1. Manuals
  2. Brands
  3. AirLive Manuals
  4. Gateway
  5. IAS-2000 V2
  6. User manual

AirLive IAS-2000 V2 User Manual

Internet access gateway
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
IAS-2000 v2
Internet Access Gateway
User's Manual
1

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the IAS-2000 V2 and is the answer not in the manual?

Questions and answers

Related Manuals for AirLive IAS-2000 V2

Summary of Contents for AirLive IAS-2000 V2

  • Page 1 IAS-2000 v2 Internet Access Gateway User’s Manual...

  • Page 2: Declaration Of Conformity

    OvisLink Corp. 5F., NO.6, Lane 130, Min-Chuan Rd., Hsin-Tien City, Taipei County, Taiwan Declare that the product Internet Access Gateway AirLive IAS-2000 v2 is in conformity with In accordance with 2004/108 EC Directive and 1999/5 EC-R & TTE Directive Clause Description ■...
  • Page 3 Directiva 1999/5/CE. disposiciones aplicables o exigibles de la Directiva 1999/5/CE. ΜΕ ΤΗΝ ΠΑΡΟΥΣΑ OvisLink Corp. ΔΗΛΩΝΕΙ OvisLink Corp izjavlja, da je ta AirLive IAS-2000 v2 v Ελληνική [Greek] ΟΤΙ AirLive IAS-2000 v2 ΣΥΜΜΟΡΦΩΝΕΤΑΙ Slovensko skladu z bistvenimi zahtevami in ostalimi relevantnimi ΠΡΟΣ...
  • Page 4 This device uses software which is partly or completely licensed under the terms of the GNU General Public License. The author of the software does not provide any warranty. This does not affect the warranty for the product itself. To get source codes please contact: OvisLink Corp., 5F, No. 96, Min-Chuan Rd, Hsin-Tien City, Taipei, Taiwan, R.O.C. A fee will be charged for production and shipment for each copy of the source code.
  • Page 5 FCC Interference Statement The IAS-2000 v2 has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against radio interference in a commercial environment.

  • Page 6: Table Of Contents

    User’s Manual Contents Chapter 1. Before You Start .............................1 Audience ................................1 Document Conventions ..........................1 Chapter 2. Overview ..............................2 Introduction of IAS-2000 v2 ..........................2 System Concept..............................2 Chapter 3. Hardware Installation..........................5 Panel Function Descriptions...........................5 Package Contents ............................6 System Requirement ............................6 Installation Steps ............................7 Chapter 4.
  • Page 7 IAS-2000 v2 User’s Manual 5.3.2 Policy Configuration...........................87 5.3.3 Black List Configuration..........................95 5.3.4 Guest User Configuration ...........................98 5.3.5 Additional Configuration ..........................99 Utilities...............................118 5.4.1 Change Password ............................119 5.4.2 Backup/Restore Setting..........................120 5.4.3 Firmware Upgrade ............................121 5.4.4 Restart ...............................122 Status ................................123 5.5.1 System Status ............................124 5.5.2...

  • Page 8: Chapter 1. Before You Start

    Before You Start 1.1 Audience This manual is for Hotspot owners or administrators in enterprises to set up network environment using IAS-2000 v2. It contains step by step procedures and graphic examples to guide MIS staff or individuals with slight network system knowledge to complete the installation.

  • Page 9: Chapter 2. Overview

    The authentication mechanism at the user’s end is provided by the IAS-2000 v2 server, and the SSL encryption is used to protect the webpage. In the system, IAS-2000 v2 is responsible for authentication, authorization, and management functions.
  • Page 10 If the online user remains idle without using the network for a time exceeding a predetermined idle time on IAS-2000 v2 or the online user logs out of the system, IAS-2000 v2 will exit the working stage of such user and terminate the user’s access right of the network.
  • Page 11 IAS-2000 v2 User’s Manual...

  • Page 12: Chapter 3. Hardware Installation

    Thus, administrators can choose to force the authentication for users connected to these ports. WAN1/WAN2: The two WAN ports are connected to a network which is not managed by the IAS-2000 v2 system, and this port can be used to connect the ATU-Router of ADSL, the port of Cable Modem, or the Switch or Hub on the...

  • Page 13: Package Contents

    Power Fan: Keep the power cool. Power Socket: The power cord attaches here. Power Switch: Turn on and off the machine. 3.2 Package Contents The standard package of IAS-2000 v2 includes: IAS-2000 v2 x 1 CD-ROM x 1 Power Cord x 1...

  • Page 14: Installation Steps

    User’s Manual 3.4 Installation Steps Please follow the following steps to install IAS-2000 v2: Connect the power cord to the power socket on the rear panel. Turn on the power switch on the rear panel. The Power LED will light up.
  • Page 15 After the hardware of IAS-2000 v2 is installed completely, the system is ready to be configured in the following sections. The manual will guide you step by step to set up the system using a single IAS-2000 v2 to manage the...

  • Page 16: Chapter 4. Network Configuration On Pc

    User’s Manual Chapter 4. Network Configuration on PC After IAS-2000 v2 is installed, the following configurations must be set up on the PC: Internet Connection Setup for Windows XP and TCP/IP Network Setup. 4.1. Internet Connection Setup for Windows XP 1.
  • Page 17 IAS-2000 v2 User’s Manual 3. Click Next when Welcome to the New Connection Wizard screen appears. 4. Choose “Connect to the Internet” and then click Next. 5. Choose “Set up my connection manually” and then click Next.
  • Page 18 IAS-2000 v2 User’s Manual 6. Choose “Connect using a broadband connection that is always on” and then click Next. 7. Finally, click Finish to exit the Connection Wizard. Now, the setup has been completed...

  • Page 19: Tcp/Ip Network Setup

    With the factory default settings, during the process of starting the system, IAS-2000 v2 with DHCP function will automatically assign an appropriate IP address and related information for each PC. If the Windows operating system is not a server version, the default settings of the TCP/IP will regard the PC as a DHCP client, and this function is called “Obtain an IP address automatically”.
  • Page 20 IAS-2000 v2. 4-2. Using Specific IP Address: If using specific IP address is desired, ask the network administrator for the information of the IAS-2000 v2: IP address, Subnet Mask, New gateway and DNS server address. Caution: If your PC has been set up completed, please inform the network administrator before modifying the...
  • Page 21 IAS-2000 v2 User’s Manual Please choose “Use following address:” and enter the information given from the network administrator in “IP address:” and “Subnet mask:” as well as “Default gateway” If the DNS Server column is blank, please choose “Use the following DNS server addresses:”...
  • Page 22 IAS-2000 v2 User’s Manual Choose the “IP Settings” label and click “Add” below the “Default gateways” column and the “TCP/IP Gateway Address” window will appear. Enter the gateway address of IAS-2000 v2 in the “Gateway:” of “TCP/IP Gateway Address” window, and then click Add. After returning to the “IP Settings”...

  • Page 23: Chapter 5. Web Interface Configuration

    IAS-2000 v2 User’s Manual Chapter 5. Web Interface Configuration This chapter will present further detailed settings. The following table shows all the functions of IAS-2000 v2. System Network User OPTION Utilities Status Configuration Configuration Authentication Configuration Network Address Authentication Change Password...
  • Page 24 IP address such as 192.168.2.xx in your network and then try it again. After successfully logging into IAS-2000 v2, enter the web management interface and see the welcome page. There is a Logout button on the upper right corner to log out the system.

  • Page 25: System Configuration

    IAS-2000 v2 User’s Manual 5.1 System Configuration This section includes the following functions: Configuration Wizard, System Information, WAN1 Configuration, WAN2 & Failover, LAN1 Configuration and LAN2 Configuration.

  • Page 26: Configuration Wizard (Also Served As Quick Installation)

    There are two ways to configure the system: using Configuration Wizard or change the setting by demands manually. The Configuration Wizard has 7 steps providing a simple and easy way to set up IAS-2000 v2 and can be served as Quick Installation. There are 7 steps as listed below: 1.
  • Page 27 IAS-2000 v2 User’s Manual Then, click on Configuration Wizard and click the Run Wizard button to start the wizard. Running the Wizard A welcome screen that briefly introduces the 7 steps will appear. Click Next to begin. Step 1: Change Admin’s Password...
  • Page 28 NTP Server: Enter the URL of external time server for IAS-2000 v2 time synchronization or use the default. DNS Server: Enter a DNS Server provided by the ISP (Internet Service Provider). Contact the ISP if the DNS IP Address is unknown.
  • Page 29 Public LAN must be configured with an IP address manually. Enable DHCP Server: When the option is selected, IAS-2000 v2 will automatically provide the necessary IP address to all clients in Public LAN. Click Next to continue.
  • Page 30 Click Next to continue. Step 6: Select Default Authentication Server Set the user’s information in advance. Enter an easy identified name as the postfix name in the Postfix Name field (e.g. airlive) and choose an authentication method. Click Next to continue.
  • Page 31 IAS-2000 v2 User’s Manual Local User- Add User A new user can be added to the local user data base. To add a user here, enter the Username (e.g. test), Password (e.g. test), MAC (optional) and assign it a policy (or use the default). Upon...
  • Page 32 IAS-2000 v2 User’s Manual LDAP User- Authentication Method-LDAP Add a new user to the LDAP user data base. Enter the “LDAP Server”, “Server Port” and “Base DN” and select one kind of Binding Type and Account Attribute to access the LDAP server.
  • Page 33 When NT Domain User is selected, enter the information “Server Address”, enable/disable “Transparent Login”. After this setup is completed, click Next to continue. Step 7: Restart Click Restart to save the current settings and restart IAS-2000 v2. The Setup Wizard is now completed.
  • Page 34 User’s Manual During IAS-2000 v2 restart, a “Restarting now. Wait for a minute.” message will appear on the screen. Please do not interrupt IAS-2000 v2 until the message has disappeared. This indicates that a complete and successful restart process has finished.

  • Page 35: System Information

    IP address range of 10.2.3.0/24, user can reach the administration page of IAS-2000. SNMP: IAS-2000 v2 supports SNMPv2 and SNMPv3. If the function is enabled, assign the Manager IP and the community of SNMPv2 and SNMPv3 to access the management information base (MIB) of the system.
  • Page 36 IAS-2000 v2 User’s Manual System Time: IAS-2000 v2 supports NTP communication protocol to synchronize the network time. Please specify the IP address of a NTP server and select the desired time zone in the system configuration interface for adjusting the time automatically. (Universal Time is Greenwich Mean Time, GMT). Time can also be set manually when by selecting “Set Device Date and Time”.

  • Page 37: Wan1 Configuration

    IAS-2000 v2 User’s Manual 5.1.3 WAN1 Configuration There are 3 methods that WAN1 Port supports: Static IP Address, Dynamic IP Address, and PPPoE Client. Static IP Address: Manually specifying the IP address of the WAN1 Port which is applicable for the network environment where the DHCP service is unavailable.
  • Page 38 IAS-2000 v2 User’s Manual Dynamic IP address: It is only applicable for the network environment where the DHCP Server is available in the network. Click the Renew button to get an IP address.
  • Page 39 IAS-2000 v2 User’s Manual PPPoE Client: When selecting PPPoE to connect to the network, please enter the “Username” and “Password”. There is a Dial on demand function under PPPoE. If this function is enabled, you can set a Maximum Idle Time. When the idle time is reached, the system will automatically disconnect itself.

  • Page 40: Wan2 & Failover

    IAS-2000 v2 User’s Manual 5.1.4 WAN2 & Failover There are 3 methods of obtaining an IP address for the WAN2 Port: None, Static IP Address, and Dynamic IP Address. None: The WAN2 Port is not functional. Warning of Internet Disconnection: Enable to detect the WAN1 port connection status.
  • Page 41 IAS-2000 v2 User’s Manual Dynamic IP Address: Select this when WAN2 Port can obtain IP address automatically, such as a DHCP Server available from WAN2 Port. Up to three URLs can be entered. Check “Warning of Internet Disconnection” to work with the WAN Failover function.
  • Page 42 IAS-2000 v2 User’s Manual For Dynamic IP Address, WAN Failover and Fallback to WAN1 when possible also can be enabled like as the function for Static IP Address. If Warning of Internet Disconnection is enabled, a warning message can be entered to indicate what the system should display when Internet connection is down.

  • Page 43: Lan1 Configuration

    IAS-2000 v2 User’s Manual 5.1.5 LAN1 Configuration User authentication can be chosen to enable or disable in LAN1 port. In this part, you can set the related configurations about LAN1 port and DHCP server.
  • Page 44 IAS-2000 v2 User’s Manual DHCP Server Configuration Disable DHCP Server: Disable the function of the DHCP Server. Enable DHCP Server: Enter proper setting of Start IP Address, End IP Address, Preferred DNS Server, Alternate DNS Server, Domain Name, WINS Server, Lease Time, and Reserved IP Address List. See the...
  • Page 45 IAS-2000 v2 User’s Manual Reserved IP Address List: Click on the Reserved IP Address List on the management interface to fill in the reserved IP addresses if desired. Then, the setup of the Reserved IP Address List as shown in the following figure will appear. Enter the related Reserved IP Address, MAC, and Description (not compulsory).
  • Page 46 IAS-2000 v2 User’s Manual Enable VLAN: If you want to split LAN1 to several VLANs, please select the Enable VLAN. After Enable VLAN is selected, the following screen will appear. Choose the desired Item and click Edit for further configuration.
  • Page 47 IAS-2000 v2 and onward to outside the network. Router: All IP addresses externally connected through the VLAN port use its original IP addresses for external connection. Thus, IAS-2000 v2 acts like a Router. IP Address: Enter the desired IP address for this VLAN.
  • Page 48 Disable DHCP Server: Disable the function of the DHCP Server of IAS-2000 v2. Enable DHCP Server: If you want to use the DHCP Server function of IAS-2000 v2, set proper configurations is necessary. Related information needed on setting up the DHCP Server is described as follows: Start IP Address, End IP Address, Preferred DNS Server, Alternate DNS Server, Domain Name, WINS Server, Lease Time, and Reserved IP Address List.
  • Page 49 IAS-2000 v2 User’s Manual Reserved IP Address List: If you want to use the reserved IP address function, click on the Reserved IP Address List on the management interface. Then, the setup of the Reserved IP Address List as shown in the following figure will appear. Enter the related Reserved IP Address, MAC, and Description (not compulsory).

  • Page 50: Lan2 Configuration

    IAS-2000 v2 User’s Manual 5.1.6 LAN2 Configuration User authentication can be chosen to enable or disable in LAN2 port. In this part, you can set the related configurations about LAN2 port and DHCP server.
  • Page 51 IAS-2000 v2 User’s Manual DHCP Server Configuration Disable DHCP Server: Disable the function of the DHCP Server. Enable DHCP Server: Enter proper setting of Start IP Address, End IP Address, Preferred DNS Server, Alternate DNS Server, Domain Name, WINS Server, Lease Time, and Reserved IP Address List. See the...
  • Page 52 IAS-2000 v2 User’s Manual Reserved IP Address List: Click on the Reserved IP Address List on the management interface to fill in the reserved IP addresses if desired. Then, the setup of the Reserved IP Address List as shown in the following figure will appear. Enter the related Reserved IP Address, MAC, and Description (not compulsory).
  • Page 53 IAS-2000 v2 User’s Manual Enable VLAN: If you want to split LAN2 to several VLANs, please select the Enable VLAN. After Enable VLAN is selected, the following screen will appear. Choose the desired Item and click Edit for further configuration.
  • Page 54 Disable DHCP Server: Disable the function of the DHCP Server of IAS-2000 v2. Enable DHCP Server: If you want to use the DHCP Server function of IAS-2000 v2, set proper configurations is necessary. Related information needed on setting up the DHCP Server is described as follows: Start IP Address, End IP Address, Preferred DNS Server, Alternate DNS Server, Domain Name, WINS Server, Lease Time, and Reserved IP Address List.
  • Page 55 IAS-2000 v2 User’s Manual Reserved IP Address List: If you want to use the reserved IP address function, click on the Reserved IP Address List on the management interface. Then, the setup of the Reserved IP Address List as shown in the following figure will appear. Enter the related Reserved IP Address, MAC, and Description (not compulsory).

  • Page 56: Network Configuration

    IAS-2000 v2 User’s Manual 5.2 Network Configuration This section includes the following functions: Network Address Translation, Privilege List, Monitor IP List, Walled Garden List, Proxy Server Properties, Dynamic DNS and IP Mobility.

  • Page 57: Network Address Translation

    IAS-2000 v2 User’s Manual 5.2.1 Network Address Translation There are three parts, DMZ, Virtual Servers and Port and IP Redirect, need to be set. DMZ (De-Militarized Zone) allows administrators to define mandatory external to internal IP mapping; hence a user on WAN side network can access the private machine via the external IP (similar to DMZ usage in firewall product).
  • Page 58 This function allows the administrator to set 40 virtual servers at most, so that the computers not belonging to the managed network can access the servers in the managed network via WAN port IP of IAS-2000 v2. Please enter the “External Service Port”, “Local Server IP Address” and “Local Server Port”. According to the different services provided, the network service can use the TCP protocol or the UDP protocol.
  • Page 59 IAS-2000 v2 User’s Manual...

  • Page 60: Privilege List

    IP addresses of these workstations in this list. The “Remark” blank is not necessary but is useful to keep track. IAS-2000 v2 allows 100 privilege IP addresses at most. These settings will become effective immediately after clicking Apply.
  • Page 61 In addition to the IP address, the MAC address of the workstations that need to access the network without authentication can also be set in this list. IAS-2000 v2 allows 100 privilege MAC addresses at most. The list can be created by entering data in the table or by import from a file. The list can be exported as well.
  • Page 62 IAS-2000 v2 User’s Manual Import List: Select an Access Gateway and then click Import List to enter the Upload Privilege MAC Address List interface. Click the Browse button to select the text file for the user account upload. Then click Submit to complete the upload.

  • Page 63: Monitor Ip List

    IAS-2000 v2 User’s Manual 5.2.3 Monitor IP List The system will send out a packet periodically to monitor the connection status of the IP addresses on the list. If the monitored IP address does not respond, the system will send an e-mail to notify the administrator that such destination is not reachable.
  • Page 64 IAS-2000 v2 User’s Manual Auth Method: The system provides four authentication methods, PLAIN, LOGIN, CRAM-MD5 and NTLMv1, or “NONE” to use none of the above. Depending on which authentication method selected, enter the Account Name, Password and Domain. Send Test Email: Click “Send” to send out a test e-mail of the IP monitoring report.

  • Page 65: Walled Garden List

    IAS-2000 v2 User’s Manual 5.2.4 Walled Garden List This function provides some free services to the users to access websites listed here before login and authentication. Up to 20 addresses or domain names of the websites can be defined in this list. Users without the network access right can still have a chance to experience the actual network service free of charge.

  • Page 66: Proxy Server Properties

    IAS-2000 v2 supports Internal Proxy Server and External Proxy Server functions. Please perform the necessary configurations. Internal Proxy Server: IAS-2000 v2 has a built-in proxy server. If this function is enabled, the end users will be forced to treat IAS-2000 v2 as the proxy server regardless of the end-users’ original proxy settings.

  • Page 67: Dynamic Dns

    5.2.6 Dynamic DNS IAS-2000 v2 provides a convenient DNS function to translate the IP address of WAN port to a domain name that helps the administrator memorize and connect to WAN port. If the DHCP is activated at WAN port, this function will also update the newest IP address regularly to the DNS server.

  • Page 68: Ip Mobility

    Mobile IP If several sets of IAS-2000 v2 are used to construct a network environment, a client can use the same group of IP configurations. When a client roams into different locations, the connection will be kept alive; therefore no...

  • Page 69: User Authentication

    IAS-2000 v2 User’s Manual 5.3 User Authentication This section includes the following functions: Authentication Configuration, Policy Configuration, Black List Configuration, Guest User Configuration and Additional Configuration.

  • Page 70: Authentication Configuration

    IAS-2000 v2 User’s Manual 5.3.1 Authentication Configuration This function is to configure the settings for different authentication servers. The system provides 10 servers (Local, POP3, RADIUS, LDAP and NT Domain), one On-demand User and one PMS User that the administrator can apply with different policies.

  • Page 71: Local Server

    IAS-2000 v2 User’s Manual 5.3.1.1 Local Server This server is only for “Local User” and the authentication method can not be changed for this server. Server Name: Set a name for the server using numbers (0 to 9), alphabets (a to z or A to Z), dash (-), underline (_) and dot (.) with a maximum of 40 characters, all other letters are not allowed.
  • Page 72 IAS-2000 v2 User’s Manual Click the Local User Setting hyperlink for further configuration. Edit Local User List: Click this to enter the “Local User List” screen. Add User: Click this button to enter the Add User page. Fill in the necessary information such as “Username”, “Password”, “MAC”...
  • Page 73 IAS-2000 v2 User’s Manual Click Apply to complete adding the user or users Import User: Click this to enter the Upload User Account page. Click the Browse button to select the text file for the user account upload. Then click Submit to complete the upload process.
  • Page 74 IAS-2000 v2 User’s Manual The uploading file should be a text file and the format of each line is "ID, Password, MAC, Policy, Remark" or “ID, Password, MAC, Max bandwidth, Request bandwidth, Policy, Remark” without the quotes. There must be no spaces between the fields and commas. The MAC field could be omitted but the trailing comma must be retained.
  • Page 75 IAS-2000 v2 User’s Manual Export List: Click this to create a .txt file and then save it on disk. Refresh: Click this to refresh the list.
  • Page 76 IAS-2000 v2 User’s Manual Search: Enter a keyword of a username to be searched in the text filed and click this button to perform the search. All usernames matching the keyword will be listed. Del All: This will delete all the users at once.
  • Page 77 IAS-2000 v2 User’s Manual Radius Roaming Out / 802.1x Authentication: These 2 functions can be enabled or disabled by checking the radio button. Checking either of them makes the hyperlink called Radius Client List show up. Click the hyperlink of Radius Client List to enter the Radius Client Configuration interface. Choose the desired type, Disable, Roaming Out or 802.1x and key in the related data and then click Apply to complete the...

  • Page 78: Pop3 Server

    IAS-2000 v2 User’s Manual 5.3.1.2 POP3 Server POP3, RADIUS, LDAP and NT Domain Server can be chosen to be the authentication method. Choose “POP3” in the Authentication Method field, the hyperlink beside the pull-down menu will become “POP3 Setting”. Server Name: Set a name for the server using numbers (0 to 9), alphabets (a to z or A to Z), dash (-), underline (_) and dot (.) with a maximum of 40 characters, all other letters are not allowed.
  • Page 79 IAS-2000 v2 User’s Manual Click the hyperlink of POP3 Setting for further configuration. Enter the related information for the primary server and/or the secondary server (the secondary server is not required). The blanks with red asterisks are necessary information. These settings will become effective immediately after clicking the Apply button.
  • Page 80 IAS-2000 v2 User’s Manual 5.3.1.3 Radius Server Choose “Radius” in the Authentication Method field, the hyperlink beside the pull-down menu will become “RADIUS Setting”. Server Name: Set a name for the server using numbers (0 to 9), alphabets (a to z or A to Z), dash (-), underline (_) and dot (.) with a maximum of 40 characters, all other letters are not allowed.
  • Page 81 Accounting Service: Select this to enable or disable the “Accounting Service” for accounting capabilities. Authentication Protocol: There are two methods, CHAP and PAP for selection. Notice: If Radius Server does not assign idle-timeout value, IAS-2000 v2 will use the local idle-timeout instead.
  • Page 82 IAS-2000 v2 User’s Manual 5.3.1.4 LDAP Server Choose “LDAP” in the Authentication Method field, the hyperlink beside the pull-down menu will become “LDAP Setting”. Server Name: Set a name for the server using numbers (0 to 9), alphabets (a to z or A to Z), dash (-), underline (_) and dot (.) with a maximum of 40 characters, all other letters are not allowed.
  • Page 83 IAS-2000 v2 User’s Manual Click the hyperlink of LDAP Setting for further configuration. Enter the related information for the primary server and/or the secondary server (the secondary server is not required). The blanks with red asterisks are necessary information. These settings will become effective immediately after clicking the Apply button.
  • Page 84 IAS-2000 v2 User’s Manual Anonymous: Access the LDAP servers without requiring authentication but only select one Account Attribute (UID, CN or sAMAccountName). Specified DN: Enter more information for the specific DN username and password in the “Bind RDN” and “Bind Password” fields, and then select one Account Attribute (UID, CN or sAMAccountName) to access the LDAP server.

  • Page 85: Nt Domain Server

    These settings will become effective immediately after clicking the Apply button. Server IP address: Enter the server IP address of the NT domain controller. Transparent Login: If this function is enabled, when users log into the Windows domain, they will log into IAS-2000 v2 automatically.

  • Page 86: On Demand User

    IAS-2000 v2 User’s Manual 5.3.1.6 On Demand User This is for the customer’s need in a store environment. When the customers need to use wireless Internet in the store, they have to get a printed receipt with username and password from the store to log in the system for wireless access.
  • Page 87 IAS-2000 v2 User’s Manual Users List: Click to enter the On-demand User List screen. In the On-demand User List, detailed information will be documented here. By default, the On-demand user database is empty. Search: Enter a keyword of a username to be searched in the text filed and click this button to perform the search.
  • Page 88 IAS-2000 v2 User’s Manual Billing Configuration: Click this to enter the Billing Configuration screen. In the Billing Configuration page, Administrator may configure up to 10 billing plans. Status: Select to enable or disable this billing plan. Type: Set the billing plan by “Data” (the maximum volume allowed is 999,999 Mbyte) or “Time” (the maximum days allowed is 999 Hrs).
  • Page 89 IAS-2000 v2 User’s Manual Create On-demand User: Click this to enter the On-demand User Generate page. Pressing the Create button for the desired plan, an On-demand user will be created, then click Printout to print a receipt which will contain this on-demand user’s information. There are 2000 On-demand user...

  • Page 90: Pms User

    IAS-2000 v2 User’s Manual 5.3.1.7 PMS User The system integrates a hotel in-door billing system, PMS, developed by Micros Fidelio, and it is usually used in the hotel environment. When the customers need to use wireless Internet in the hotel, they have to get printed receipts with usernames and passwords from the hotel to log in the system for wireless access.
  • Page 91 IAS-2000 v2 User’s Manual Search: Enter a keyword of a username to be searched in the text filed and click this button to perform the search. All usernames matching the keyword will be listed. Room No.: The room number of the PMS user.
  • Page 92 IAS-2000 v2 User’s Manual Status: Select to enable or disable this billing plan. Hr. Purchased: This is the duration of time that the user purchases. 1-999 hour(s) can be entered. Valid Period: This is the duration of time that the user can use the Internet service after the activation of the account.
  • Page 93 IAS-2000 v2 User’s Manual By default, the PMS user database is empty. After entering “Room Number” and “Maximum User” then pressing Create button by the desired plan, a PMS user will be created. Click Printout to print a receipt which will contain this PMS user’s information. See the following figure.

  • Page 94: Policy Configuration

    User’s Manual 5.3.2 Policy Configuration There are ten policies that IAS-2000 v2 supports and a Global policy. Every Policy has three profiles, Firewall Profile, Specific Route Profile, and Schedule Profile as well as one Bandwidth setting for that policy. But Global policy only has Firewall Profile and Specific Route Profile settings.
  • Page 95 IAS-2000 v2 User’s Manual Rule Item: This is the rule selected. Rule Name: The rule name can be changed here. Enable this Rule: After checking this function, the rule will be enabled. Action: There are two options, Block and Pass. Block is to prevent packets from passing and Pass is to permit packets passing.
  • Page 96 IAS-2000 v2 User’s Manual Specific Route Profile: Click the hyperlink of Setting for Specific Route Profile, the Specific Route Profile page will appear. Profile Name: The profile name can be changed here. Destination IP Address: The destination IP address of the host or the network.
  • Page 97 IAS-2000 v2 User’s Manual Maximum Concurrent Sessions: The concurrent sessions for each user; it can be restricted by administrator. When a user reaches the session limit, this user will be implicitly suspended from any new connection for a fixed time period.
  • Page 98 IAS-2000 v2 User’s Manual Rule Item: This is the rule selected. Rule Name: The rule name can be changed here. Enable this Rule: After checking this function, the rule will be enabled. Action: There are two options, Block and Pass. Block is to prevent packets from passing and Pass is to permit packets passing.
  • Page 99 IAS-2000 v2 User’s Manual Source/Destination Interface: There are five interfaces to choose, ALL, WAN1, WAN2, LAN1 and LAN2. Source/Destination IP: Enter the source and destination IP addresses. Source/Destination Subnet Mask: Enter the source and destination subnet masks. Specific Route Profile: Click the hyperlink of Setting for Specific Route Profile, the Specific Route Profile page will appear.
  • Page 100 IAS-2000 v2 User’s Manual Bandwidth: Choose one bandwidth limit for that particular policy.
  • Page 101 IAS-2000 v2 User’s Manual Maximum Concurrent Sessions: The concurrent sessions for each user; it can be restricted by administrator. When a user reaches the session limit, this user will be implicitly suspended from any new connection for a fixed time period.

  • Page 102: Black List Configuration

    IAS-2000 v2 User’s Manual 5.3.3 Black List Configuration The administrator can add, delete, or edit the black list for user access control. Each black list can include 500 users at most. If a user in the black list wants to log into the system, the user’s access will be denied. The administrator can use the pull-down menu to select the desired black list.
  • Page 103 IAS-2000 v2 User’s Manual If the administrator wants to remove a user from the black list, just select the user’s “Delete” check box and then click the Delete button to remove that user from the black list.
  • Page 104 IAS-2000 v2 User’s Manual Import Black List: Click this to enter the Upload black List Account – (Blacklist1) page. Click the Browse button to select the text file for the user account upload to the black list. Then click Submit to complete the upload process.

  • Page 105: Guest User Configuration

    This function can permit guests to log into the system. Select “Enable Guest User” and click Apply to save the settings. Guest User List: IAS-2000 v2 offers ten guest user accounts. To activate a guest user, just enter the password in the corresponding “Password” field for that guest account. Guest accounts with blank password will not be activated.

  • Page 106: Additional Configuration

    IAS-2000 v2 User’s Manual 5.3.5 Additional Configuration User Control: Functions under this section applies for all general users. Idle Timer: If a user has been idled with no network activities, the system will automatically kick out the user. The logout timer can be set in the range of 1~1440 minutes, and the default logout time is 10 minutes.
  • Page 107 IAS-2000 v2 User’s Manual Customize Login Pages 1. Certificate: The administrator can upload a new private key and a customer certificate. Click the Browse button to select the file for the certificate to upload. Then click Submit to complete the upload process.
  • Page 108 IAS-2000 v2 User’s Manual b. Choose Template Page to make a customized login page here. Click Select to pick up a color and then fill in all of the blanks. Click Preview to see the result first.
  • Page 109 IAS-2000 v2 User’s Manual c. Choose Uploaded Page and upload a login page. Click the Browse button to select the file to upload. Then click Submit to complete the upload process. After the upload process is completed, the new login page can be previewed by clicking Preview button at...
  • Page 110 IAS-2000 v2 User’s Manual The user-defined login page must include the following HTML codes to provide the necessary fields for username and password. f the user-defined login page includes an image file, the image file path in the HTML code must be the image file to be uploaded.
  • Page 111 IAS-2000 v2 User’s Manual d. Choose the External Page selection and get the login page from the specific website. Enter the website address in the “External Page Setting” field and then click Apply. After applying the setting, the new login page can be previewed by clicking Preview button at the bottom...
  • Page 112 IAS-2000 v2 User’s Manual 3. Logout Page: The users can apply their own logout page here. The process is similar to that of Login Page. The different part is the HTML code of the user-defined logout interface must include the following HTML code that the user can enter the username and password.
  • Page 113 IAS-2000 v2 User’s Manual 4. Login Success Page for On-Demand: The administrator can use the default login success page for On-Demand or get the customized login success page for On-Demand by setting the template page, uploading the page or downloading from the specific website. After finishing the setting, click Preview to see the login success page for On-Demand.
  • Page 114 IAS-2000 v2 User’s Manual b. Choose Template Page to make a customized login success page for On-Demand here. Click Select to pick up a color and then fill in all of the blanks. Click Preview to see the result first.
  • Page 115 IAS-2000 v2 User’s Manual c. Choose Uploaded Page and get the login success page for On-Demand by uploading. Click the Browse button to select the file for the login success page for On-Demand upload. Then click Submit to complete the upload process After the upload process is completed, the new l login success page for On-Demand can be previewed by clicking Preview button at the bottom.
  • Page 116 IAS-2000 v2 User’s Manual After the image file is uploaded, the file name will show on the “Existing Image Files” field. Check the file and click Delete to delete the file. d. Choose the External Page selection and get the login success page from the specific website. Enter the website address in the “External Page Setting”...
  • Page 117 IAS-2000 v2 User’s Manual b. Choose Template Page to make a customized login success page here. Click Select to pick up a color and then fill in all of the blanks. Click Preview to see the result first.
  • Page 118 IAS-2000 v2 User’s Manual c. Choose Uploaded Page and get the login success page to upload. Click the Browse button to select the file for the login success page upload. Then click Submit to complete the upload process. After the upload process is completed, the new login success page can be previewed by clicking Preview button at the bottom.
  • Page 119 IAS-2000 v2 User’s Manual After the image file is uploaded, the file name will show on the “Existing Image Files” field. Check the file and click Delete to delete the file. d. Choose the External Page selection and get the login success page from the specific website. Enter the website address in the “External Page Setting”...
  • Page 120 IAS-2000 v2 User’s Manual 6. Logout Success Page: The administrator can use the default logout success page or get the customized logout success page by setting the template page, uploading the page or downloading from the specific external website. After finishing the setting, click Preview to see the logout success page.
  • Page 121 IAS-2000 v2 User’s Manual c. Choose Uploaded Page and get the logout success page to upload. Click the Browse button to select the file for the logout success page to be uploaded. Then click Submit to complete the upload process.
  • Page 122 IAS-2000 v2 User’s Manual Then, enter or browse the filename of the images to upload in the Upload Images field on the Upload Images Files page and then click Submit. The system will show the used space and the maximum size of the image file of 512K.
  • Page 123 1Mbyte and the level for Time is 5 minutes. POP3 Message: If a user tries to retrieve mail from POP3 mail server before login, the users will receive a welcome mail from IAS-2000 v2. The administrator can edit the content of this welcome mail.
  • Page 124 Enhance User Authentication: With this function, only the users with their MAC addresses in this list can log into IAS-2000 v2. There will only be 40 users allowed in this MAC address list. User authentication is still required for these users. Please click the hyper link of Permitted MAC Address List to enter the MAC Address Control page and fill in the wanted MAC addresses.

  • Page 125: Utilities

    IAS-2000 v2 User’s Manual 5.4 Utilities This section provides four utilities to customize and maintain the system including Change Password, Backup/Restore Setting, Firmware Upgrade and Restart.

  • Page 126: Change Password

    IAS-2000 v2 User’s Manual 5.4.1 Change Password The administrator can change passwords here. Please enter the required fields marked with red asterisks. Click Apply to activate the new passwords. Caution: If the administrator’s password is lost, the administrator’s password still can be changed through the text...

  • Page 127: Backup/Restore Setting

    User’s Manual 5.4.2 Backup/Restore Setting This function is used to backup/restore the IAS-2000 v2 settings. Also, IAS-2000 v2 can be restored to the factory default settings here. Backup Current Setting: Click Backup Settings to create a .db database backup file and save it on disk.

  • Page 128: Firmware Upgrade

    IAS-2000 v2 User’s Manual 5.4.3 Firmware Upgrade The administrator can download the latest firmware from the website and upgrade the system here. Click Browse to search for the firmware file and click Apply to go on with the firmware upgrade process. It might be a few minutes before the upgrade process completes and the system needs to be restarted afterwards to make the new firmware effective.

  • Page 129: Restart

    This function allows the administrator to safely restart IAS-2000 v2 and the process should take about three minutes. Click YES to restart IAS-2000 v2; click NO to go back to the previous screen. If turning off the power is necessary, restarting IAS-2000 v2 first and turning off the power after completing the restart process is recommended.

  • Page 130: Status

    IAS-2000 v2 User’s Manual 5.5 Status This section includes System Status, Interface Status, Current Users, Traffic History, Notification Configuration and Online Report to provide system status information and online user status.

  • Page 131: System Status

    IAS-2000 v2 User’s Manual 5.5.1 System Status This section provides an overview of the system for the administrator.
  • Page 132 User’s Manual The description of the table is as follows: Description Item The present firmware version of IAS-2000 v2 Current Firmware Version The system name. The default is Internet Access Gateway System Name The page the users are directed to after initial login is Home Page successful.
  • Page 133 IAS-2000 v2 User’s Manual Enabled / Disabled stands for the current setting to allow or Syslog Server disallow recording logs at syslog server. Session Enabled / Disabled stands for the current setting to allow or Email disallow mailing out logs to specific recipient.

  • Page 134: Interface Status

    IAS-2000 v2 User’s Manual 5.5.2 Interface Status Provide an overview of the interface for the administrator including WAN1, WAN2, LAN1 and LAN2.
  • Page 135 IAS-2000 v2 User’s Manual The description of the table is as follows: Description Item The MAC address of the WAN1 port. MAC Address The IP address of the WAN1 port. WAN1 IP Address The Subnet Mask of the WAN1 port.

  • Page 136: Current Users

    IAS-2000 v2 User’s Manual 5.5.3 Current Users In this function, each online user’s information including Username, IP, MAC, Pkts In, Bytes In, Pkts Out, Bytes Out, Idle and Kick Out can be obtained. Administrator can use this function to force a specific online user to log out.

  • Page 137: Traffic History

    IAS-2000 v2 User’s Manual 5.5.4 Traffic History This function is used to check the history of IAS-2000 v2. The history of each day will be saved separately in the DRAM for 3 days.
  • Page 138 IAS-2000 v2 User’s Manual Caution: Since the history is saved in the DRAM, if you need to restart the system and also keep the history, then please manually copy and save the information before restarting. Click Download to save every history log in a text file.
  • Page 139 IAS-2000 v2 User’s Manual If the History Email has been entered under the Notification Configuration page, then the system will automatically send out the history information to that email address. Traffic History As shown in the following figure, each line is a traffic history record consisting of 9 fields, Date, Type, Name, IP, MAC, Pkts In, Bytes In, Pkts Out, and Bytes Out, of user activities.
  • Page 140 IAS-2000 v2 User’s Manual Roaming Out Traffic History As shown in the following figure, each line is a roaming out traffic history record consisting of 14 fields, Date, Type, Name, NSID, NASIP, NASPort, UserMAC, SessionID, SessionTime, Bytes in, Bytes Out, Pkts In, Pkts Out and Message, of user activities.
  • Page 141 System Performance As shown in the following figure, the history record consists of 5 fields, CPU Usage %, Memory Usage %, Total Memory (KB), Memory Used (KB) and Memory Free (KB) of IAS-2000 v2 status. Monthly Report As shown in the following figure, 5 fields, Local, Roaming in, Roaming out, On Demand Users, PMS Users is...

  • Page 142: Notification Configuration

    5.5.5 Notification Configuration IAS-2000 v2 will save the traffic history and session logs into the internal DRAM. If the administrator wants the system to automatically send out the history to a particular email address, please enter the related information in these fields.
  • Page 143 IAS-2000 v2 User’s Manual Session Log for the Entire System: Syslog Server: Enter the IP and Port of the Syslog server. Send Log (to Email & FTP) every: The time interval to send the e-mail report, for upload logs to FTP server.
  • Page 144 IAS-2000 v2 User’s Manual Password: Specify FTP account password. FTP Setting Test: Click “Send Test Log” button to send a test report to FTP server.

  • Page 145: Online Report

    IAS-2000 v2 User’s Manual 5.5.6 Online Report This function provides real time on-line report of the IAS-2000 v2 system including System Status, Service Status, Network Interface Status and Network Session Status. System Status As shown in the following figure, the online report consists of 5 fields, CPU Usage, Memory Usage, Total Memory, Memory Used and Memory Free of IAS-2000 v2 status.
  • Page 146 IAS-2000 v2 User’s Manual Network Interface Status As shown in the following figure, the online report consists of 5 fields, Interface, Speed-IN (bps), Speed-OUT (bps), Packet-IN (pps) and Packet-OUT (pps) for WAN and LAN status. Network Session Status As shown in the following figure, the online report consists of 3 fields, IP, TCP session count and UDP session...

  • Page 147: Help

    IAS-2000 v2 User’s Manual 5.6 Help On the screen, the Help button is on the upper right corner. Click Help to the Online Help window and then click the hyperlink of the items to get the information.

  • Page 148: Appendix A. External Network Access

    Appendix A. External Network Access If all the steps are set properly, IAS-2000 v2 can be further connected to the managed network to experience the controlled network access environment. Firstly, connect an end-user device to the network at IAS-2000 v2’s LAN1 and set to obtain an IP address automatically.
  • Page 149 IAS-2000 v2 User’s Manual 4. An on-demand user can enter the username and password in the “User Login Page” and click Remaining button to know the remaining time or data quota of the account. 5. When an on-demand user logs in successfully, the following Login Successfully screen will appear and it is a little different from the normal user’s login successfully...

  • Page 150: Appendix B. Console Interface Configuration

    Enter key to make selection or confirm what you enter. 3. Once the console port of IAS-2000 v2 is connected properly, the console main screen will appear automatically. If the screen does not appear in the terminal simulation program automatically, please try to press the arrow keys, so that the terminal simulation program will send some messages, and the welcome screen or the main menu will appear.
  • Page 151 Set device into “safe mode”: If administrator is unable to use Web Management Interface via the browser for the system failed inexplicitly. Administrator can choose this utility and set IAS-2000 V2 into safe mode, then administrator can management this device with browser again.
  • Page 152 But connecting the system by SSH, we have to enter the username and password. The username is “admin” and the default password is also “airlive”, which is the same as for the web management interface. The administrator’s password can be changed here. Even if the password is forgotten and the management interface can not be accessed from the web or the remote end of the SSH, use the null modem to connect the console management interface and set the administrator’s password...

  • Page 153: Appendix C. Specifications

    IAS-2000 v2 User’s Manual Appendix C. Specifications a. Hardware Specification Dimensions: 42.6cm(W) x 4.4cm(H) x 27cm(D) Weight: 6kg Power: 90-264 VAC 43~63Hz Operating Temperature: 5-40°C 19” 1U Rack Mount Design 4 Gigabyte Ethernet (10/100/1000) RS-232 DB9 Supports 10/100/1000Mbps Full / Half Duplex Transfer Speed b.
  • Page 154 IAS-2000 v2 User’s Manual User Management Supports at least 500 on-line users concurrently Supports Local, POP3 (+SSL), RADIUS, and LDAP LAN1/LAN2 mechanisms Supports LAN1& LAN2 mechanisms simultaneously Can choose MAC address locking for built-in user database Can set the time for the user to log in to the system Can set the user’s idle time...

  • Page 155: Appendix D. Proxy Setting For Hotspot

    IAS-2000 v2 User’s Manual Appendix D. Proxy Setting for Hotspot HotSpot is a place such as a coffee shop, hotel, or a public area where provides Wi-Fi service for mobile and temporary users. HotSpot is usually implemented without complicated network architecture and using some proxy servers provided by Internet Service Providers.
  • Page 156 IAS-2000 v2 User’s Manual Click the Proxy Server Properties from left menu and the homepage of the Proxy Server Properties will appear. Add the ISP’s proxy Server IP and Port into External Proxy Server Setting.
  • Page 157 IAS-2000 v2 User’s Manual Enable Built-in Proxy Server in Internal Proxy Server Setting. Click Apply to save the settings.

  • Page 158: Appendix E. Proxy Setting For Enterprise

    IAS-2000 v2 User’s Manual Appendix E. Proxy Setting for Enterprise Enterprises usually isolate their intranet and internet by using more elaborated network architecture. Many enterprises have their own proxy server which is usually at intranet or DMZ under the firewall protection.
  • Page 159 IAS-2000 v2 User’s Manual Gateway setting Login Gateway by using “admin”. Click the Network Configuration from top menu and the homepage of the Network Configuration will appear.
  • Page 160 IAS-2000 v2 User’s Manual Click the Proxy Server Properties from left menu and the homepage of the Proxy Server Properties will appear. Add your proxy Server IP and Port into External Proxy Server Setting.
  • Page 161 IAS-2000 v2 User’s Manual Disable Built-in Proxy Server in Internal Proxy Server Setting. Click Apply to save the settings. Warning:If your proxy server is disabled, it will make the user authentication operation abnormal. When users open the browser, the login page won’t appear because the proxy server is down. Please make sure your proxy server is...
  • Page 162 IAS-2000 v2 User’s Manual Client setting It is necessary for clients to add default gateway IP address into proxy exception information so the user login successful page can show up normally. Use command “ipconfig” to get Default Gateway IP Address.
  • Page 163 IAS-2000 v2 User’s Manual For Firefox...

Table of Contents