Page 1 Nomadix AG 5000 User’s Guide...
Page 2 AG 5000 Copyright © 2005 Nomadix, Inc. All Rights Reserved. This product also includes software developed by: The University of California, Berkeley and its contributors; Carnegie Mellon University, Copyright © 1998 by Carnegie Mellon University All Rights Reserved; Go Ahead Software, Inc., Copyright © 1999 Go Ahead Software, Inc.
Page 3: Product Information
Trademarks symbol, and Nomadix Service Engine™ are trademarks of Nomadix, Inc. All other trademarks and brand names are marks of their respective holders. Product Information Telephone: +1.818.597.1500 Fax: +1.818.597.1502 For technical support information, see the Appendix in this User’s Guide.
Page 4 Nomadix, Inc. makes no warranty, either express or implied, including but not limited to any implied warranties of merchantability and fitness for a particular purpose, regarding the product described herein. In no event shall Nomadix, Inc. be liable to anyone for special, collateral, incidental, or consequential damages in connection with or arising from the use of Nomadix, Inc.
Page 5 WARNING CAUTION Risk of electric shock; do not open; Read the instruction manual prior to no user-serviceable parts inside. operation. Risque de choc electrique; ne pas Lire le mode d’emploi avant ouvrir; ne pas tenter de démonter utilisation. l’appareil. 1100 Business Center Circle, Suite 100, Newbury Park, CA 91320, USA (head office)
Page 6 This page intentionally blank...
Page 7: Table Of Contents
Table of Contents Introduction ......................9 About this User’s Guide ..................... 9 Organization........................ 9 Welcome to the AG 5000 ..................10 Product Configuration and Licensing ............... 10 Key Features and Benefits ..................11 Platform Reliability ................... 11 Local Content and Services ................11 Transparent Connectivity ..................
Page 8 Assigning the Location Information and IP Addresses ........48 Logging Out and Powering Down the System ............50 Connecting the AG 5000 to the Customer’s Network ..........51 Establishing the Basic Configuration for Subscribers ..........52 Setting the DHCP Options................. 52 Setting the DNS Options ..................
Page 9 AG 5000 Installing the Nomadix Private MIB................. 56 Chapter 2: System Administration ..............57 Choosing a Remote Connection ................57 Using the Web Management Interface (WMI)........... 58 Using an SNMP Manager.................. 58 Using a Telnet Client ..................59 Logging In......................... 59 About Your Product License ..................
Page 10 AG 5000 Displaying the Static Port Mapping Table {Static Port-Mapping} ....126 Displaying TCP Statistics {TCP} ..............127 Displaying UDP Statistics {UDP}..............128 Port-Location Menu ....................129 Adding and Updating Port-Location Assignments {Add} ....... 129 Deleting All Port-Location Assignments {Delete All} ........131 Deleting Port-Location Assignments by Location {Delete by Location} ..
Page 11 Adding Static Ports {Static Port-Mapping Add} ..........198 Deleting Static Ports {Static Port-Mapping Delete} ........200 Blocking a Subscriber Interface {Subscriber Interfaces}........ 201 Updating the AG 5000 Firmware {Upgrade}..........201 Chapter 3: The Subscriber Interface ............. 203 Overview......................... 203 Authorization and Billing ..................204 The AAA Structure ...................
Page 12 Private Key Generation ................... 241 Create a Certificate Signing Request (CSR) File ..........244 Create a Public Key File (server.pem) ............245 Setting Up AG 5000 for SSL Secure Login ............248 Setting Up the Portal Page ................249 Mirroring Billing Records ..................249 Sending Billing Records ..................
Page 13: Introduction
This User’s Guide provides information and procedures that will enable system administrators to install, configure, manage, and use the Nomadix AG 5000 product successfully and efficiently. Use this guide to take full advantage of the AG 5000’s functionality and features.
Page 14: Welcome To The Ag 5000
The AG 5000 also offers a unique set of security and connectivity features for deploying wireless 802.11 networks. The AG 5000 yields a complete solution to a set of complex issues in the Enterprise, Public-LAN, and Residential segments.
Page 15: Key Features And Benefits
AG 5000 Key Features and Benefits The AG 5000 is a 1U high, free-standing or rack-mountable Access Gateway that employs three fast Ethernet ports to interface with the router (one for network side) and the aggregation equipment (two for subscriber side) within the network. It also...
Page 16: Transparent Connectivity
Billing Enablement The AG 5000 supports billing plans using credit cards, scratch cards, monthly subscriptions, or direct billing to a hotel’s Property Management System (PMS) and can base the billable event on a number of different parameters such as time, volume, IP address type, or bandwidth.
Page 17: Access Control And Authentication
AG 5000 Access Control and Authentication The AG 5000 ensures that all traffic to the Internet is blocked until authentication has been completed, creating an additional level of security in the network. Also, allows service providers to create their own unique “walled garden,” enabling users to access only certain predetermined Web sites before they have been authenticated.
Page 18: Nse Core Functionality
AG 5000 NSE Core Functionality Powering Nomadix’ family of Access Gateways, the Nomadix Service Engine (NSE) delivers a full range of features needed to successfully deploy Wi-Fi Public access networks. These “core” features solve issues of connectivity, security, billing, and roaming in a Wi-Fi Public access network.
Page 19: Access Control
With the Nomadix Information and Control Console (ICC) feature enabled, subscribers can increase or decrease their own bandwidth dynamically (by the minute, or on an hourly, daily, weekly, or monthly basis), and also adjust the pricing plan for their service (see graphic).
Page 20: Bridge Mode
The Command Line Interface (CLI) is a character-based user interface that can be accessed remotely or via a direct cable connection. Until your Nomadix product is up and running on the network, the CLI is the Network Administrator’s window to the system.
Page 21: External Web Server Mode
Take advantage of the comprehensive Nomadix XML API to implement more complex billing plans. Recycle existing Web page content for the centrally hosted portal page. If you choose to use the EWS interface, Nomadix Technical Support can provide you with sample scripts. See also, “Contact Information” on page 259.
Page 22: Inat
AG 5000 iNAT™ Nomadix invented a new way of intelligently supporting multiple VPN connections to the same termination at the same time (iNAT™), thus solving a key problem of many Public access networks. Nomadix’ patent-pending iNAT™ (intelligent Network Address Translation) feature contains an advanced, real-time translation engine that analyzes all data packets being communicated between the private address realm and the public address realm.
Page 23: Information And Control Console
AG 5000 Information and Control Console The Nomadix Information and Control Console (ICC) is a HTML-based pop-up window that is presented to subscribers with their Web browser. The ICC allows subscribers to select their bandwidth and billing options quickly and efficiently from a simple pull-down menu.
Page 24: International Language Support
AG 5000 International Language Support The NSE allows you to define the text displayed to your users by the IWS without any HTML or ASP knowledge. The language you select determines the language encoding that the IWS instructs the browser to use. See also, “Internal Web Server”...
Page 25: Mac Filtering
(Submit, Reset, Reboot, Add, Delete, etc.), but operators cannot change any system settings. When Administration Concurrency is enabled, one manager and three operators can access the AG 5000 platform at any one time. NTP Support The NSE supports Network Time Protocol (NTP), an Internet standard protocol that assures accurate synchronization (to the millisecond) of computer clock times in a network of computers.
Page 26: Port Mapping
Optionally, the RADIUS authentication process and FTP download can be secured by sending the traffic through a peer-to-peer IPSec tunnel established by the Nomadix gateway and terminated at the NOC (Network Operations Center). See also, “Secure...
Page 27: Radius Proxy
AG 5000 RADIUS Proxy The RADIUS Proxy feature relays authentication and accounting packets between the parties performing the authentication process. Different realms can be set up to directly channel RADIUS messages to the various RADIUS servers. This functionality can be effectively deployed to: Support a wholesale WISP model directly from the edge without the need for any centralized AAA proxy infrastructure.
Page 28: Secure Socket Layer (Ssl)
Nomadix gateway using any preferred management protocol, but also the secure management of third party devices (for example, WLAN Access Points and 802.3 switches) on private subnets on the subscriber side of the Nomadix gateway. See also, “Enabling Secure Management {VPN Tunnel}”...
Page 29: Secure Xml Api
XML enables solution providers to customize and enhance their product installations. This feature allows the operator to use Nomadix' popular XML API using the built-in SSL certificate functionality in the NSE so that parameters passed between the Gateway and the centralized Web server are secured via SSL.
Page 30: Snmp Nomadix Private Mib
AG 5000 SNMP Nomadix Private MIB Nomadix’ Access Gateways can be easily managed over the Internet with an SNMP client manager (for example, HP OpenView or Castle Rock). To take advantage of the functionality provided with Nomadix’ private MIB (Management Information Base), simply import the file from the nomadix.mib...
Page 31: Walled Garden
“Walled Garden” within the Internet where unauthenticated users can be granted or denied access to sites of your choosing. Web Management Interface Nomadix’ Access Gateways can be managed remotely via the built-in Web Management Interface where various levels of administration can be established. See also, “Using the Web Management Interface (WMI)”...
Page 32: Optional Nse Modules
Your product license may not support this feature. Some Property Management Systems may require you to obtain a license before integrating the PMS with the AG 5000. Check with the PMS vendor. By integrating with a hotel’s PMS, your NSE-powered product can post charges for Internet access directly to a guest’s hotel bill.
Page 33: Credit Card Module
The optional High Availability Module offers enhanced network uptime and service availability when delivering high-quality Wi-Fi service by providing Fail-Over functionality. This module allows a secondary Nomadix Access Gateway to be placed in the network that can take over if the primary device fails, ensuring Wi-Fi service remains uninterrupted.
Page 34: Optional Standalone Applications
AG 5000 Optional Standalone Applications The following supplemental applications—delivered on a separate CD-ROM—are available from Nomadix: Meeting Room Scheduler (MRS) If you have purchased the NSE’s optional Hospitality Module, our Meeting Room Scheduler (MRS) application can further enhance your product’s integration into the hospitality environment.
Page 35: Network Architecture (Sample)
AG 5000 Network Architecture (Sample) The AG 5000 can be deployed effectively in a variety of wireless and wired broadband environments where there are many users—usually mobile—who need high speed access to the Internet. The following example shows a potential Hospitality application:...
Page 36: Product Specifications
AG 5000 Product Specifications Specifications ERFORMANCE User Support: Up to 2,000 users concurrently Throughput: 97Mbits/s* *As defined by RFC1242, Section 3.17 OUNTING 1U rack space in a 19” rack PERATING OLTAGE 100 – 250 VAC, 47/63Hz, Auto Sensing OWER ONSUMPTION...
Page 37 AG 5000 Specifications LED I NDICATORS ACT/LINK and 10/100 for each Ethernet port Power ETWORK ANAGEMENT Multi-Level Administration Controls Integrated VPN Client (IPSec) for secure connection to an NOC Access Control Lists Web Administration UI CLI via Telnet and Serial Port...
Page 38: Online Help (Webhelp)
Internet Explorer or Netscape Navigator (see note). WebHelp is best viewed using Internet Explorer, version 4.0 or higher. WebHelp is useful when you have an Internet connection to the AG 5000 and you want to access information quickly and efficiently. It contains all the information you will find in this User’s Guide.
Page 39: Chapter 1: Installing The Ag 5000
Installing the AG 5000 This chapter provides installation instructions for the hardware and software components of the AG 5000. It also includes an overview of the management interface, some helpful hints for system administrators, and procedures for the following tasks: Powering up the system.
Page 40: Unpacking The Ag 5000
AG 5000 Unpacking the AG 5000 When you unpack the AG 5000, you will find the following items in the carton: Item AG 5000 module Cable – power cord (US or European) Cable – serial, DB9 female to DB9 female (6ft length) Null Modem (NM) Cable –...
Page 41: Installation Workflow
Network Connect the AG 5000 to the customer’s network. Power up the AG 5000 and log in via a Telnet session or the Web Management Interface. Set the basic configuration parameters for subscribers. The AG 5000 is now ready for administrators to add, delete, or change unique subscriber profiles.
Page 42: Powering Up The System
AG 5000 Powering Up the System Use this procedure to establish a direct cable connection between the AG 5000 and your laptop computer, and to power up the system. Place the AG 5000 on a flat and stable work surface.
Page 43: Logging In To The Command Line Interface
AG 5000 Logging In to the Command Line Interface Use this procedure to initialize the system and log in to the AG 5000’s Command Line Interface (CLI). The character-based CLI is used at initial start-up. Start a HyperTerminal™ session to connect to the AG 5000. Use the following...
Page 44: The Management Interfaces (Cli And Web)
AG 5000 start-up configuration parameters, depending on the customer’s network architecture. The AG 5000 Menu is your starting point. From here, you access all the system administration items from the 5 (five) primary menus available “configuration,” “network info,” “port-location,” “subscribers,” and “system.” The AG 5000 Menu also includes a “logout”...
Page 45: Menu Organization (Web Management Interface)
The following “composite” screen shows how the AG 5000’s WMI menus (folders) are organized (shown here side-by-side for clarity and space). The menu items listed here are for a fully featured AG 5000 (with all optional modules included). See also, “About Your Product License” on page...
Page 46: Inputting Data - Maximum Character Lengths
Location settings (all fields) Partner Image File Name Password (adding subscriber profiles) Port Description (finding ports by description) Redirection Frequency (in minutes) 2,147,483,647 (recommend 3600) Reservation Number Username (adding subscriber profiles) Valid SSL Certificate DNS Name Installing the AG 5000...
Page 47: Online Documentation And Help
Help system Other online documentation resources, available from our corporate Web site (www.nomadix.com), include a full PDF version of this User’s Guide (viewable with Acrobat™ Reader, version 4.0 or higher), white papers, technical notes, and business cases. The PDF version of this User’s Guide and associated README files are also available on the “Accessories”...
Page 48: Establishing The Start Up Configuration
The CLI allows you to administer the AG 5000’s start-up configuration settings. When establishing the start-up configuration for a new installation, you are connected to the AG 5000 via a direct serial connection (you do not have remote access capability because the AG 5000 is not yet configured or connected to a network).
Page 49: Assigning Login User Names And Passwords
Add, Delete, etc.), but operators cannot change any system settings. When Administration Concurrency is enabled, one manager and three operators can access the AG 5000 at any one time (the default setting for this feature is “disabled”). Enter (system) at the AG 5000 Menu.
Page 50: Setting The Snmp Parameters (Optional)
AG 5000 Setting the SNMP Parameters (optional) You can address the AG 5000 using an SNMP client manager (for example, HP OpenView). SNMP is the standard protocol that regulates network management over the Internet. To do this, you must set up the SNMP communities and identifiers. For more information about SNMP, see “Using an SNMP Manager”...
Page 51: Enabling The Logging Options (Recommended)
IP addresses. When system logging is enabled, the standard SYSLOG protocol (UDP) is used to send all message logs generated by the AG 5000 to the specified server. Enter (logging) at the Configuration menu.
Page 52: Assigning The Location Information And Ip Addresses
IP address, the subscriber interface IP address, the subnet mask, and the default gateway IP address. All of these AG 5000 “location” parameters must be set up as part of the system’s start up configuration (otherwise the AG 5000 will not be “visible”...
Page 53 IP address (the factory default is 10.0.0.1). This is the IP address of the router that the AG 5000 uses to transmit data to the Internet. Enter a valid default gateway IP address. After establishing all “Location” settings, you must reboot the AG 5000 for your changes to take effect. AMPLE...
Page 54: Logging Out And Powering Down The System
AG 5000 Your new settings are displayed and the AG 5000 reboots. When the system restarts, the Telnet interface is enabled (based on your new configuration settings which are saved to the AG 5000’s on-board flash memory). The start up configuration is now complete; however, before connecting the AG 5000 to the customer’s network, you must power down the...
Page 55: Connecting The Ag 5000 To The Customer's Network
AG 5000 Connecting the AG 5000 to the Customer’s Network Use this procedure to connect the AG 5000 to the customer’s network (after the start up configuration parameters have been established). Choose an appropriate physical location that allows a minimum clearance of 4cm either side of the unit (for adequate airflow).
Page 56: Establishing The Basic Configuration For Subscribers
To enable this service on the AG 5000, you can either enable the DHCP relay (routed to an external DHCP server IP address), or you can enable the AG 5000 to act as its own DHCP server. In both cases, DHCP functionality is necessary if you want to automatically assign IP addresses to subscribers.
Page 57 When assigning a DHCP Relay Agent IP address for the DHCP Relay, ensure that the IP address you use does not conflict with devices on the network side of the AG 5000. Although you cannot enable the DHCP relay and the DHCP service at the same time, it is possible to “disable”...
Page 58: Setting The Dns Options
The system displays the current domain (the default is “nomadix”). Enter a valid domain name (the Internet domain that DNS requests will utilize). Enter the host name (the DNS name of the AG 5000). The host name must not contain any spaces.
Page 59: Archiving Your Configuration Settings
URLs into the correct IP addresses automatically. Archiving Your Configuration Settings Once you have installed your AG 5000 and established the configuration settings, you should write the settings to an archive file. If you ever experience problems with the system, your archived settings can be restored at any time.
Page 60: Installing The Nomadix Private Mib
Procedure Import the nomadix.mib file into your SNMP client manager. Connect to the AG 5000 from a node on the network that is accessible via the AG 5000’s network port (Internet, LAN, etc.). Be sure to enable the SNMP daemon on the AG 5000 (available on the AG 5000’s CLI or Web Management Interface,...
Page 61: Chapter 2: System Administration
– allowing remote “Windows” management using an SNMP client manager (for example, HP OpenView). However, before you can use SNMP to access the AG 5000, you must set up the appropriate SNMP communities. For more information, refer to “Managing the SNMP Communities {SNMP}”...
Page 62: Using The Web Management Interface (Wmi)
Using an SNMP Manager Once the SNMP communities are established, you can connect to the AG 5000 via the Internet using an SNMP client manager (for example, HP OpenView). SNMP is the standard protocol used in the Network Management (NM) system. This system...
Page 63: Using A Telnet Client
The following example shows a (partial) SNMP screen response. Using a Telnet Client There are many Telnet clients that you can use to connect with the AG 5000. Using Telnet provides a simple terminal emulation that allows you to see and interact with the AG 5000’s Command Line Interface (as if you were connected via the serial...
Page 64: Configuration Menu
Defining the AAA Services {AAA} This procedure shows you how to set up the AAA (Authentication, Authorization, and Accounting) service options. AAA Services are used by the AG 5000 to authenticate, authorize, and subsequently bill subscribers for their use of the customer’s network.
Page 65 XML interface allows the AG 5000 to accept and process XML commands from an external source. XML commands are sent over the network to the AG 5000. The AG 5000 parses the query string, executes the commands specified by the string, and returns data to the system that initiated the command request.
Page 66 – The IWS is “flashed” into the system’s memory and the subscriber’s login page is served directly from the AG 5000. In this mode, the login page consists of a simple request for the subscriber’s ID (user name) and password.
Page 67 AG 5000 Enabling AAA Services with the Internal Web Server You are here because you want to enable the AAA Services with the AG 5000’s Internal Web Server. The AG 5000 maintains an internal database of authorized subscribers, based on their MAC (hardware address) and user name (if enabled). By referring to its database record, also known as an authorization table, the AG 5000 instantly recognizes new subscribers on the network.
Page 68 GIS compliant clients using the Internal Web Server. Enabling “Support for GIS Clients” under the Portal Page feature means that the AG 5000 will defer the managment of the GIS clients to the Portal Page server. Enable or disable the Usernames feature, as required (refer to table on page 63).
Page 69 Credit Card Service enabled, subscribers are prompted for their credit card information (for billing purposes). The AG 5000 is configured to use either Authorize.net or Chainfusion (selected from a pull-down menu). You will need to open a merchant account with Authorize.net, Chainfusion or Datacenter (Luxembourg) before this feature can be used.
Page 70 External Web Server After enabling the External Web Server you must enter a Secret Key. The Secret Key ensures that the response the AG 5000 gets from the EWS is valid. Enter the (The AG 5000 and the external authorization server must...
Page 71: Establishing Secure Administration {Access Control
“Source IP” list contained on the AG 5000. If a match is not made with the “Source IP list,” the login is denied, even if a correct login name and password are supplied. The access control list for source IPs supports up to 50 (fifty) entries in the form of a specific IP address or range of IP addresses.
Page 72 Access Control feature, or change the range of allowed IP addresses to access the management interfaces. If you have changed the serial port to act as a PMS interface, please contact Nomadix technical support. In this case, refer to “Contact Information” on page 259.
Page 73: Defining Automatic Configuration Settings {Auto Configuration
AG 5000 Defining Automatic Configuration Settings {Auto Configuration} The AG 5000 allows you to define parameters to enable the automatic configuration of the system. See also, “RADIUS-driven Auto Configuration” on page From the Web Management Interface, click on , then...
Page 74 Nomadix devices: A flow of RADIUS Authentication Request and Reply messages between the Nomadix gateway and the centralized RADIUS server that specifies the location of the meta configuration file (containing a listing of the individual configuration files and their download frequency status) are downloaded from an FTP server into the flash of the Nomadix device.
Page 75 The following diagram shows a sample RADIUS configuration file, meta file and illustration of the FTP server setup. The Nomadix device will automatically initiate one reboot to enable the new settings. Configuration updates for network maintenance can be accomplished by simply enabling the Auto-Configuration option and rebooting the device (for example, using SNMP).
Page 76: Setting Up Bandwidth Management {Bandwidth Management
AG 5000 Setting Up Bandwidth Management {Bandwidth Management} The AG 5000 allows system administrators to manage the bandwidth for subscribers, defined in Kbps (Kilobits per seconds) for both upstream and downstream data transmissions. With the ICC feature enabled, subscribers can increase or decrease their own bandwidth dynamically (by the minute, or on an hourly, daily, weekly, or monthly basis), and also adjust the pricing plan for their service.
Page 77: Establishing Billing Records "Mirroring" {Bill Record Mirroring
“mirroring” the billing data, the AG 5000 can also send copies of billing records to predefined “carbon copy” servers. Additionally, if the primary and secondary servers are down, the AG 5000 can store up to 2,000 credit card transaction records. When a connection is re-established (with either server), the AG 5000 sends the stored information to the server—no records are lost!
Page 78 Primary IP Secret Key The AG 5000 and the “mirror” servers must use the same secret key. Repeat Step 4 for the secondary server (if any) and all carbon copy servers. Define the “fail-safe” provisions, including: – Alternate, or do not alternate.
Page 79: Managing The Dhcp Service Options {Dhcp
To enable this service on the AG 5000, you can either enable the DHCP relay (routed to an external DHCP server IP address), or you can enable the AG 5000 to act as its own DHCP server. In both cases, DHCP functionality is necessary if you want to automatically assign IP addresses to subscribers.
Page 80 By default, the AG 5000 is configured to act as its own DHCP server and the relay feature is “disabled.” If you want the AG 5000 to act as its own DHCP server, do not enable the relay. Go directly to Step 8.
Page 81 LAN. When DHCP subscribers select a service plan with a public pool address, the AG 5000 associates their MAC address with their public IP address for the duration of the service level agreement. The opposite is true if they select a plan with a private pool address.
Page 82 “Managing the DNS Options {DNS}” on page The existing lease pool and lease table are deleted and the AG 5000 reboots. The AG 5000 can issue IP addresses to any DHCP enabled subscriber who enters the network.
Page 83: Managing The Dns Options {Dns
IP addresses) by automatically converting the URLs into the correct IP addresses. You can assign a primary, secondary, or tertiary (third) DNS server. The AG 5000 utilizes whichever server is currently available. Use the following procedure to set the DNS configuration options.
Page 84 AG 5000 Enter the IP addresses for the DNS servers (located at the customer’s network operating center where DNS requests are sent). Servers include: Primary DNS Server Secondary DNS Server Tertiary DNS Sever The secondary and tertiary DNS servers are only utilized if the primary DNS server is unavailable.
Page 85: Setting The Home Page Redirection Options {Home Page Redirect
If required, click on the check box for Parameter Passing Parameter passing allows the AG 5000 to track a subscriber’s initial Web request (usually their home page) and pass the information on to the solution provider. The solution provider uses this information to ensure that the subscriber can return to their home page easily.
Page 86: Enabling Intelligent Address Translation (Inat)
Our patent-pending iNAT™ feature contains an advanced, real-time translation engine that analyzes all data packets being communicated between the private and public address domains. The Nomadix iNAT engine performs a defined mode of network address translation based on packet type and protocol (for example, GRE, IKE etc…).
Page 87: Establishing Your Location {Location
AG 5000 Establishing Your Location {Location} This command sets up your location and the corresponding IP addresses for the network interface, subscriber interface, subnet, and default gateway. You *must* provide your full location information. From the Web Management Interface, click on...
Page 88 The Network IP Address is the public IP address that allows administrators to see the AG 5000 on the network. Use this address when you need to make a network connection with the AG 5000. All IP addresses must be established, otherwise the AG 5000 will not be “visible”...
Page 89: Managing The System And Billing Log Options {Logging
System Log When system logging is enabled, the standard SYSLOG protocol (UDP) is used to send all message logs generated by the AG 5000 to the specified SYSLOG server. Enter a unique number (between 0 and 7) in the field.
Page 90: Enabling The Meeting Room Scheduler {Meeting Room Scheduler
Reset you want to reset all the values to their previous state. For detailed information about installing, configuring, and using the NOMADIX™ Meeting Room Scheduler application, refer to the following documentation: Meeting Room Scheduler User’s Guide (P/N 200-1007-001) System Administration...
Page 91: Assigning Passthrough Addresses (Passthrough Addresses)
Assigning Passthrough Addresses (Passthrough Addresses) The AG 5000 allows up to 300 IP passthrough addresses and DNS names. This feature allows users to “pass through” the AG 5000 and access predetermined services (for example, the redirected home page) at the solution provider’s discretion,...
Page 92: Assigning A Pms Service {Pms
(via the ICC) and be billed only for the actual time he/she was online. The AG 5000 is equipped with a serial port to facilitate connectivity with the system’s CLI or a customer’s Property Management System.
Page 93 AG 5000 Supported PMS interfaces include: Lodging Link (PTI) Holodex (AutoClerk) HOBIC (OSPS, TSPS, 1BT2, TEST, RSI) Galaxy (Post Only) Marriot NH (post-paid only) Micros Fidelio (Query & Post, Post Only, and Post Only with TCP/IP) Micros (1700/2000/3700/4700/8700 System Software Emulation)
Page 94 AG 5000 From the Web Management Interface, click on , then Configuration PMS . The Property Management System Settings screen appears: System Administration...
Page 95 If the “Skip First Char in Last Name” feature is enabled, the space is reserved for purposes other than the first character of the last name, so the AG 5000 will skip the first space in the last name field for name verification.
Page 96 Reset state. Based on the HOBIC interface standards, Nomadix, Inc. has also certified interoperability with a number of other PMS and call accounting solutions such as Ramesys’ ImagInn, Xeta Virtual XL, and Hilton’s proprietary standard OnQ.
Page 97: Setting Up Port Locations {Port-Location
AG 5000 Setting Up Port Locations {Port-Location} Port-Location allows you to establish the mode of operation for devices. From the Web Management Interface, click on , then Configuration Port- Location . The Port-Location Settings screen appears: System Administration...
Page 98 AG 5000 System administrators can set the properties for each room from the subscriber side of the AG 5000. The system automatically detects which port number the administrator is using and allows them to enter the fields for the room corresponding to the port they are using.
Page 99 Access Concentrator Query options: The devices in the following list must be assigned an IP address on the same subnet as the AG 5000. You must remove “old” concentrator types before entering new ones. Tut Systems Expresso...
Page 100 This section shows In Room Port Mapping from the subscriber side, when the In Room Port Mapping feature is enabled. AG 5000 multiple VLAN tagged systems can use the same tags and be placed on different Subscriber ports. Although it is technically possible...
Page 101 AG 5000 Enter your user name and password, then click on the button. The In Room Port Mapping screen appears: Enter the room number and a description for this room. Select the access mode you want to assign to this room:...
Page 102: Defining The Radius Client Settings {Radius Client
“Defining the AAA Services {AAA}” on page Nomadix offers an integrated RADIUS client, allowing service providers to track or bill users based on the number of connections, location of the connection, bytes sent and received, connect time, etc. The customer database can exist in a central RADIUS server, along with associated attributes for each user.
Page 103 AG 5000 From the Web Management Interface, click on , then Configuration RADIUS Client . The RADIUS Client Settings screen appears: Under the Server Selection options, choose the Routing Mode (to disable RADIUS authentication) Disabled (for Realm routing) Realm-Based (for routing to predefined RADIUS servers)
Page 104 Enable Goodbye URL display a post session “goodbye” page). The “goodbye” page can be defined as a RADIUS VSA or be driven by the AG 5000’s Internal Web Server (IWS). If required, check the box for . To enable the Enable WAN 802.1q Attribute...
Page 105: Defining The Radius Proxy Settings {Radius Proxy
AG 5000 Defining the RADIUS Proxy Settings {RADIUS Proxy} A RADIUS Proxy allows the NSE to relay authentication and accounting packets between the parties performing the authentication process. Different realms can be set up to directly channel RADIUS messages to the various RADIUS servers.
Page 106 Adding an Upstream RADIUS NAS If you want to add a new Upstream RADIUS NAS (for example, an 802.11 Access Point on the subscriber side of the AG 5000)., click on the button. The Add Upstream RADIUS NAS screen appears: To make this entry the “active”...
Page 107 AG 5000 Click on the button to add this Upstream RADIUS NAS definition, then click on the link to return to the Back to Main RADIUS Proxy Settings page RADIUS Proxy Settings screen. The Upstream RADIUS NAS definition you just added appears in the list. You can add up to 10 definitions.
Page 108: Defining The Radius Routing Settings {Radius Routing
AG 5000 Defining the RADIUS Routing Settings {RADIUS Routing} Use this procedure when setting up RADIUS Service Profiles (up to 10) and Realm- based Routing Policies (up to 50). For additional RADIUS information, see also: “Defining the RADIUS Client Settings {RADIUS Client}” on page “Defining the RADIUS Proxy Settings {RADIUS Proxy}”...
Page 109 AG 5000 Adding a RADIUS Service Profile To add a RADIUS Service Profile, click on the appropriate button. The Add RADIUS Service Profile screen appears: Enter a name of your choice for this service profile in the field. Unique Name...
Page 110 The secret key is a valuable and necessary security measure. The AG 5000 and the RADIUS servers must use the same secret key. Repeat Steps 5 through 7 for the secondary RADIUS authentication server (if used).
Page 111 AG 5000 Enter a numeric value in the (per server) field to Retransmission Attempts define how many times the system attempts to transmit the data. Click on the button to add this RADIUS Service Profile. When you have completed the definition of your RADIUS Service Profile, you can return to the previous screen (RADIUS Routing Settings) by clicking on the link.
Page 112 AG 5000 To define a specific realm, choose the option and enter the Specific Realm destination in the field. Alternatively, you can choose the Realm Name Wildcard option, then define your search options: match Prefix match only Suffix match only...
Page 113 AG 5000 The Realm Routing Policy you just created is added to the list. Your new RADIUS Service Profiles are added to this list Your new Realm Routing Policies are added to this list System Administration...
Page 114: Managing Smtp Redirection {Smtp
Managing SMTP Redirection {SMTP} When SMTP redirection is enabled (for misconfigured or properly configured subscribers), the AG 5000 redirects the subscriber’s E-mail through a dedicated SMTP server, including SMTP servers which support login authentication. To the subscriber, sending and receiving E-mail is as easy as it’s always been. This function is transparent to subscribers.
Page 115: Managing The Snmp Communities {Snmp
AG 5000 Managing the SNMP Communities {SNMP} You can address the AG 5000 using an SNMP client manager (for example, HP OpenView). SNMP is the standard protocol that regulates network management over the Internet. To do this, you must set up the SNMP communities and identifiers. For more information about SNMP, see “Using an SNMP Manager”...
Page 116: Enabling Dynamic Multiple Subnet Support (Subnets)
Reset You can now use your SNMP client to manage the AG 5000 via the Internet. Enabling Dynamic Multiple Subnet Support (Subnets) Nomadix’ dynamic multiple subnet support allows you to create flexible and cost- effective IP pool solutions to meet the demands of complex networks in large residential and public access networks.
Page 117 (Public Subnets Settings). To edit the “Current Public DHCP Subnets” table, go to “Managing the DHCP Service Options {DHCP}” on page For additional information about the multiple subnet feature, go to “Contact Information” on page 259 for Nomadix Technical Support. System Administration...
Page 118: Displaying Your Configuration Settings {Summary
AG 5000 Displaying Your Configuration Settings {Summary} You can display a summary listing of all your current Configuration settings. To view the summary listing, go to the Web Management Interface, click on , then click on Configuration Summary . The Summary of Configuration Settings screen appears (partial screen shown here): More listings ...
Page 119: Setting The System Date And Time {Time
After entering new data for the final parameter (minutes), the system writes the information into its BIOS, then displays the new date and time. The AG 5000 also allows you to enter a “Time offset from UTC.” This parameter is the...
Page 120: Setting Up Url Filtering {Url Filtering
AG 5000 Setting Up URL Filtering {URL Filtering} The AG 5000 can restrict access to specified Web sites based on URLs defined by the system administrator. URL filtering will block access to a list of sites and/or domains entered by the administrator using the following three methods: Host IP address (for example, 1.2.3.4)
Page 121: Enabling Secure Management {Vpn Tunnel
Nomadix gateway using any preferred management protocol, but also the secure management of third party devices (for example, WLAN Access Points and 802.3 switches) on private subnets on the subscriber side of the Nomadix gateway. The advantage of using IPSec is that all types of management traffic are supported,...
Page 122 AG 5000 Two subsequent events drive the secure management function of the Nomadix gateway and the devices behind it: Establishing an IPSec tunnel to a centralized IPSec termination server (for example, Nortel Contivity). As part of the session establishment process, key tunnel parameters are exchanged (for example, Hash Algorithm, Security Association Lifetimes, etc.).
Page 123 AG 5000 This menu has changed; please refer to the addendum user guide for the latest configuration information. From the Web Management Interface, click on , then Configuration VPN Tunnel . The IPSEC Tunnel Settings screen appears: To enable this feature, click on the check box.
Page 124 AG 5000 If you made any changes to this screen, click on the check box for Reboot after changes are saved? Click on the button to save your changes, or click on the Reset button to Submit reset all values to their previous state.
Page 125: Network Info Menu
The ARP Table screen appears: Displaying DAT Sessions {DAT} The AG 5000 provides “plug-and-play” access to subscribers who are misconfigured with static (permanent) IP addresses, or subscribers that do not have DHCP functionality on their computers. Dynamic Address Translation (DAT) allows all users to obtain network access, regardless of their computer’s network settings.
Page 126: Displaying The Host Table {Hosts
AG 5000 Displaying the Host Table {Hosts} You can display a table which lists the hosts that are currently configured. This table includes the assigned host names, their corresponding IP addresses, and any aliases that may be assigned to each host. Hosts provide services to other computers that are linked to it by a network.
Page 127: Displaying The Network Interfaces {Interfaces
AG 5000 Displaying the Network Interfaces {Interfaces} You can display the network interfaces which are presented as a detailed listing of all interface communication elements and their current status. To view the Network Interfaces, go to the Web Management Interface, click on...
Page 128: Displaying The Ip Statistics {Ip
AG 5000 Displaying the IP Statistics {IP} You can display the IP (Internet Protocol) statistics which are presented as a detailed listing of all IP elements and their current status. With IP transmissions, data is broken up into packets which are then sent over the network. By using IP addressing, Internet Protocol ensures that the data reaches its destination, even though different packets may “pass through”...
Page 129: Displaying The Routing Tables {Routing
AG 5000 Displaying the Routing Tables {Routing} You can display the current Routing Tables, including any dynamically generated routes, unreachable routes, or wildcard routes. To view the Routing Tables, go to the Web Management Interface, click on Network , then click on Info Routing .
Page 130: Displaying The Active Ip Connections {Sockets
AG 5000 Displaying the Active IP Connections {Sockets} You can display a table which provides a detailed listing of all currently active IP (Internet Protocol) connections. To view the Socket Table, go to the Web Management Interface, click on Network...
Page 131: Displaying Tcp Statistics {Tcp
AG 5000 Displaying TCP Statistics {TCP} You can display the TCP (Transmission Control Protocol) statistics which are presented as a detailed listing of all TCP elements and their current status. TCP is a standard protocol that manages data transmissions across networks.
Page 132: Displaying Udp Statistics {Udp
AG 5000 Displaying UDP Statistics {UDP} You can display the UDP (User Datagram Protocol) statistics which are presented as a detailed listing of all UDP elements and their current status. UDP is an Internet standard transport layer protocol. It is a connectionless protocol which adds a level of reliability and multiplexing to the Internet Protocol (IP).
Page 133: Port-Location Menu
There may even be multiple ports assigned to a single room or location. The AG 5000 uses a port-location authorization table to manage the assigned ports and ensure accurate billing for the services used by a particular port.
Page 134 AG 5000 Enter a location identifier in the field. Locations can be assigned as an Location alpha, numeric, or alpha-numeric value unless a PMS interface is used (see notes). If you are using a PMS interface, ensure that the “Location” field consists only of numbers (no alpha characters or symbols).
Page 135: Deleting All Port-Location Assignments {Delete All
AG 5000 Deleting All Port-Location Assignments {Delete All} This procedure shows you how to delete all port-location assignments. The AG 5000 displays a warning and prompts you to confirm this action before deleting all the port- locations currently assigned in the system.
Page 136: Deleting Port-Location Assignments By Port {Delete By Port
Deleting Port-Location Assignments by Port {Delete by Port} This procedure shows you how to delete a port-location assignment, based on its port. The AG 5000 prompts you to confirm this action before deleting the requested port- location. If you are unsure which port-locations are currently mapped to the system, you can view a list at “Displaying the Port-Location Mappings...
Page 137: Exporting Port-Location Assignments {Export
“location.txt” file. The location.txt file is stored in: /flash/location.txt (resident in the AG 5000’s flash memory). Exporting your current port-location assignments to the AG 5000’s flash memory will overwrite the existing location.txt file. From the Web Management Interface, click on...
Page 138: Finding Port-Location Assignments By Description {Find By Description
AG 5000 Finding Port-Location Assignments by Description {Find by Description} This procedure shows you how to find a port-location assignment, based on its description. This procedure is useful if you want to review the details of a specific port-location. You can also find port-locations based on their location or port.
Page 139: Finding Port-Location Assignments By Location {Find By Location
AG 5000 Finding Port-Location Assignments by Location {Find by Location} This procedure shows you how to find a port-location assignment, based on its location. This procedure is useful if you want to review the details of a specific port- location. You can also find port-locations based on their description or port.
Page 140: Finding Port-Location Assignments By Port {Find By Port
AG 5000 Finding Port-Location Assignments by Port {Find by Port} This procedure shows you how to find a port-location assignment, based on its location. This procedure is useful if you want to review the details of a specific port- location. You can also find port-locations based on their description or location.
Page 141: Importing Port-Location Assignments {Import
“location.txt” file. The location.txt file is stored in: /flash/location.txt (resident in the AG 5000’s flash memory). If you have never exported port-location assignments (since installing the AG 5000 at this site), the location.txt is empty. See also, “Exporting Port-Location Assignments {Export}” on page 133.
Page 142 You can click on the “View location.txt” link if you want to view the current contents of the file. Creating a “location.txt” File You can create your own “location.txt” file and upload the file to the AG 5000’s flash memory at [IP address]/flash/location.txt. Use the following format when creating the file: “1”,1,00:00:00:00:00:00,0.0.0.0,0, “Room 101”...
Page 143: Displaying The Port-Location Mappings {List
AG 5000 Displaying the Port-Location Mappings {List} You can display a listing of all port-locations assigned to this system. To view the listing of port-location assignments, go to the Web Management Interface, click on , then click on Network Info List .
Page 144: Subscriber Administration Menu
Subscriber Administration Menu Adding Subscriber Profiles {Add} AAA Services must be enabled before you can add a subscriber profile into the AG 5000’s internal authorization database. Refer to, “Defining the AAA Services {AAA}” on page This procedure shows you how to add subscriber profiles into a table of authorized users.
Page 145 AG 5000 Choose for this profile. Subscriber Device Define the DHCP Address Type: (only used when the IP Public Private Upsell feature is enabled, otherwise leave this set to “private”). If required, enable the feature (your license key must Proxy Arp For Device include Proxy ARP support).
Page 146: Displaying Current Subscriber Connections {Current
AG 5000 Displaying Current Subscriber Connections {Current} You can display a listing of all the subscribers currently connected to the system. The list includes the MAC addresses of the subscribers, their active state, the individual expiration times, port numbers (if assigned), and the number of bytes that have been passed from the subscriber to the Internet.
Page 147: Deleting Subscriber Profiles By Mac Address {Delete By Mac
AG 5000 Deleting Subscriber Profiles by MAC Address {Delete by MAC} This procedure shows you how to delete a subscriber profile from the AG 5000’s database of authorized subscribers, based on the profile’s MAC address. To see a current listing of the subscriber database, sorted by MAC addresses, go to “Listing Subscriber Profiles by MAC Address {List by...
Page 148: Deleting Subscriber Profiles By User Name {Delete By User
AG 5000 Deleting Subscriber Profiles by User Name {Delete by User} This procedure shows you how to delete a subscriber profile from the AG 5000’s database of authorized subscribers, based on the profile’s user name. To see a current listing of the subscriber database, sorted by user name, go to “Listing Subscriber Profiles by User Name {List by User}”...
Page 149: Displaying The Currently Allocated Dhcp Leases {Dhcp Leases
Subscriber Administration DHCP Leases . To utilize this feature, your AG 5000 must be set to act as its own DHCP Server. The DHCP function cannot be set to DHCP Relay. Refer to “Managing the DHCP Service Options {DHCP}” on page...
Page 150: Finding Subscriber Profiles By Mac Address {Find By Mac
AG 5000 Finding Subscriber Profiles by MAC Address {Find by MAC} This procedure shows you how to find a subscriber profile from the AG 5000’s database of authorized subscribers, based on the profile’s MAC address. Use this procedure when you want to see the statistics corresponding to the MAC address.
Page 151: Finding Subscriber Profiles By User Name {Find By User
AG 5000 Finding Subscriber Profiles by User Name {Find by User} This procedure shows you how to find a subscriber profile from the AG 5000’s database of authorized subscribers, based on the profile’s user name. Use this procedure when you want to see the statistics corresponding to the user name.
Page 152: Listing Subscriber Profiles By Mac Address {List By Mac
AG 5000 Listing Subscriber Profiles by MAC Address {List by MAC} You can display the currently active database of authorized subscribers, based on MAC addresses. To view the list of Authorized Subscriber Profiles, go to the Web Management Interface, click on...
Page 153: Listing Subscriber Profiles By User Name {List By User
AG 5000 Listing Subscriber Profiles by User Name {List by User} You can display the currently active database of authorized subscribers, based on user names. You can display the currently active database of authorized subscribers, based on their user names.
Page 154: Displaying Current Profiles And Connections {Statistics
(Current Table) and a numerical breakdown of how the subscribers can utilize the system (for example, free access, credit card, etc.). The total number of user profiles stored in the AG 5000’s internal database is also shown.
Page 155: Subscriber Interface Menu
Plan C: 1 week, 1Mbit/s downstream, 1Mbit/s upstream, public IP address, $99 charge. In addition to credit card billing, Property Management Systems used by hotels are also supported along with the internal data base of the AG 5000 and billing via Nomadix' secure XML API. See also, “Assigning a PMS Service {PMS}”...
Page 156 AG 5000 From the Web Management Interface, click on , then Subscriber Interface Billing Options The Internal Billing Options Setup screen appears: System Administration...
Page 157 AG 5000 Review the billing plans (normal plans and X over Y plans) that are currently active. To view or edit a billing plan, simply click on the button View/Edit/Delete opposite the corresponding plan. The Internal Billing Options Plan Setup or Internal Billing Options XoverY Plan Setup screen appears for the billing plan (and type) you selected (see next page for sample of X over Y plan setup screen).
Page 158 AG 5000 Sample of Internal Billing Options XoverY Plan Setup Screen System Administration...
Page 159 Time Unit Month). One time unit is assigned to each billing plan. The AG 5000 allows you to define multiple billing plans with different time units at the same time. For example, you can define one billing plan that changes by the hour (e.g. $2.95 per hour) and a second plan that charges per day (e.g.
Page 160 AG 5000 Repeat Steps 2 through 11 for each billing plan. You can enable (make active) any or all of the available billing plans. Define the messages you want to present to subscribers, including: Introduction Message Offer Message Policy Message...
Page 161 AG 5000 Define the “time unit” for the plan validity value you entered in Step 7. The time unit can be defined as either , or Week Month Define the (to network) and (to subscribers) bandwidth range for this Down billing plan.
Page 162: Setting Up The Information And Control Console {Icc Setup
The AG 5000 also lets System Administrators define a simple HTML-based pop-up window for explicit Logout that can be used as an alternative to the more fully featured ICC (described above). The pop-up Logout Console offers the opportunity to display the elapsed/count-down time and one logo for intra-session service branding.
Page 163 AG 5000 From the Web Management Interface, click on , then Subscriber Interface Setup The ICC Setup screen appears: System Administration...
Page 164 If you enabled either of the ICC pop-up options, you can choose a unique name for the console. Simply type a meaningful name in the field. Title Define the physical location where you want the Nomadix Logout Console to appear on the subscriber’s screen. Choose one of the following options: Upper Left Corner...
Page 165 When assigning images for buttons, refer to: “Pixel Sizes” on page 164. If you assign (or change) button images or banner images, the AG 5000 must be rebooted for your changes to take effect. When you have completed assigning all your redirect buttons, click on the...
Page 166 AG 5000 Assigning Banners From the Subscriber Console (Information and Control Console - ICC) Setup screen, click on the link. Configure Banners The Subscriber Console (Information and Control Console - ICC) Banners Setup screen appears: Click here to return to the previous screen You can display up to 5 banners, but they must be defined here.
Page 167 Start Time (Optional) Stop Time (Optional) If you assign (or change) button images or banner images, the AG 5000 must be rebooted for your changes to take effect. If you changed any of the Image Name definitions, click on the check box for (to reboot the AG 5000).
Page 168 AG 5000 Pixel Sizes Use the following parameters when defining images for buttons and banners: Banners – 373 pixels (width) x 32 pixels (height) ISP Button – 98 pixels (width) x 26 pixels (height) Small buttons – 45 pixels (width) x 26 pixels (height)
Page 169: Defining Languages {Language Support
AG 5000 Defining Languages {Language Support} The AG 5000 allows you to define the text displayed to your users by the Internal Web Server (IWS) without any HTML or ASP knowledge. The language you select here will determine the language encoding that the AG 5000’s Internal Web Server instructs the browser to use.
Page 170 Other option, then choose one of the available Japanese character sets from the drop-down menu. If sufficient space is available, the AG 5000’s Internal Web Server also supports multiple languages at the same time. The following sample image shows the Web Management Interface (WMI) displayed with Asian language characters.
Page 171: Defining The Subscriber's Login Ui {Login Ui
AG 5000 Defining the Subscriber’s Login UI {Login UI} This procedure allows you to set up the presentation and content of the subscriber’s login User Interface (UI). From the Web Management Interface, click on , then Subscriber Interface Login UI .
Page 172 Click on the check box for if you want to Enable “Remember Me” option enable (or disable) this feature. This option enables the AG 5000 to “remember” logins for a predetermined duration (see next step). The “Remember Me” option requires JavaScript to be enabled.
Page 173 Image File Name Partner Image File Name you must reboot the AG 5000 for your changes to take effect. In this case, click on the check box for Reboot after changes are saved? The partner image (splash screen) is not the same screen that is defined by the Image File Name (IWS screen) field.
Page 174 AG 5000 Subscriber Login Screen (Sample) The following sample shows a subscriber login screen: System Administration...
Page 175: Defining The Post Session User Interface (Post Session Ui)
The Post Session UI (Goodbye Page) can be defined either as a RADIUS VSA or be driven by the AG 5000’s Internal Web Server (IWS). Using the IWS option means that this functionality is available for other post-paid billing mechanisms (for example, post-paid PMS—if your product license supports PMS).
Page 176 AG 5000 From the Web Management Interface, click on , then Subscriber Interface Post Session UI . The Subscriber Post Session User Interface Settings screen appears: System Administration...
Page 177 AG 5000 Click on the check box to enable (or disable) the Enable IWS Goodbye Page IWS Goodbye Page, as required. If you enabled the IWS Goodbye Page, select your preferred display options by checking the corresponding boxes: Display IP Address...
Page 178 AG 5000 Defining Subscriber UI Buttons {Subscriber Buttons} This procedure allows you to define how each of the control buttons are displayed to subscribers. From the Web Management Interface, click on , then Subscriber Interface Subscriber Buttons . The Subscriber Page -- Control Button Definitions screen appears:...
Page 179: Defining Subscriber Ui Labels {Subscriber Labels
AG 5000 Defining Subscriber UI Labels {Subscriber Labels} This procedure allows you to define how the user interface (UI) field labels are displayed to subscribers. From the Web Management Interface, click on , then Subscriber Interface Subscriber Labels . The Subscriber Page -- Field Label Definitions screen appears:...
Page 180 AG 5000 Enter the definitions you want for each label in the corresponding fields. Click on the button to save your changes, or click on the button if Submit Reset you want to reset all the values to their previous state.
Page 181: Defining Subscriber Error Messages {Subscriber Errors
AG 5000 Defining Subscriber Error Messages {Subscriber Errors} This procedure allows you to define how error messages are displayed to subscribers. There are 2 (two) pages of error messages available. From the Web Management Interface, click on , then Subscriber Interface Subscriber Errors, 1 of 2 .
Page 182 AG 5000 Enter the definitions you want for each error message in the corresponding fields. Click on the button to save your changes, or click on the button if Submit Reset you want to reset all the values to their previous state.
Page 183: Defining Subscriber Messages {Subscriber Messages
AG 5000 Defining Subscriber Messages {Subscriber Messages} This procedure allows you to define how “other” subscriber messages are displayed. There are 3 (three) pages of subscriber messages available. From the Web Management Interface, click on , then Subscriber Interface Subscriber Messages, 1 of 3 .
Page 184 AG 5000 Enter the definitions you want for each subscriber message in the corresponding fields. Click on the button to save your changes, or click on the button if Submit Reset you want to reset all the values to their previous state.
Page 185 AG 5000 Repeat Steps 1 – 3 for page 3 of 3 (see following screen): System Administration...
Page 186: System Menu
AG 5000 System Menu Adding an ARP Table Entry {ARP Add} ARP (Address Resolution Protocol) is used to dynamically bind a high level IP address to a low level physical hardware (MAC) address. ARP is limited to a single physical network that supports hardware broadcasting. This procedure shows you how to add an ARP table entry.
Page 187: Deleting An Arp Table Entry {Arp Delete
AG 5000 Deleting an ARP Table Entry {ARP Delete} ARP (Address Resolution Protocol) is used to dynamically bind a high level IP address to a low level physical hardware (MAC) address. ARP is limited to a single physical network that supports hardware broadcasting. This procedure shows you how to delete an ARP table entry.
Page 188: Enabling The Bridge Mode Option {Bridge Mode
Bridge Mode allows complete and unconditional access to devices on the subscriber side of the AG 5000. When the Bridge Mode option is enabled, the AG 5000 is effectively transparent to the network in which it is located, allowing clusters of switches (especially Cisco Systems switch clusters) to be managed using the STP (Spanning Tree Protocol), or any other algorithm/protocol.
Page 189: Exporting Configuration Settings To The Archive File {Export
AG 5000 Exporting Configuration Settings to the Archive File {Export} This procedure shows you how to export the current system configuration settings to an archive file for future retrieval. This function is useful if you want to change the configuration settings and you are unsure of the effect that the changes will have. You can restore the archived system configuration settings at any time with the import function.
Page 190: Importing The Factory Defaults {Factory
If you restore the factory default configuration settings, you will no longer be able to access the AG 5000 remotely. However, you always have the option of using the “import” function to restore system configuration settings from the archive file.
Page 191: Defining The Fail Over Options {Fail Over
Many large scale networks require fail-over support for all devices in the Public access network. The AG 5000 allows two Nomadix Gateways to act as siblings, where one device will take up the users should the other device become disconnected from the network.
Page 192: Viewing The History Log {History
Login – User name of the Administrator / Operator. IP – Source IP address (see note). The source IP displayed may be the source IP of a NAT router instead of the client of the person accessing the AG 5000. System Administration...
Page 193: Establishing Icmp Blocking Parameters {Icmp
AG 5000 Establishing ICMP Blocking Parameters {ICMP} The AG 5000 includes the option to block all ICMP traffic from “pending” or “non authenticated” users that are destined to addresses other than those defined in the pass-through (walled garden) list. The default setting for this option is “disabled”...
Page 194: Importing Configuration Settings From The Archive File {Import
The archived configuration settings you want to restore may not contain valid IP addresses. It is recommended that you use a serial connection to the AG 5000 when performing this procedure, otherwise you risk losing a remote connection (if the restored IP addresses are not valid).
Page 195: Establishing Login Access Levels {Login
(Submit, Reset, Reboot, Add, Delete, etc.), but operators cannot change any system settings. When this feature is enabled, one manager and three operators can access the AG 5000 at any one time (the default is “disabled”). This feature supports the following interfaces: Telnet Command Line Interface (CLI) –...
Page 196 The URL for the test page is http://AG 5000_IP/radtest/testradius.htm can be accessed from the network side of the AG 5000. You must open a separate browser to utilize this feature. The “Framed IP” field is configurable by the user and can be set to any IP address.
Page 197: Defining The Mac Filtering Options {Mac Filtering
Defining the MAC Filtering Options {Mac Filtering} MAC Address filtering enhances Nomadix' access control technology by allowing System Administrators to block malicious users based on their MAC address. Up to 50 MAC addresses can be blocked at any one time (see caution).
Page 198: Rebooting The System {Reboot
AG 5000 Rebooting the System {Reboot} This procedure shows you how to reboot the AG 5000. The “reboot” procedure outlined on this page allows you to decide when to reboot (if you are making multiple changes to different menu functions and you want to reboot just one time after completing all your changes).
Page 199: Adding A Route {Route Add
AG 5000 Adding a Route {Route Add} This procedure shows you how to add a route into the AG 5000’s routing table. This is accomplished by establishing the route’s destination IP address, and by setting the gateway or router IP address by which the route’s destination can be reached.
Page 200: Deleting A Route {Route Delete
AG 5000 Deleting a Route {Route Delete} This procedure shows you how to delete a route to a specific IP destination. From the Web Management Interface, click on , then System Route Delete . The Delete Static Routes screen appears:...
Page 201: Establishing Session Rate Limiting {Session Limit
AG 5000 Establishing Session Rate Limiting {Session Limit} Session Rate Limiting (SRL) significantly reduces the risk of “Denial of Service” attacks by allowing administrators to limit the number of DAT sessions any one user can take over a given time period and, if necessary, then block malicious users.
Page 202: Adding Static Ports {Static Port-Mapping Add
(typically private and mis-configured) and port number on the subscriber side of the AG 5000. The advantage for the network administrator is that free private IP addresses can be used to manage devices (such as Access Points) on the subscriber side of the AG 5000 without setting them up with public IP addresses.
Page 203 AG 5000 Enter the reference. Internal Port Enter a valid MAC Address Enter the External IP Address The External IP address field will default to the IP address of the AG 5000. Enter the reference. External Port Optional: Enter the .
Page 204: Deleting Static Ports {Static Port-Mapping Delete
(typically private and mis-configured) and port number on the subscriber side of the AG 5000. The advantage for the network administrator is that free private IP addresses can be used to manage devices (such as Access Points) on the subscriber side of the AG 5000 without setting them up with public IP addresses.
Page 205: Blocking A Subscriber Interface {Subscriber Interfaces
Updating the AG 5000 Firmware {Upgrade} Upgrading the AG 5000 firmware is performed from the AG 5000’s Command Line Interface (CLI) only. Refer to the Firmware Upgrade Procedure (separate document available from Nomadix Technical Support).
Page 206 AG 5000 Notes Use this page for your notes. System Administration...
Page 207: Chapter 3: The Subscriber Interface
The Subscriber Interface is the window to the solution provider’s Web site, and much more than that. When a subscriber accesses the solution provider’s high speed network, the AG 5000 points their browser to a sign-in page. The AG 5000 then creates a database entry that automatically records the subscriber’s Media Access Control (MAC) address and integrates this address with a PMS interface for secure billing.
Page 208: Authorization And Billing
AG 5000 Authorization and Billing As a gateway device, the AG 5000 enables plug-and-play access to broadband networks. Broadband network solution providers can now offer their subscribers a wide range of high speed services, including access to the Internet. Of course, a high speed Internet connection is not free –...
Page 209: The Aaa Structure
(in the hotel scenario), via a mailed invoice, or directly to the subscriber’s credit card account. The following illustration shows the functional relationship between the AG 5000’s internal modules and the external support systems.
Page 210 The Authentication module can support user name and MAC address authentication simultaneously. The initial login page can be presented in various ways, depending on the system’s configuration. The AG 5000 supports any of the following methods and tools: Internal and external Web pages. External “portal” page for redirection.
Page 211: Process Flow (Aaa)
AG 5000 Process Flow (AAA) The following flowchart outlines the AAA and billing process. All actions depicted in the chart are administered and tracked by the AG 5000. AG 5000 detects connection and verifies user against authorization table New User...
Page 212: Internal And External Web Servers
Internet. The internal Web server is “flashed” into the system’s memory and the login page is served directly from the AG 5000. In the external Web server model, the AG 5000 redirects the subscriber’s login request to an external server. Either method is transparent to the subscriber;...
Page 213: Subscriber Management Models
Subscriber Management Models The system administrator establishes the subscriber management model via the Command Line Interface (CLI) or the Web Management Interface. These models can be changed while the AG 5000 is running (without rebooting or interrupting the service). Free Access –...
Page 214: Configuring The Subscriber Management Models
Credit card Enable the AAA services. You have the choice of enabling the AG 5000’s internal authorization module or using an external credit card authorization server. Internal Authorization Enabled Enter the credit card server’s URL and IP address, then enter the merchant ID you obtain from Authorize.Net.
Page 215: Information And Control Console (Icc)
AG 5000 Information and Control Console (ICC) The Information and Control Console (ICC) is a HTML pop-up window that is presented to subscribers, allowing them to select their bandwidth and billing options quickly and efficiently, and displays a dynamic “time” field to inform them of the time remaining on their account.
Page 216: Logout Console
AG 5000 Logout Console The AG 5000 allows System Administrators to define a simple HTML-based pop-up window for explicit logout that can be used as an alternative to the more fully featured ICC. The pop-up Logout Console can display the elapsed/count-down time and one logo for intra-session service branding.
Page 217: Chapter 4: Quick Reference Guide
Web Management Interface (WMI) Menus The following tables contain a listing and brief explanation of all menus and menu items contained in the AG 5000’s Web Management Interface (WMI), listed as they appear on screen. Main Page...
Page 218: Configuration Menu Items
(IP address) of administrator logins. A login is permitted only if a match is made with the master list contained on the AG 5000. If a match is not made, the login is denied, even if a correct login name and password are supplied.
Page 219 PMS feature. Port-Location Establishes the Access Concentrator settings. RADIUS Client With the appropriate product license, the AG 5000 supports Remote Authentication Dial-In User Service (RADIUS). This procedure sets up the RADIUS client. RADIUS Proxy Establishes RADIUS proxies, where different realms can be set up to directly channel RADIUS messages to the various RADIUS servers.
Page 220: Network Info Menu Items
AG 5000 Network Info Menu Items Item Description Displays the ARP table, including the destination IP address and the gateway MAC address. Displays the DAT session table. Hosts Displays the host table, including host names, associated IP addresses and any assigned aliases.
Page 221: Port-Location Menu Items
AG 5000 Port-Location Menu Items Items Description Adds or updates port-location assignments. Delete All Deletes all port-location assignments. Use this command with caution. Delete by Location Deletes port-location assignments, based on a specified location. Delete by Port Deletes port-location assignments, based on a specified port (VLAN tag).
Page 222: Subscriber Administration Menu Items
AG 5000 Subscriber Administration Menu Items Items Description Adds subscriber profiles to the database. Current Displays a list of all currently connected subscribers. Delete by MAC Deletes a subscriber, based on a specific MAC address. Delete by User Deletes a subscriber, based on a specific user name.
Page 223: Subscriber Interface Menu Items
AG 5000 Subscriber Interface Menu Items Items Description Billing Options Establishes the various billing plans and rates (schemes), including messages and appearance. ICC Setup Sets up the Information and Control Console (ICC) for subscribers. Language Support Defines the language to be displayed on the Web Management Interface and the subscriber’s portal page.
Page 224: System Menu Items
Reboot Reboots the AG 5000. Route Add Adds a route into the AG 5000’s routing table. Route Delete Deletes a route to a specific IP destination. Limits the number sessions any one user can take Session Limit over a given time period and, if necessary, then blocks malicious users.
Page 225 AG 5000 Items Description Static Port-Mapping Deletes static port-mapping schemes. Delete Blocks subscriber interfaces. Subscriber Interfaces Upgrade Obtain the latest Firmware Upgrade Procedure from Nomadix Technical Support. Quick Reference Guide...
Page 226: Alphabetical Listing Of Menu Items (Wmi)
AG 5000 Alphabetical Listing of Menu Items (WMI) The menu items listed here are for a fully featured AG 5000 (with all optional modules included). Refer to, “About Your Product License” on page Item Description Menu AAA ........Set AAA options ..............Configuration Access Control .....
Page 227 TCP ........Display the TCP performance statistics ......Network Info Time ........Set the system date and time ..........Configuration UDP........Display the UDP performance statistics......Network Info Upgrade........ Upgrade the AG 5000 system firmware......System URL Filtering.......Define URLs for filtering ........... Configuration Quick Reference Guide...
Page 228: Default (Factory) Configuration Settings
AG 5000 Default (Factory) Configuration Settings The following table shows a partial listing of the AG 5000’s primary default configuration settings (the settings established at manufacturing). For a complete listing of the factory default settings, refer to the file. For more information, factory.txt...
Page 229 AG 5000 Function Default Setting AAA Services Disabled Internal Authorization Enabled New Subscribers Enabled Credit Card Service Enabled Parameter Passing Disabled Usernames Enabled Disabled DNS Redirection Enabled SMTP Redirection Disabled SMTP Server IP 0.0.0.0 SNMP Disabled SNMP Get Community public...
Page 230: Product Specifications
AG 5000 Product Specifications Specifications ERFORMANCE User Support: Up to 2,000 users concurrently Throughput: 97Mbits/s* *As defined by RFC1242, Section 3.17 OUNTING 1U rack space in a 19” rack PERATING OLTAGE 100 – 250 VAC, 47/63Hz, Auto Sensing OWER ONSUMPTION...
Page 231 AG 5000 Specifications LED I NDICATORS ACT/LINK and 10/100 for each Ethernet port Power ETWORK ANAGEMENT Multi-Level Administration Controls Integrated VPN Client (IPSec) for secure connection to an NOC Access Control Lists Web Administration UI CLI via Telnet and Serial Port...
Page 232: Sample Aaa Log
AG 5000 Sample AAA Log The following table shows a sample AAA log. This log is generated by the AG 5000 and sent to the SYSLOG server that is assigned to AAA logging. Expira AG 5000 Type Subscriber MAC Date...
Page 233: Sample Syslog Report
AG 5000 Sample SYSLOG Report Syslog reports are generated by the AG 5000 and sent to the syslog server that is assigned to general error detection and reporting. 2003-02-10 11:25:53 Local2.Info 1.2.3.4 INFO [AG 5000 v5.4.03] DHCP: ndxDHCPInit: 0021 DHCP initialized 2003-02-10 11:25:53 Local2.Info 1.2.3.4 INFO [AG 5000 v5.4.03]...
Page 234: Keyboard Shortcuts
AG 5000 Keyboard Shortcuts The following table shows the most common keyboard shortcuts. Action Keyboard Shortcut Cut selected data and place it on the clipboard. Ctrl + X Copy selected data to the clipboard. Ctrl + C Paste data from the clipboard into a document (at the Ctrl + V insertion point).
Page 235: Radius Attributes
If the subscriber can be authenticated, the RADIUS server replies to the AG 5000 with a message instructing it to grant access to the subscriber. Optionally, the RADIUS server can instruct the NAS to perform other functions;...
Page 236: Authentication-Request
AG 5000 Authentication-Request Username Password Service-Type NAS-Port (port number) NAS-Identifier Framed-IP Address NAS-IP Address NAS-Port-Type Acct-Session-ID Log-Off-URL EAP-Packet (used for 802.1x) Message-Authenticator (used for 802.1x) State (used/tested for 802.1x) Called-Station-ID Calling-Station-ID Authentication-Reply (Accept) Reply-Message Reject-Message State (used/tested for 802.1x) Class...
Page 237: Accounting-Request
AG 5000 Accounting-Request Username Acct-Status-Type (Start/Stop/Update) Acct-Session-ID Acct-Output-Octets Acct-Input-Octets Acct-Output-Packets Acct-Input-Packets Class Nomadix VSAs: - Nomadix-Subnet - Nomadix-URL-Redirection - Nomadix-IP-Upsell Acct-Session-Time (Stop) Terminate-Cause (Stop) NAS ID NAS-IP Address NAS-Port-Type NAS-Port Framed-IP Address Acct-Delay-Time Called-Station-ID Calling-Station-ID Quick Reference Guide...
Page 238: Selected Detailed Descriptions
Access-Request and the Accounting-Request. Session Timeout There is currently no default session timeout that you can set in the AG 5000 Web Management Interface (WMI). If the Radius server does not send a Session-Timeout, the AG 5000 will set the subscriber expiration time to 0, which means access forever.
Page 239: Nomadix Vendor Specific Attributes
This is the Media Access Control (MAC) address of the client's computer. New Attributes in Acct-Request The AG 5000 has to send the following attributes in an Accounting-Stop: Acct-Output-Packets: number of packets sent by subscriber. Acct-Input-Packets: number of packets received by subscriber.
Page 240: Setting Up The Ssl Feature
You must purchase the SSL feature which is enabled through a license key from Nomadix. If you did not purchase the SSL feature, the SSL option in the AG 5000 platform's Web Management Interface (WMI) will still be present, but you will not able to enable the feature.
Page 241: Obtain A Private Key File (Cakey.pem)
Downloading Cygwin There are several sources for obtaining “Cygwin” to install OpenSSL. One popular source is: http://sources.redhat.com/cygwin/. Nomadix used Cygwin version 1.3.2 for generating this section of the User’s Guide. Installing Cygwin and OpenSSL on a PC The example in this document is based on downloading the software with Netscape 4.75.
Page 242 AG 5000 The following screen appears: Click on the button to display the next setup screen. Next Click on the button to display the next setup screen. Next Quick Reference Guide...
Page 243 Next Click on the button to display the next setup screen. Next Select a location and click on the button. Next For the purposes of this document, Nomadix used: ftp://planetmirror.com. Quick Reference Guide...
Page 244 AG 5000 In the following screens, please skip all packages except “cygwin” and “openssl,” then click on the Next when you are done. At the time of this writing, there are more than 70 packages to install. Please ensure that you “skip” all of them except the two packages mentioned above.
Page 245: Private Key Generation
AG 5000 Click on the button to start the “download” process. Wait for the download Next process to complete. Click on the button to start the “install” process. Wait for the install process to Next complete. There will be a pop-up dialog to inform you that the installation process is completed.
Page 246 (large compressed log files recommended by VeriSign). These files are entered in the key generation command as file1:file2:file3:file4:file5 > Output to. cakey.pem The file that contains the private key. You must have the file name “cakey.pem” to be used in the AG 5000. Quick Reference Guide...
Page 247 However, if you are saving them as different names, you must change the names back to “cakey.pem” when trying to FTP to the AG 5000. Do not include “-des3” option to keep the private key in an unencrypted form.
Page 248: Create A Certificate Signing Request (Csr) File
The “Common Name” is the name used in the AG 5000->AAA->SSL Certificate Domain Name. The Common Name in the Public Key must match the SSL Certificate Domain Name in the Web Management Interface of the AG 5000 (refer to the AG 5000 setup information later in this document).
Page 249: Create A Public Key File (Server.pem)
AG 5000 Here is the output of server.csr: Create a Public Key File (server.pem) VeriSign Purchasing Process The signing process varies by Certificate Authority. Generally, you will need to send a Certificate Signing Request to the Certificate Authority (CA) and the CA will create a public key base on the certificate request.
Page 250 Some older versions of popular browsers only support 40-bit or 56-bit encryption. Since it impossible to forecast the browsers that may be used in a visitor-based network, Nomadix recommends implementing a 40-bit Public Key. During the process, VeriSign will ask for your business information and verification.
Page 251 AG 5000 CSR Submission to VeriSign Please select “Apache Freeware” to submit the CSR to VeriSign. The Certificate Signing Request is in the server.csr (created in the previous step). Open server.csr and copy and paste all data into the edit box.
Page 252: Setting Up Ag 5000 For Ssl Secure Login
You have now finished the process of obtaining a public key. Setting Up AG 5000 for SSL Secure Login FTP the “cakey.pem” and “server.pem” files into the AG 5000 platform's flash directory. FTP to the AG 5000 by Netscape: ftp://username:password@[AG 5000 Network IP]/flash Drag and drop the “cakey.pem”...
Page 253: Setting Up The Portal Page
The AG 5000 assumes control of billing transmissions and saving billing records. By effectively “mirroring” the billing data, the AG 5000 can send copies of billing records to predefined “carbon copy” servers. Additionally, if the primary and secondary servers are down, the AG 5000 can store up to 2,000 PMS or credit card transaction records.
Page 254: Sending Billing Records
XML Interface XML for the External Server The AG 5000 sends a string of XML commands according to specifications. HTTP headers are added to the XML packets that are built, as the billing “mirroring” information is sent to the external server in HTTP compliant XML format.
Page 255 The AG 5000 accepts a single line of XML text in the specified format. The XML string is a command sent by the External Server to the AG 5000 product. In this case, the acknowledgement received from the External Server forms the command. The...
Page 256 OK or ERROR Standard IP format (123.123.123.123) ERROR_CODE 1 for OK, or any other number Please contact Nomadix Technical Support for the complete XML DTD. Refer to “Contact Information” on page 259. For more information about Billing Records Mirroring, see also: “Billing Records Mirroring”...
Page 257: Chapter 5: Troubleshooting
Management Interface. General Hints and Tips The AG 5000 is both a hardware device and a powerful software utility. As a hardware computing device, the AG 5000 requires careful handling. It should be positioned in a dust-free and temperature-controlled environment. Never block the unit’s ventilation holes, and do not stack with other equipment (unless correctly...
Page 258: Management Interface Error Messages
AG 5000 Management Interface Error Messages The following table contains the error messages associated with the Management Interface (CLI and Web). All messages are listed alphabetically. Error Message Cause AAA must be enabled before adding a You are attempting to add a subscriber subscriber to the profile database.
Page 259 When upgrading the software, the system must FTP a valid boot image to the flash. needs the new boot image file. You must FTP the file from NOMADIX™ to your local hard drive. Warning: no DHCP services are available This message is displayed because you to subscribers.
Page 260: Common Problems
255.255.255.0 The DHCP relay is disabled Check the internal DHCP and the DHCP service service settings. settings in the AG 5000 are misconfigured. Subscribers are unable to The DNS server settings are Check the DNS settings route to a domain name, but misconfigured.
Page 261 Solution When a subscriber logs in Home page redirection is Enable home page for the first time, their not enabled in the AG 5000. redirection. browser is not redirected to The home page URL was Re-enter the correct URL. the specified home page.
Page 262 AG 5000 Notes Use this page for your notes. Troubleshooting...
Page 263: Appendix: Technical Support
We have tried to ensure that you get the most up-to-date information available about the AG 5000, and we hope this User’s Guide has met all your operational and performance needs. However, we understand that occasionally you may run into problems that require additional technical support.
Page 264 AG 5000 Notes Use this page for your notes. Technical Support...
Page 265: Glossary Of Terms
10/100 Ethernet See Ethernet. (Authentication, Authorization, and Accounting) A combination of commands used by Nomadix Gateways to authenticate, authorize, and subsequently bill subscribers for their use of the customer’s network. When a subscriber logs into the system, their unique MAC address is placed into an authorization table. The system then authenticates the subscriber’s MAC address and billing information before allowing them to...
Page 266 (ACKnowledgment) If all the transmitted data is present and correct, the receiving device sends an ACK signal, which acts as a request for the next data packet. Adaptive Configuration Technology A Nomadix, Inc. patented technology that enables Dynamic Address Translation. See also, DAT. ad-hoc mode 802.11x networking framework in which devices or stations communicate directly with each other, without the use of an Access Point (AP).
Page 267 (permanent) IP addresses, or subscribers that do not have DHCP functionality on their computers. DAT is a Nomadix, Inc. patented technology that allows all users to obtain network access, regardless of their computer’s network settings. See also, DHCP.
Page 268 AG 5000 DTIM (Delivery Traffic Indication Message) A message included in data packets that can increase wireless efficiency. Dynamic IP Address A temporary IP address that is assigned by the DHCP server to a device. Devices retain dynamic IP addresses only for the duration of their networking session. When a device disconnects from the network, the IP address is recaptured by the DHCP server and becomes available for reassignment to another device.
Page 269 AG 5000 FHSS (Frequency Hopping Spread Spectrum) One of two types of spread spectrum radio—the other being Direct- Sequence Spread Spectrum (DSSS). FHSS is a transmission technology used in WLAN transmissions where the data signal is modulated with a narrowband carrier signal that "hops" in a random but predictable sequence from frequency to frequency as a function of time over a wide band of frequencies.
Page 270 AG 5000 (Home Page Redirection) Nomadix Gateways enable solution providers to redirect subscribers to a “portal” home page of their choice. This allows the solution provider to generate online advertising revenues and increase business exposure. See also, Home Page. HTML (HyperText Markup Language) The programming language used to create hypertext documents for use on the Internet.
Page 271 Whenever a subscriber logs on, your Nomadix Gateway automatically translates their computer’s network settings to provide them with seamless access to the broadband network. Subscribers no longer need to alter their computer’s settings.
Page 272 SNMP agent with a properly defined MIB. See also, SNMP. Misconfigured User A Nomadix, Inc. term used to describe users who have IP address configurations that are different from the current network. For example, if the current network is 123.45.67.89 but the user’s IP address is 10.10.10.15, then this user is considered to be “misconfigured.”...
Page 273 AG 5000 OSPF (Open Shortest Path First) This routing protocol was developed for IP networks based on the shortest path first or link-state algorithm. Routers use link-state algorithms to send routing information to all nodes on a network by calculating the shortest path to each node based on a topography of the Internet constructed by each node.
Page 274 AG 5000 PPTP (Point-to-Point Tunneling Protocol) Developed jointly by Microsoft Corporation, U.S. Robotics, and several remote access vendor companies, known collectively as the PPTP Forum, PPTP is a new technology used for creating Virtual Private Networks (VPNs). Because the Internet is essentially an open network, PPTP is used to ensure that messages transmitted from one VPN node to another are secure.
Page 275 Normally, a solution provider is offering a solution that isn’t readily available on the open market. For example, NOMADIX™ is a solution provider to its customers (broadband network service providers), and those customers are solution providers to their end users (network subscribers).
Page 276 AG 5000 (Spanning Tree Protocol) A link management protocol that is part of the IEEE 802.1 standard for media access control bridges. Using the spanning tree algorithm, STP provides path redundancy while preventing undesirable loops in a network that are created by multiple active paths between stations. Loops occur when there are alternate routes between hosts.
Page 277 AG 5000 (Transport Layer Security) A protocol that guarantees privacy and data integrity between client/server applications communicating over the Internet. The TLS protocol is made up of two layers: TLS Record Protocol Layered on top of a reliable transport protocol, such as TCP, it ensures that the connection is private by using symmetric data encryption and ensures that the connection is reliable.
Page 278 (Wireless Local Area Network) Also referred to as LAWN. A type of local-area network that uses high- frequency radio waves rather than wires to communicate between nodes. See also, Node. (Web Management Interface) The browser-based system administrators interface for all Nomadix Gateways.
Page 279 HTML. For example, XML supports links that point to multiple documents, as opposed to HTML links, which can reference just one destination each. For all Nomadix Gateways, XML is used by the subscriber management module for port location and user administration.
Page 280 AG 5000 Notes Use this page for your notes. Glossary of Terms...
Page 281: Index
AG 5000 Index Command Line Interface inputting data AAA services logging in External Web Server common problems Internal Web Server concurrent login Configuration menu message definitions configuration settings log sample archiving process flow exporting structure importing from archive access control 13, 15,...
Page 282 Information and Control Console 15, 19, sample 158, login access levels assigning banners Logout Console 158, assigning buttons logout console pixel sizes time formats inputting data MAC filtering 21, in-room port mapping Management Information Base Installation installing powering up the AG 5000 management interfaces Index...
Page 283 Port-Location menu installing post session user interface MRS 30, 86, powering down multi-level administration 21, powering up the AG 5000 multiple subnets problem solving product configuration licensing network architecture (sample) product licensing network connections...
Page 284 Subscriber Administration menu subscriber interface UDP statistics Subscriber Interface menu UI buttons subscriber interfaces UI labels blocking unpacking the AG 5000 Subscriber Management updating firmware configuration URL filtering models subscriber messages subscriber profiles VPN tunneling adding...
Page 285 AG 5000 warnings Web Management Interface menu organization workflow XML API XML interface Index...
Page 286 AG 5000 This page intentionally blank Index...

Nomadix AG 5000 User Manual

Chapter 1: Installing the AG 5000

Chapter 2: System Administration

Chapter 3: The Subscriber Interface

Chapter 4: Quick Reference Guide

Chapter 5: Troubleshooting

Appendix: Technical Support

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Nomadix AG 5000

Summary of Contents for Nomadix AG 5000