure to set the DNS configuration options. - Page 88 AG-2000 ™ / AG-2000 ™ OMADIX Enter the IP addresses for the DNS servers (located at the customer’s network operating center where DNS requests are sent). Servers include: Primary DNS Server Secondary DNS Server Tertiary DNS Sever The secondary and tertiary DNS servers are only utilized if the primary DNS server is unavailable.
-
Page 89: Setting The Home Page Redirection Options {Home
If required, click on the check box for Parameter Passing Parameter passing allows the AG-2000w to track a subscriber’s initial Web request (usually their home page) and pass the information on to the solution provider. The solution provider uses this information to ensure that the subscriber can return to their home page easily. -
Page 90: Enabling Intelligent Address Translation (Inat)
Our patent-pending iNAT™ feature contains an advanced, real-time translation engine that analyzes all data packets being communicated between the private and public address domains. The Nomadix iNAT engine performs a defined mode of network address translation based on packet type and protocol (for example, GRE, IKE etc…). - Page 91 AG-2000 ™ / AG-2000 ™ OMADIX At the time of this writing, Session Rate Limiting (SRL) appears in the iNAT menu. However, the Session Rate Limiting feature will have its own dedicated menu item. If the iNAT screen does not display the SRL feature, skip Step 4 and Step 5 and refer to “Establishing Session Rate Limiting {Session Limit}”...
-
Page 92: Establishing Your Location {Location
AG-2000 ™ / AG-2000 ™ OMADIX Establishing Your Location {Location} This command sets up your location and the corresponding IP addresses for the network interface, subnet, and default gateway. You *must* provide your full location information. From the Web Management Interface, click on , then Configuration Location. - Page 93 Enter a valid default gateway IP address in the field. Default Gateway The default gateway is the IP address of the router that the AG-2000w uses to transmit data to the Internet. When finished, you must reboot the system for the new settings to take effect.
-
Page 94: Managing The System And Billing Log Options {Logging
System Log When system logging is enabled, the standard SYSLOG protocol (UDP) is used to send all message logs generated by the AG-2000w to the specified SYSLOG server. Enter a unique number (between 0 and 7) in the field. -
Page 95: Assigning Passthrough Addresses (Passthrough Addresses)
OMADIX Assigning Passthrough Addresses (Passthrough Addresses) The AG-2000w allows up to 52 IP passthrough addresses and DNS names. This feature allows users to “pass through” the AG-2000w and access predetermined services (for example, the redirected home page) at the solution provider’s discretion, even though they may not have subscribed to the broadband Internet service. -
Page 96: Defining The Radius Client Settings {Radius Client
“Defining the AAA Services {AAA}” on page Nomadix offers an integrated RADIUS client, allowing service providers to track or bill users based on the number of connections, location of the connection, bytes sent and received, connect time, etc. The customer database can exist in a central RADIUS server, along with associated attributes for each user. - Page 97 AG-2000 ™ / AG-2000 ™ OMADIX For additional RADIUS information, see also: “Defining the RADIUS Routing Settings {RADIUS Routing}” on page “RADIUS Attributes” on page 200. From the Web Management Interface, click on , then Configuration RADIUS Client. The RADIUS Client Settings screen appears: Under the Server Selection options, choose the Routing Mode (to disable RADIUS authentication)
-
Page 98: Miscellaneous Options
(if you want the system to Enable Goodbye URL display a post session “goodbye” page). The “goodbye” page can be defined as a RADIUS VSA or be driven by the AG-2000w’s Internal Web Server (IWS). If required, check the box for . To enable the Enable WAN 802.1q Attribute... -
Page 99: Defining The Radius Routing Settings {Radius Routing
AG-2000 ™ / AG-2000 ™ OMADIX Defining the RADIUS Routing Settings {RADIUS Routing} Use this procedure when setting up RADIUS Service Profiles (up to 10) and Realm- based Routing Policies (up to 50). For additional RADIUS information, see also: “Defining the RADIUS Client Settings {RADIUS Client}” on page “RADIUS Attributes”... -
Page 100: Adding A Radius Service Profile
AG-2000 ™ / AG-2000 ™ OMADIX Adding a RADIUS Service Profile To add a RADIUS Service Profile, click on the appropriate button. The Add RADIUS Service Profile screen appears: Enter a name of your choice for this service profile in the field. - Page 101 The secret key is a valuable and necessary security measure. The AG-2000w and the RADIUS servers must use the same secret key. Repeat Steps 5 through 7 for the secondary RADIUS authentication server (if used).
-
Page 102: Adding A Realm Routing Policy
AG-2000 ™ / AG-2000 ™ OMADIX Enter a numeric value in the (per server) field to Retransmission Attempts define how many times the system attempts to transmit the data. Click on the button to add this RADIUS Service Profile. When you have completed the definition of your RADIUS Service Profile, you can return to the previous screen (RADIUS Routing Settings) by clicking on the link. - Page 103 AG-2000 ™ / AG-2000 ™ OMADIX To define a specific realm, choose the option and enter the Specific Realm destination in the field. Alternatively, you can choose the Realm Name Wildcard option, then define your search options: match Prefix match only Suffix match only Match either Select the required...
- Page 104 AG-2000 ™ / AG-2000 ™ OMADIX The Realm Routing Policy you just created is added to the list. Your new RADIUS Service Profiles are added to this list Your new Realm Routing Policies are added to this list System Administration...
-
Page 105: Managing Smtp Redirection {Smtp
Managing SMTP Redirection {SMTP} When SMTP redirection is enabled (for misconfigured or properly configured subscribers), the AG-2000w redirects the subscriber’s E-mail through a dedicated SMTP server, including SMTP servers which support login authentication. To the subscriber, sending and receiving E-mail is as easy as it’s always been. This function is transparent to subscribers. -
Page 106: Managing The Snmp Communities {Snmp
OMADIX Managing the SNMP Communities {SNMP} You can address the AG-2000w using an SNMP client manager (for example, HP OpenView). SNMP is the standard protocol that regulates network management over the Internet. To do this, you must set up the SNMP communities and identifiers. For more information about SNMP, see “Using an SNMP Manager”... - Page 107 Submit on the button if you want to reset all the values to their previous state. Reset You can now use your SNMP client to manage the AG-2000w via the Internet. System Administration...
-
Page 108: Displaying Your Configuration Settings {Summary
AG-2000 ™ / AG-2000 ™ OMADIX Displaying Your Configuration Settings {Summary} You can display a summary listing of all your current Configuration settings. To view the summary listing, go to the Web Management Interface, click on , then click on Configuration Summary. -
Page 109: Setting The System Date And Time {Time
Time. The Set Date and Time screen appears: The AG-2000w establishes its time relative to UTC (Universal Coordinated Time, based on the ISO 8601 standard). UTC is used in conjunction with RADIUS servers (for example, if the RADIUS server is setup for a time zone that is different from the AG-2000w). -
Page 110: Setting Up Url Filtering {Url Filtering
OMADIX Setting Up URL Filtering {URL Filtering} The AG-2000w can restrict access to specified Web sites based on URLs defined by the system administrator. URL filtering will block access to a list of sites and/or domains entered by the administrator using the following three methods: Host IP address (for example, 1.2.3.4) -
Page 111: Enabling Secure Management {Vpn Tunnel
Nomadix gateway using any preferred management protocol, but also the secure management of third party devices (for example, WLAN Access Points and 802.3 switches) on private subnets on the subscriber side of the Nomadix gateway. The advantage of using IPSec is that all types of management traffic are supported,... - Page 112 ™ / AG-2000 ™ OMADIX Two subsequent events drive the secure management function of the Nomadix gateway and the devices behind it: Establishing an IPSec tunnel to a centralized IPSec termination server (for example, Nortel Contivity). As part of the session establishment process, key tunnel parameters are exchanged (for example, Hash Algorithm, Security Association Lifetimes, etc.).
- Page 113 AG-2000 ™ / AG-2000 ™ OMADIX From the Web Management Interface, click on , then Configuration VPN Tunnel. The IPSEC Tunnel Settings screen appears: To enable this feature, click on the check box. Enable IPSEC If you enabled IPSec, enter the in the corresponding field.
-
Page 114: Network Info Menu
The ARP Table screen appears: Displaying DAT Sessions {DAT} The AG-2000w provides “plug-and-play” access to subscribers who are misconfigured with static (permanent) IP addresses, or subscribers that do not have DHCP functionality on their computers. Dynamic Address Translation (DAT) allows all users to obtain network access, regardless of their computer’s network settings. -
Page 115: Displaying The Host Table {Hosts
AG-2000 ™ / AG-2000 ™ OMADIX Displaying the Host Table {Hosts} You can display a table which lists the hosts that are currently configured. This table includes the assigned host names, their corresponding IP addresses, and any aliases that may be assigned to each host. Hosts provide services to other computers that are linked to it by a network. -
Page 116: Displaying The Network Interfaces {Interfaces
AG-2000 ™ / AG-2000 ™ OMADIX Displaying the Network Interfaces {Interfaces} You can display the network interfaces which are presented as a detailed listing of all interface communication elements and their current status. To view the Network Interfaces, go to the Web Management Interface, click on , then click on Network Info Interfaces. -
Page 117: Displaying The Ip Statistics {Ip
AG-2000 ™ / AG-2000 ™ OMADIX Displaying the IP Statistics {IP} You can display the IP (Internet Protocol) statistics which are presented as a detailed listing of all IP elements and their current status. With IP transmissions, data is broken up into packets which are then sent over the network. By using IP addressing, Internet Protocol ensures that the data reaches its destination, even though different packets may “pass through”... -
Page 118: Displaying The Routing Tables {Routing
AG-2000 ™ / AG-2000 ™ OMADIX Displaying the Routing Tables {Routing} You can display the current Routing Tables, including any dynamically generated routes, unreachable routes, or wildcard routes. To view the Routing Tables, go to the Web Management Interface, click on Network , then click on Info... -
Page 119: Displaying The Active Ip Connections {Sockets
AG-2000 ™ / AG-2000 ™ OMADIX Displaying the Active IP Connections {Sockets} You can display a table which provides a detailed listing of all currently active IP (Internet Protocol) connections. To view the Socket Table, go to the Web Management Interface, click on Network , then click on Info... -
Page 120: Displaying Tcp Statistics {Tcp
AG-2000 ™ / AG-2000 ™ OMADIX Displaying TCP Statistics {TCP} You can display the TCP (Transmission Control Protocol) statistics which are presented as a detailed listing of all TCP elements and their current status. TCP is a standard protocol that manages data transmissions across networks. To view the TCP Statistics, go to the Web Management Interface, click on Network , then click on... -
Page 121: Displaying Udp Statistics {Udp
AG-2000 ™ / AG-2000 ™ OMADIX Displaying UDP Statistics {UDP} You can display the UDP (User Datagram Protocol) statistics which are presented as a detailed listing of all UDP elements and their current status. UDP is an Internet standard transport layer protocol. It is a connectionless protocol which adds a level of reliability and multiplexing to the Internet Protocol (IP). -
Page 122: Subscriber Administration Menu
Adding Subscriber Profiles {Add} AAA Services must be enabled before you can add a subscriber profile into the AG-2000w’s internal authorization database. Refer to, “Defining the AAA Services {AAA}” on page This procedure shows you how to add subscriber profiles into a table of authorized users. - Page 123 MAC address (but you must enter a user name). Enter the of the subscriber. IP Address Leave the field blank (not required with the AG-2000w). Subnet In the field, enter a user name for this subscriber. If you entered a Username MAC address and you do not want to assign a user name, skip Step 9 (password).
-
Page 124: Displaying Current Subscriber Connections {Current
AG-2000 ™ / AG-2000 ™ OMADIX Displaying Current Subscriber Connections {Current} You can display a listing of all the subscribers currently connected to the system. The list includes the MAC addresses of the subscribers, their active state, the individual expiration times, port numbers (if assigned), and the number of bytes that have been passed from the subscriber to the Internet. -
Page 125: Deleting Subscriber Profiles By Mac Address {Delete By Mac
OMADIX Deleting Subscriber Profiles by MAC Address {Delete by MAC} This procedure shows you how to delete a subscriber profile from the AG-2000w’s database of authorized subscribers, based on the profile’s MAC address. To see a current listing of the subscriber database, sorted by MAC addresses, go to “Listing Subscriber Profiles by MAC Address {List by... -
Page 126: Deleting Subscriber Profiles By User Name {Delete By User
OMADIX Deleting Subscriber Profiles by User Name {Delete by User} This procedure shows you how to delete a subscriber profile from the AG-2000w’s database of authorized subscribers, based on the profile’s user name. To see a current listing of the subscriber database, sorted by user name, go to “Listing Subscriber Profiles by User Name {List by User}”... -
Page 127: Displaying The Currently Allocated Dhcp Leases {Dhcp Leases
, then click on Subscriber Administration DHCP Leases. To utilize this feature, your AG-2000w must be set to act as its own DHCP Server. The DHCP function cannot be set to DHCP Relay. Refer “Managing the DHCP Service Options {DHCP}” on page... -
Page 128: Finding Subscriber Profiles By Mac Address {Find By Mac
OMADIX Finding Subscriber Profiles by MAC Address {Find by MAC} This procedure shows you how to find a subscriber profile from the AG-2000w’s database of authorized subscribers, based on the profile’s MAC address. Use this procedure when you want to see the statistics corresponding to the MAC address. -
Page 129: Finding Subscriber Profiles By User Name {Find By User
OMADIX Finding Subscriber Profiles by User Name {Find by User} This procedure shows you how to find a subscriber profile from the AG-2000w’s database of authorized subscribers, based on the profile’s user name. Use this procedure when you want to see the statistics corresponding to the user name. -
Page 130: Listing Subscriber Profiles By Mac Address {List By Mac
AG-2000 ™ / AG-2000 ™ OMADIX Listing Subscriber Profiles by MAC Address {List by MAC} You can display the currently active database of authorized subscribers, based on MAC addresses. To view the list of Authorized Subscriber Profiles, go to the Web Management Interface, click on , then click on Subscriber Administration... -
Page 131: Listing Subscriber Profiles By User Name {List By User
AG-2000 ™ / AG-2000 ™ OMADIX Listing Subscriber Profiles by User Name {List by User} You can display the currently active database of authorized subscribers, based on user names. You can display the currently active database of authorized subscribers, based on their user names. -
Page 132: Displaying Current Profiles And Connections {Statistics
(Current Table) and a numerical breakdown of how the subscribers can utilize the system (for example, free access, credit card, etc.). The total number of user profiles stored in the AG-2000w’s internal database is also shown. -
Page 133: Subscriber Interface Menu
AG-2000 ™ / AG-2000 ™ OMADIX Subscriber Interface Menu Defining the Billing Options {Billing Options} You can define various billing options for use with the Internal Web Server (IWS), based on: Billing plans, including pricing and bandwidth. Messages displayed to subscribers, including an Introduction Message, Offer Message and Policy Message. - Page 134 AG-2000 ™ / AG-2000 ™ OMADIX From the Web Management Interface, click on , then Subscriber Interface Billing Options The Internal Billing Options Setup screen appears: System Administration...
- Page 135 AG-2000 ™ / AG-2000 ™ OMADIX Review the billing plans that are currently active. To view or edit a billing plan, simply click on the button opposite the corresponding plan. Show/Change The Internal Billing Options Plan Setup screen appears for the billing plan you selected (Plan 0 shown here): If required, click on the check box to enable (make active) this billing...
- Page 136 Time Unit Month). One time unit is assigned to each billing plan. The AG-2000w allows you to define multiple billing plans with different time units at the same time. For example, you can define one billing plan that changes by the hour (e.g. $2.95 per hour) and a second plan that charges per day (e.g.
-
Page 137: Setting Up The Information And Control Console {Icc Setup
Setting Up the Information and Control Console {ICC Setup} The Nomadix Information and Control Console (ICC) is a HTML pop-up window that is presented to subscribers, allowing them to select their bandwidth and billing plan options quickly and efficiently, and displays a dynamic “time”... - Page 138 AG-2000 ™ / AG-2000 ™ OMADIX From the Web Management Interface, click on , then Subscriber Interface Setup The ICC Setup screen appears: If you want subscribers to see the ICC (pop-up window), click on the check box to enable this feature. Display ICC (Information and Control Console) If you enabled the ICC, you can choose a unique name for the console.
-
Page 139: Assigning Buttons
AG-2000 ™ / AG-2000 ™ OMADIX Define how you want to display the subscriber session time: (how much time has elapsed since the start of the session) Elapsed Time (how much time is remaining for the session) Time Remaining You must now decide what you want the ICC to do if the subscriber closes it. Choose one of the following options: Redisplay itself (return the subscriber to a “pending”... -
Page 140: Assigning Banners
AG-2000 ™ / AG-2000 ™ OMADIX When you have completed assigning all your redirect buttons, click on the check box for Reboot after changes are saved? Click on the button to save your changes, or click on the button if Submit Reset you want to reset all the values to their previous state. - Page 141 If you assign (or change) button images or banner images, the AG- 2000w must be rebooted for your changes to take effect. If you changed any of the Image Name definitions, click on the check box for (to reboot the AG-2000w). Reboot after changes are saved? When finished, click on the...
-
Page 142: Pixel Sizes
AG-2000 ™ / AG-2000 ™ OMADIX Pixel Sizes Use the following parameters when defining images for buttons and banners: Banners – 373 pixels (width) x 32 pixels (height) ISP Button – 98 pixels (width) x 26 pixels (height) Small buttons –... -
Page 143: Defining Languages {Language Support
OMADIX Defining Languages {Language Support} The AG-2000w allows you to define the text displayed to your users by the Internal Web Server (IWS) without any HTML or ASP knowledge. The language you select here will determine the language encoding that the AG-2000w’s Internal Web Server instructs the browser to use. - Page 144 Other option, then choose one of the available Japanese character sets from the drop-down menu. If sufficient space is available, the AG-2000w’s Internal Web Server also supports multiple languages at the same time. The following sample image shows the Web Management Interface (WMI) displayed with Asian language characters.
-
Page 145: Defining The Subscriber's Login Ui {Login Ui
AG-2000 ™ / AG-2000 ™ OMADIX Defining the Subscriber’s Login UI {Login UI} This procedure allows you to set up the presentation and content of the subscriber’s login User Interface (UI). From the Web Management Interface, click on , then Subscriber Interface Login The Subscriber Login User Interface Settings screen appears:... - Page 146 Click on the check box for if you want to Enable “Remember Me” option enable (or disable) this feature. This option enables the AG-2000w to “remember” logins for a predetermined duration (see next step). The “Remember Me” option requires JavaScript to be enabled.
- Page 147 Image File Name Partner Image File Name you must reboot the AG-2000w for your changes to take effect. In this case, click on the check box for Reboot after changes are saved? The partner image (splash screen) is not the same screen that is defined by the Image File Name (IWS screen) field.
-
Page 148: Subscriber Login Screen (Sample)
AG-2000 ™ / AG-2000 ™ OMADIX Subscriber Login Screen (Sample) The following sample shows a subscriber login screen: System Administration... - Page 149 AG-2000 ™ / AG-2000 ™ OMADIX Defining Subscriber UI Buttons {Subscriber Buttons} This procedure allows you to define how each of the control buttons are displayed to subscribers. From the Web Management Interface, click on , then Subscriber Interface Subscriber Buttons. The Subscriber Page -- Control Button Definitions screen appears: Caution Only the...
-
Page 150: Defining Subscriber Ui Labels {Subscriber Labels
AG-2000 ™ / AG-2000 ™ OMADIX Defining Subscriber UI Labels {Subscriber Labels} This procedure allows you to define how the user interface (UI) field labels are displayed to subscribers. From the Web Management Interface, click on , then Subscriber Interface Subscriber Labels. -
Page 151: Defining Subscriber Error Messages {Subscriber Errors
AG-2000 ™ / AG-2000 ™ OMADIX Defining Subscriber Error Messages {Subscriber Errors} This procedure allows you to define how error messages are displayed to subscribers. There are 2 (two) pages of error messages available. From the Web Management Interface, click on , then Subscriber Interface Subscriber Errors, 1 of 2. - Page 152 AG-2000 ™ / AG-2000 ™ OMADIX Enter the definitions you want for each error message in the corresponding fields. Click on the button to save your changes, or click on the button if Submit Reset you want to reset all the values to their previous state. If you want to reset all field values to their default state, click on the Revert button.
-
Page 153: Defining Subscriber Messages {Subscriber Messages
AG-2000 ™ / AG-2000 ™ OMADIX Defining Subscriber Messages {Subscriber Messages} This procedure allows you to define how “other” subscriber messages are displayed. There are 3 (three) pages of subscriber messages available. From the Web Management Interface, click on , then Subscriber Interface Subscriber Messages, 1 of 3. - Page 154 AG-2000 ™ / AG-2000 ™ OMADIX Enter the definitions you want for each subscriber message in the corresponding fields. Click on the button to save your changes, or click on the button if Submit Reset you want to reset all the values to their previous state. If you want to reset all field values to their default state, click on the Revert button.
- Page 155 AG-2000 ™ / AG-2000 ™ OMADIX Repeat Steps 1 – 3 for page 3 of 3 (see following screen): System Administration...
-
Page 156: System Menu
AG-2000 ™ / AG-2000 ™ OMADIX System Menu Adding an ARP Table Entry {ARP Add} ARP (Address Resolution Protocol) is used to dynamically bind a high level IP address to a low level physical hardware (MAC) address. ARP is limited to a single physical network that supports hardware broadcasting. -
Page 157: Deleting An Arp Table Entry {Arp Delete
AG-2000 ™ / AG-2000 ™ OMADIX Deleting an ARP Table Entry {ARP Delete} ARP (Address Resolution Protocol) is used to dynamically bind a high level IP address to a low level physical hardware (MAC) address. ARP is limited to a single physical network that supports hardware broadcasting. -
Page 158: Enabling The Bridge Mode Option {Bridge Mode
“remove” the AG-2000w from the network without physically disconnecting the unit. You can still manage the AG-2000w when Bridge Mode is enabled, but you have no other functionality. If you enable the Bridge Mode option and then plug the AG- 2000w into a network, all you need to do is assign it routable IP addresses. -
Page 159: Exporting Configuration Settings To The Archive File {Export
AG-2000 ™ / AG-2000 ™ OMADIX Exporting Configuration Settings to the Archive File {Export} This procedure shows you how to export the current system configuration settings to an archive file for future retrieval. This function is useful if you want to change the configuration settings and you are unsure of the effect that the changes will have. -
Page 160: Importing The Factory Defaults {Factory
If you restore the factory default configuration settings, you will no longer be able to access the AG-2000w remotely. However, you always have the option of using the “import” function to restore system configuration settings from the archive file. -
Page 161: Viewing The History Log {History
Login – User name of the Administrator / Operator. IP – Source IP address (see note). The source IP displayed may be the source IP of a NAT router instead of the client of the person accessing the AG-2000w. System Administration... -
Page 162: Importing Configuration Settings From The Archive File {Import
AG-2000 ™ / AG-2000 ™ OMADIX Importing Configuration Settings from the Archive File {Import} This procedure shows you how to restore the system configuration settings from an archive file (previously created with the export function). The archived configuration settings you want to restore may not contain valid IP addresses. -
Page 163: Establishing Login Access Levels {Login
(Submit, Reset, Reboot, Add, Delete, etc.), but operators cannot change any system settings. When this feature is enabled, one manager and three operators can access the AG-2000w at any one time (the default is “disabled”). This feature supports the following interfaces: Telnet Command Line Interface (CLI) –... - Page 164 If you enabled Administration Concurrency, repeat steps 3 to 5 for an operator login. As part of its Smart Client feature, the AG-2000w offers a remote RADIUS testing feature (enabled by default). With this feature, the AG-2000w provides a password-protected Web page. From this Web page, technical support can type a username and password and instruct the AG-2000w to send a RADIUS access request to the RADIUS server—following the same basic rules as if the request...
-
Page 165: Defining The Mac Filtering Options {Mac Filtering
Defining the MAC Filtering Options {Mac Filtering} MAC Address filtering enhances Nomadix' access control technology by allowing System Administrators to block malicious users based on their MAC address. Up to 50 MAC addresses can be blocked at any one time (see caution). -
Page 166: Testing A Remote Host {Ping
AG-2000 ™ / AG-2000 ™ OMADIX Testing a Remote Host {Ping} This procedure shows you how to test a remote host via the network port. From the Web Management Interface, click on , then System Ping. The Ping a host via the network port screen appears: Enter an IP address in the field. -
Page 167: Rebooting The System {Reboot
™ OMADIX Rebooting the System {Reboot} This procedure shows you how to reboot the AG-2000w. The “reboot” procedure outlined on this page allows you to decide when to reboot (if you are making multiple changes to different menu functions and you want to reboot just one time after completing all your changes). -
Page 168: Adding A Route {Route Add
OMADIX Adding a Route {Route Add} This procedure shows you how to add a route into the AG-2000w’s routing table. This is accomplished by establishing the route’s destination IP address, and by setting the gateway or router IP address by which the route’s destination can be reached. -
Page 169: Deleting A Route {Route Delete
AG-2000 ™ / AG-2000 ™ OMADIX Deleting a Route {Route Delete} This procedure shows you how to delete a route to a specific IP destination. From the Web Management Interface, click on , then System Route Delete. The Delete Static Routes screen appears: Enter the address of the route you want to delete from the routing Destination IP... -
Page 170: Establishing Session Rate Limiting {Session Limit
AG-2000 ™ / AG-2000 ™ OMADIX Establishing Session Rate Limiting {Session Limit} Session Rate Limiting (SRL) significantly reduces the risk of “Denial of Service” attacks by allowing administrators to limit the number of DAT sessions any one user can take over a given time period and, if necessary, then block malicious users. From the Web Management Interface, click on , then System... -
Page 171: Adding Static Ports {Static Port-Mapping Add
IP (typically private and mis-configured) and port number on the subscriber side of the AG-2000w. The advantage for the network administrator is that free private IP addresses can be used to manage devices (such as Access Points) on the subscriber side of the AG-2000w without setting them up with public IP addresses. - Page 172 AG-2000 ™ / AG-2000 ™ OMADIX Enter the reference. Internal Port Enter a valid MAC Address Enter the External IP Address The External IP address field will default to the IP address of the AG- 2000w. Enter the reference. External Port Optional: Enter the .
-
Page 173: Deleting Static Ports {Static Port-Mapping Delete
IP (typically private and mis-configured) and port number on the subscriber side of the AG-2000w. The advantage for the network administrator is that free private IP addresses can be used to manage devices (such as Access Points) on the subscriber side of the AG-2000w without setting them up with public IP addresses. -
Page 174: Updating The Ag-2000W Firmware {Upgrade
AG-2000 ™ / AG-2000 ™ OMADIX Updating the AG-2000w Firmware {Upgrade} Upgrading the AG-2000w firmware is performed from the AG-2000w’s Command Line Interface (CLI) only. Refer to the Firmware Upgrade Procedure (separate document available from Nomadix Technical Support). System Administration... -
Page 175: Defining The Wireless Configuration {Wireless Configuration
™ / AG-2000 ™ OMADIX Defining the Wireless Configuration {Wireless Configuration} This procedure allows you to configure the AG-2000w’s wireless settings and optimize transmissions and wireless security. See also: “Why Choose Wireless?” on page “Offering Speed and Efficiency” on page “Optimizing Performance”... - Page 176 AG-2000 ™ / AG-2000 ™ OMADIX Enter an SSID in the field. The SSID (Service Set Identifier) is a unique SSID name that identifies a network. All devices on a network must share the same SSID name in order to communicate on the network. Enable or disable , as required.
- Page 177 AG-2000 ™ / AG-2000 ™ OMADIX You can now define up to four discrete keys by entering a key identifier in the fields corresponding to to the four keys: Key 1 Key 2 Key 3 Key 4 If you made any changes to this screen, click on the check box for Reboot after changes are saved? Click on the...
- Page 178 AG-2000 ™ / AG-2000 ™ OMADIX Notes Use this page for your notes. System Administration...
-
Page 179: Chapter 3: The Subscriber Interface
The Subscriber Interface is the window to the solution provider’s Web site, and much more than that. When a subscriber accesses the solution provider’s high speed network, the AG-2000w points their browser to a sign-in page. The AG-2000w then creates a database entry that automatically records the subscriber’s Media Access Control (MAC). -
Page 180: Authorization And Billing
OMADIX Authorization and Billing As a gateway device, the AG-2000w enables plug-and-play access to broadband networks. Broadband network solution providers can now offer their subscribers a wide range of high speed services, including access to the Internet. Of course, a high speed Internet connection is not free –... -
Page 181: The Aaa Structure
The Authentication module can support user name and MAC address authentication simultaneously. The initial login page can be presented in various ways, depending on the system’s configuration. The AG-2000w supports any of the following methods and tools: Internal and external Web pages. External “portal” page for redirection. -
Page 182: Process Flow (Aaa)
™ OMADIX Process Flow (AAA) The following flowchart outlines the AAA and billing process. All actions depicted in the chart are administered and tracked by the AG-2000w. AG-2000w detects connection and verifies user against authorization table New User Existing Subscriber... -
Page 183: Internal And External Web Servers
English, Chinese, French, German, Japanese, and Spanish. Home Page Redirection The AG-2000w can be configured to redirect all valid subscribers to a Web portal or home page determined by the solution provider. After a specified time, from the first home page redirection (determined by the system administrator), subscribers are redirected again to the portal at the next Web page request. -
Page 184: Subscriber Management Models
Subscriber Management Models The system administrator establishes the subscriber management model via the Command Line Interface (CLI) or the Web Management Interface. These models can be changed while the AG-2000w is running (without rebooting or interrupting the service). Free Access –... -
Page 185: Configuring The Subscriber Management Models
Credit card Enable the AAA services. You have the choice of enabling the AG-2000w’s internal authorization module or using an external credit card authorization server. Internal Authorization Enabled Enter the credit card server’s URL and IP address, then enter the merchant ID you obtain from Authorize.Net. -
Page 186: Information And Control Console (Icc)
AG-2000 ™ / AG-2000 ™ OMADIX Information and Control Console (ICC) The Information and Control Console (ICC) is a HTML-based pop-up window that is presented to subscribers, allowing them to select their bandwidth and billing options quickly and efficiently, and displays a dynamic “time” field to inform them of the time remaining on their account. -
Page 187: Chapter 4: Quick Reference Guide
Web Management Interface (WMI) Menus The following tables contain a listing and brief explanation of all menus and menu items contained in the AG-2000w’s Web Management Interface (WMI), listed as they appear on screen. Main Page... -
Page 188: Configuration Menu Items
(IP address) of administrator logins. A login is permitted only if a match is made with the master list contained on the AG-2000w. If a match is not made, the login is denied, even if a correct login name and password are supplied. -
Page 189: Network Info Menu Items
Passthrough Addresses Allows you to establish up to 300 IP pass-through addresses. RADIUS Client With the appropriate product license, the AG-2000w supports Remote Authentication Dial-In User Service (RADIUS). This procedure sets up the RADIUS client. RADIUS Routing Establishes RADIUS proxies, where different realms can be set up to directly channel RADIUS messages to the various RADIUS servers. -
Page 190: Subscriber Administration Menu Items
AG-2000 ™ / AG-2000 ™ OMADIX Item Description Routing Displays the routing tables and performance statistics. Sockets Displays the active Internet connections. Static Port-Mapping Displays the currently active static port-mapping scheme. Displays the TCP performance statistics. Displays the UDP performance statistics. Subscriber Administration Menu Items Items Description... -
Page 191: Subscriber Interface Menu Items
AG-2000 ™ / AG-2000 ™ OMADIX Subscriber Interface Menu Items Items Description Billing Options Establishes the various billing plans and rates (schemes), including messages and appearance. ICC Setup Allows you to set up the Information and Control Console (ICC) for subscribers. Language Support Allows you to define the language to be displayed on the Web Management Interface and the subscriber’s portal... -
Page 192: System Menu Items
Allows you to ping (test) a host via the network port. Reboot Reboots the AG-2000w. Route Add Adds a route into the AG-2000w’s routing table. Route Delete Deletes a route to a specific IP destination. Session Limit Limits the number sessions any one user can take over a given time period and, if necessary, then blocks malicious users. -
Page 193: Alphabetical Listing Of Menu Items (Wmi)
Description Menu AAA ........Set AAA options ..............Configuration Access Control ..... Enables secure administration of the AG-2000w....Configuration Add........Add subscriber profiles to the database......Subscriber Admin ARP........Display the ARP table ............Network Info ARP Add ......Add an ARP table entry............System ARP Delete ...... - Page 194 Time ........Set the system date and time ..........Configuration UDP........Display the UDP performance statistics......Network Info Upgrade........ Upgrade the AG-2000w system firmware......System URL Filtering....... Define URLs for filtering ........... Configuration Wireless Configuration ..Sets up the wireless configuration parameters ....System...
-
Page 195: Default (Factory) Configuration Settings
™ OMADIX Default (Factory) Configuration Settings The following table shows a partial listing of the AG-2000w’s primary default configuration settings (the settings established at manufacturing). For a complete listing of the factory default settings, refer to the file. For more information, factory.txt... - Page 196 AG-2000 ™ / AG-2000 ™ OMADIX Function Default Setting Dynamic Address Translation (DAT) Enabled (cannot be changed) AAA Logging Disabled AAA Log Server Number AAA Log Server IP 0.0.0.0 SYSLOG (System Logging) Disabled SYSLOG Server Number SYSLOG Server IP 0.0.0.0 AAA Services Disabled Internal Authorization...
-
Page 197: Product Specifications
OMADIX Product Specifications Specifications UBLIC ACCESS User Support: Nomadix recommends a maximum of 50 users per unit Dynamic Address Translation Home Page Redirection (Pre and Post Authentication) iNAT (for seamless VPN connectivity) SMTP Redirection Full Authorization, Authentication and Accounting Support... - Page 198 AG-2000 ™ / AG-2000 ™ OMADIX Specifications ETWORKING IEEE 802.3 / 3u IEEE 802.1d PoE per IEEE 802.3af DHCP Server DHCP Relay DHCP Client RADIUS Client (MD-5, PAP, CHAP, MS-CHAPv1, v2) PPPoE Client ECURITY 64-bit/128-bit WEP with dynamic keying iNAT MAC Address Filtering and Session Limiting NTENNA 802.11b/g: 2dBi...
- Page 199 FCC Part 15 CE Mark CE/R&TTE: EN301328 / EN301893 / EN301489-1, EN301489-17 VCCI Class B, Telec UL 1950, CSA22.2 No 950, TÜV/GS(EN60950) For further information on the certifications for the AG-2000w product, visit http://www.nomadix.com/downloads. OMPATIBILITY Communicates with all Wi-Fi certified wireless adapters HYSICAL 9.25(L) x 6.25(W) x 1.5(H) inches...
- Page 200 AG-2000 ™ / AG-2000 ™ OMADIX Specifications RANSMITTER UTPUT OWER 11g TX Power Specification: Typical RF Output Power at each Data Rate and at room ° temperature: 25 +13dBm at 54Mbps +15dBm at 48Mbps +17dBm at 36Mbps +18dBm at 24, 18, 12, 9, & 6Mbps ALC loop to control transmit power within 0.9dB tolerance in room temperature 11b TX Power Specification:...
-
Page 201: Sample Aaa Log
Subscriber profile was not added to the AG-2000w authorization table Unsuccessful_Error because the credit card server did not recognize the transaction. AAA_lookup Subscriber profile has been recognized and the AG-2000w is waiting to Added_in_memory_table_pending authenticate the user. AAA_Interface Subscriber profile was manually added to the authorization table. -
Page 202: Sample Syslog Report
™ / AG-2000 ™ OMADIX Sample SYSLOG Report Syslog reports are generated by the AG-2000w and sent to the syslog server that is assigned to general error detection and reporting. 2003-02-10 11:25:53 Local2.Info 1.2.3.4 INFO [AG v1.3.028] DHCP: ndxDHCPInit: 0021 DHCP initialized 2003-02-10 11:25:53 Local2.Info 1.2.3.4 INFO [AG v1.3.028]... -
Page 203: Keyboard Shortcuts
AG-2000 ™ / AG-2000 ™ OMADIX Keyboard Shortcuts The following table shows the most common keyboard shortcuts. Action Keyboard Shortcut Cut selected data and place it on the clipboard. Ctrl + X Copy selected data to the clipboard. Ctrl + C Paste data from the clipboard into a document (at the Ctrl + V insertion point). -
Page 204: Radius Attributes
RADIUS server. The RADIUS server decrypts the information and compares it against its list of valid users. If the subscriber can be authenticated, the RADIUS server replies to the AG-2000w with a message instructing it to grant access to the subscriber. -
Page 205: Authentication-Request
OMADIX Optionally, the RADIUS server can instruct the NAS to perform other functions; for example, the RADIUS server can tell the AG-2000w what upstream and downstream bandwidth the subscriber should receive. If RADIUS cannot authenticate the subscriber, it will instruct the NAS to deny access to the network. -
Page 206: Authentication-Reply (Accept)
Authentication-Reply (Accept) Reply-Message Reject-Message State (used/tested for 802.1x) Class Session-Timeout Idle-Timeout EAP-Packet (used for 802.1x) Message-Authenticator (used for 802.1x) Acct-Interim-Interval Nomadix VSAs: - Nomadix-Bw-Up - Nomadix-Bw-Down - Nomadix-URL-Redirection - Nomadix-IP-Upsell - Nomadix-MaxBytesUp - Nomadix-MaxBytesDown - Nomadix-Net-VLAN - Nomadix-Session-Terminate-End-Of-Day - Nomadix-Expiration... -
Page 207: Accounting-Request
AG-2000 ™ / AG-2000 ™ OMADIX Accounting-Request Username Acct-Status-Type (Start/Stop/Update) Acct-Session-ID Acct-Output-Octets Acct-Input-Octets Acct-Output-Packets Acct-Input-Packets Class Nomadix VSAs: - Nomadix-URL-Redirection - Nomadix-IP-Upsell Acct-Session-Time (Stop) Terminate-Cause (Stop) NAS ID NAS-IP Address NAS-Port-Type NAS-Port Framed-IP Address Acct-Delay-Time Called-Station-ID Calling-Station-ID Quick Reference Guide... -
Page 208: Selected Detailed Descriptions
Session Timeout There is currently no default session timeout settable in the AG-2000w’s Web Management Interface (WMI). If the Radius server does not send a Session-Timeout, the AG-2000w will set the subscriber expiration time to 0, which means access forever. Log-Off-URL Allows for the placement of a log off URL (for example, 1.1.1.1) on an external portal... -
Page 209: Nomadix Vendor Specific Attributes
This is the Media Access Control (MAC) address of the client's computer. New Attributes in Acct-Request The AG-2000w has to send the following attributes in an Accounting-Stop: Acct-Output-Packets: number of packets sent by subscriber. Acct-Input-Packets: number of packets received by subscriber. -
Page 210: Setting Up The Ssl Feature
You must purchase the SSL feature which is enabled through a license key from Nomadix. If you did not purchase the SSL feature, the SSL option in the AG- 2000w™ platform's Web Management Interface (WMI) will still be present, but you will not able to enable the feature. -
Page 211: Obtain A Private Key File (Cakey.pem)
Downloading Cygwin There are several sources for obtaining "Cygwin" to install OpenSSL. One popular source is: http://sources.redhat.com/cygwin/. Nomadix used Cygwin version 1.3.2 for generating this section of the User’s Guide. Installing Cygwin and OpenSSL on a PC The example in this document is based on downloading the software with Netscape 4.75. - Page 212 AG-2000 ™ / AG-2000 ™ OMADIX The following screen appears: Click on the button to display the next setup screen. Next Click on the button to display the next setup screen. Next Quick Reference Guide...
- Page 213 Next Click on the button to display the next setup screen. Next Select a location and click on the button. Next For the purposes of this document, Nomadix used: ftp://planetmirror.com Quick Reference Guide...
- Page 214 AG-2000 ™ / AG-2000 ™ OMADIX In the following screens, please skip all packages except "cygwin" and "openssl," then click on the Next when you are done. At the time of this writing, there are more than 70 packages to install. Please ensure that you "skip"...
-
Page 215: Private Key Generation
AG-2000 ™ / AG-2000 ™ OMADIX Click on the button to start the “download” process. Wait for the download Next process to complete. Click on the button to start the “install” process. Wait for the install process to Next complete. There will be a pop-up dialog to inform you that the installation process is completed. - Page 216 (large compressed log files recommended by VeriSign). These files are entered in the key generation command as file1:file2:file3:file4:file5 > Output to. cakey.pem The file that contains the private key. You must have the file name "cakey.pem" to be used in the AG-2000w. Quick Reference Guide...
- Page 217 However, if you saving them as a different namse, you must change the names back to "cakey.pem" when trying to FTP to the AG-2000w. Do not include "-des3" option to keep the private key in an unencrypted form.
-
Page 218: Create A Certificate Signing Request (Csr) File
The "Common Name" is the name used in the AG->AAA->SSL Certificate Domain Name. The Common Name in the Public Key must match the SSL Certificate Domain Name in the Web Management Interface of the AG-2000w (refer to the AG- 2000w setup information later in this document). -
Page 219: Create A Public Key File (Server.pem)
AG-2000 ™ / AG-2000 ™ OMADIX Here is the output of server.csr: Create a Public Key File (server.pem) VeriSign Purchasing Process The signing process varies by Certificate Authority. Generally, you will need to send a Certificate Signing Request to the Certificate Authority (CA) and the CA will create a public key base on the certificate request. - Page 220 Some older versions of popular browsers only support 40-bit or 56-bit encryption. Since it impossible to forecast the browsers that may be used in a visitor-based network, Nomadix recommends implementing a 40-bit Public Key. During the process, VeriSign will ask for your business information and verification.
- Page 221 AG-2000 ™ / AG-2000 ™ OMADIX CSR Submission to VeriSign Please select "Apache Freeware" to submit the CSR to VeriSign. The Certificate Signing Request is in the server.csr (created in the previous step). Open server.csr and copy and paste all data into the edit box. Select the purchase method and summit the required contact information.
-
Page 222: Setting Up Ag-2000W™ For Ssl Secure Login
The file, "server.pem" will look like this: You have now finished the process of obtaining a public key. Setting Up AG-2000w™ for SSL Secure Login FTP the "cakey.pem" and "server.pem" files into the AG-2000w platform's flash directory. FTP to the AG-2000w™ by Netscape: ftp://username:password@AG_Network_IP/flash/. -
Page 223: Setting Up The Portal Page
The AG-2000w assumes control of billing transmissions and saving billing records. By effectively "mirroring" the billing data, the AG-2000w can send copies of billing records to predefined "carbon copy" servers. Additionally, if the primary and secondary servers are down, the AG-2000w can store up to 2,000 PMS or credit card transaction records. -
Page 224: Sending Billing Records
XML Interface XML for the External Server The AG-2000w sends a string of XML commands according to specifications. HTTP headers are added to the XML packets that are built, as the billing "mirroring" information is sent to the external server in HTTP compliant XML format. - Page 225 XML to AG-2000w™ The AG-2000w uses USG commands for XML strings. The AG-2000w accepts a single line of XML text in the specified format. The XML string is a command sent by the External Server to the AG-2000w product. In this case, the acknowledgement received from the External Server forms the command.
- Page 226 OK or ERROR Standard IP format (123.123.123.123) ERROR_CODE 1 for OK, or any other number Please contact Nomadix Technical Support for the complete XML DTD. Refer to “Contact Information” on page 227. For more information about Billing Records Mirroring, see also: “Billing Records Mirroring”...
-
Page 227: Chapter 5: Troubleshooting
It also contains a list of known error messages associated with the Management Interface. General Hints and Tips The AG-2000w is both a hardware device and a powerful software utility. As a hardware computing device, the AG-2000w requires careful handling. It should be positioned in a dust-free and temperature-controlled environment. - Page 228 When upgrading the software, the system must FTP a valid boot image to the flash. needs the new boot image file. You must FTP the file from NOMADIX™ to your local hard drive. Warning: no DHCP services are available This message is displayed because you to subscribers.
-
Page 229: Common Problems
255.255.255.0 The DHCP relay is disabled Check the internal DHCP and the DHCP service service settings. settings in the AG-2000w are misconfigured. Subscribers are unable to The DNS server settings are Check the DNS settings route to a domain name, but misconfigured. - Page 230 2000w. the specified home page. The home page URL was Re-enter the correct URL. entered into the AG-2000w incorrectly. The server that hosts the Check that the server is home page is down, or the...
-
Page 231: Appendix: Technical Support
We have tried to ensure that you get the most up-to-date information available about the Nomadix AG-2000w, and we hope this User’s Guide has met all your operational and performance needs. However, we understand that occasionally you may run into problems that require additional technical support. - Page 232 AG-2000 ™ / AG-2000 ™ OMADIX Notes Use this page for your notes. Technical Support...
-
Page 233: Glossary Of Terms
10/100 Ethernet See Ethernet. (Authentication, Authorization, and Accounting) A combination of commands used by Nomadix Gateways to authenticate, authorize, and subsequently bill subscribers for their use of the customer’s network. When a subscriber logs into the system, their unique MAC address is placed into an authorization table. The system then authenticates the subscriber’s MAC address and billing information before allowing them to... - Page 234 (ACKnowledgment) If all the transmitted data is present and correct, the receiving device sends an ACK signal, which acts as a request for the next data packet. Adaptive Configuration Technology A Nomadix, Inc. patented technology that enables Dynamic Address Translation. See also, DAT. ad-hoc mode 802.11x networking framework in which devices or stations communicate directly with each other, without the use of an Access Point (AP).
- Page 235 (permanent) IP addresses, or subscribers that do not have DHCP functionality on their computers. DAT is a Nomadix, Inc. patented technology that allows all users to obtain network access, regardless of their computer’s network settings. See also, DHCP.
- Page 236 AG-2000 ™ / AG-2000 ™ OMADIX DTIM (Delivery Traffic Indication Message) A message included in data packets that can increase wireless efficiency. Dynamic IP Address A temporary IP address that is assigned by the DHCP server to a device. Devices retain dynamic IP addresses only for the duration of their networking session.
- Page 237 AG-2000 ™ / AG-2000 ™ OMADIX FHSS (Frequency Hopping Spread Spectrum) One of two types of spread spectrum radio—the other being Direct- Sequence Spread Spectrum (DSSS). FHSS is a transmission technology used in WLAN transmissions where the data signal is modulated with a narrowband carrier signal that "hops" in a random but predictable sequence from frequency to frequency as a function of time over a wide band of frequencies.
- Page 238 ™ / AG-2000 ™ OMADIX (Home Page Redirection) Nomadix Gateways enable solution providers to redirect subscribers to a “portal” home page of their choice. This allows the solution provider to generate online advertising revenues and increase business exposure. See also, Home Page.
- Page 239 Whenever a subscriber logs on, your Nomadix Gateway automatically translates their computer’s network settings to provide them with seamless access to the broadband network. Subscribers no longer need to alter their computer’s settings.
- Page 240 SNMP agent with a properly defined MIB. See also, SNMP. Misconfigured User A Nomadix, Inc. term used to describe users who have IP address configurations that are different from the current network. For example, if the current network is 123.45.67.89 but the user’s IP address is 10.10.10.15, then this user is considered to be “misconfigured.”...
- Page 241 AG-2000 ™ / AG-2000 ™ OMADIX OSPF (Open Shortest Path First) This routing protocol was developed for IP networks based on the shortest path first or link-state algorithm. Routers use link-state algorithms to send routing information to all nodes on a network by calculating the shortest path to each node based on a topography of the Internet constructed by each node.
- Page 242 AG-2000 ™ / AG-2000 ™ OMADIX PPTP (Point-to-Point Tunneling Protocol) Developed jointly by Microsoft Corporation, U.S. Robotics, and several remote access vendor companies, known collectively as the PPTP Forum, PPTP is a new technology used for creating Virtual Private Networks (VPNs). Because the Internet is essentially an open network, PPTP is used to ensure that messages transmitted from one VPN node to another are secure.
- Page 243 Normally, a solution provider is offering a solution that isn’t readily available on the open market. For example, NOMADIX™ is a solution provider to its customers (broadband network service providers), and those customers are solution providers to their end users (network subscribers).
- Page 244 AG-2000 ™ / AG-2000 ™ OMADIX (Spanning Tree Protocol) A link management protocol that is part of the IEEE 802.1 standard for media access control bridges. Using the spanning tree algorithm, STP provides path redundancy while preventing undesirable loops in a network that are created by multiple active paths between stations. Loops occur when there are alternate routes between hosts.
- Page 245 AG-2000 ™ / AG-2000 ™ OMADIX (Transport Layer Security) A protocol that guarantees privacy and data integrity between client/server applications communicating over the Internet. The TLS protocol is made up of two layers: TLS Record Protocol Layered on top of a reliable transport protocol, such as TCP, it ensures that the connection is private by using symmetric data encryption and ensures that the connection is reliable.
- Page 246 (Wireless Local Area Network) Also referred to as LAWN. A type of local-area network that uses high- frequency radio waves rather than wires to communicate between nodes. See also, Node. (Web Management Interface) The browser-based system administrators interface for all Nomadix Gateways.
- Page 247 HTML. For example, XML supports links that point to multiple documents, as opposed to HTML links, which can reference just one destination each. For all Nomadix Gateways, XML is used by the subscriber management module for port location and user administration.
- Page 248 AG-2000 ™ / AG-2000 ™ OMADIX Notes Use this page for your notes. Glossary of Terms...
-
Page 249: Index
Centralized Management System an overview character lengths AAA services External Web Server logging in Internal Web Server AG-2000w access control 13, logging in access levels overview accounting Command Line Interface AG-2000w inputting data installation logging in... - Page 250 AG-2000 ™ / AG-2000 ™ OMADIX deployment options DHCP ICC 20, 133, enabling service (CLI) ICMP statistics DHCP leases IEEE standards DHCP service options importing importing configuration settings server importing factory settings primary IP address iNAT 19, secondary IP address Information and Control Console 20, 133, setting (CLI) DNS options 83,...
- Page 251 22, subscriber administration menu subscriber interface menu network system menu interface IP address Web Management Interfacenetwork network architecture info menu Network Info menu network interfaces Nomadix private MIB RADIUS NSE core functionality client 23, NTP support Index...
- Page 252 AG-2000 ™ / AG-2000 ™ OMADIX proxy models realms Subscriber Administration routings Subscriber Interface 129, RADIUS attributes subscriber messages rebooting subscriber profiles redirection adding home page deleting all expired deleting by MAC remember me routes 164, deleting by user adding displaying deleting finding by MAC...
- Page 253 AG-2000 ™ / AG-2000 ™ OMADIX UI buttons UI labels unpacking updating firmware URL filtering 27, VPN tunneling walled garden Web Management Interface 28, menu organizatiion overview Web servers wireless configuration menu organization overview workflow installation XML API XML interface Index...
- Page 254 AG-2000 ™ / AG-2000 ™ OMADIX This page intentionally blank Index...
Need help?
Do you have a question about the AG-2000W and is the answer not in the manual?
Questions and answers