Tut Systems SMS2000 manual Introduction, Subscriber Management Features

Page 11

Introduction

Chapter1 - Introduction

Tut Systems’ Expresso Subscriber Management System (SMS2000)and Operation Center Software (OCS) offer a complete solution for delivering and controlling Internet Protocol (IP) based services to subscribers. The SMS2000 delivers powerful subscriber management features to service providers.

The SMS2000 allows almost any type of in-building network infrastructure to be transformed into a robust public network, dramatically reducing configuration headaches, minimizing undesirable interactions between subscribers, and allowing the service provider to deliver a flexible suite of IP services over a common infrastructure.

Authentication, authorization, accounting, provisioning, and a wide range of billing options complete the package, which allows service providers to get subscribers up and running quickly.

Subscriber Management Features

The features supported by Tut Systems’ Expresso Subscriber Management System are briefly described below:

Plug-and-playnetworking—Clients that are misconfigured or have configurations from other networks can connect to the SMS2000 without any reconfiguration of IP address, netmask, or gateway address required. That means, for example, laptops hooked up in hotel rooms by guests need not be reconfigured prior to use.

Firewall protection—Clients attached to the SMS2000 can be protected from many types of Internet hacking by making them invisible from the outside using Network Address Translation (NAT).

Authentication, authorization, accounting—Using the SMS2000 with traditional RADIUS servers or Tut Systems’ included OCS server software, service providers are able to authenticate individual users, authorize particular services, and track usage.

Provisioning and billing—OCS adds a number of functions that allow simple provisioning by the service provider or the subscriber. Billing can be applied to credit cards or to hospitality PMS interfaces for direct room billing on a guest’s folio.

Bandwidth management—Each individual client can have a separate maximum bandwidth allowance as part of the “user policies.”

IP address management—Individual clients can use one of the following:

A fixed (static) IP address suitable for operating servers visible to the Internet.

DHCP to retrieve an IP address suitable for using protocols unfriendly to NAT.

An invisible shared address through the use of NAT.

IP type 1 to 1 for subscriber accountability with plug and play networking.

IP type 1 to 1 unique for maximum subscriber accountability with plug and play networking.

TUT Systems, Inc

Page 11 of 104

P/N 220-06288-20

Image 11
Contents TUT Systems SMS2000 User Guide SMS2000 User’s Guide SMSUser’s Guide Contents Connectivity and Testing Configuring SmtpConfiguring NTP Configuring Snmp PollingAuthorization Authentication Configuring the Command ServerAuthentication Authentication with RadiusSMS2000 Rules Using Rule PrioritiesConfiguring Radius GroupsSMS2000 Status Attributes and Statistics Using Both Radius and OCS AuthenticationWeb Proxy Settings SMS2000 Troubleshooting ProceduresList of Figures Radius Attributes in Access-Accept PacketsList of Tables Related Documentation PrefaceAudience Documentation available for this ReleaseIntroduction Subscriber Management FeaturesIntroduction Subscriber Management Components Subscriber Management ComponentsOCS SMS2000Introduction User Interface Getting StartedStyle Conventions Accessing Help for CommandsFor example restore config web original-confi g Ifconfig portnumber ipaddress /masklenCursor Motion Keystrokes Cursor MovementEstablishing a Connection Via a Serial Interface Initial ConfigurationClick Configure Establishing a Connection with the SMS2000Establishing a Connection Via Telnet Initial Configuration Setting the Quick Configuration Initial ConfigurationChanging Your Password Saving the Configuration Setting the HostnameDisabling Authentication Reboot Rebooting the SystemVerifying the Configuration Set config-mailrecipient@SMTPserver SMTPserver System AdministrationConfiguration E-Mail Settings Setting the Default Configuration E-mailCommitting Configuration Changes Configuration and System File ToolsMailing the Current Configuration Deleting the Configuration E-mailCommit noauto Automatically Committing Configuration ChangesDisabling Automatic Configuration Changes Commit autoRestoring a Previous Configuration Saving a ConfigurationLoading a Configuration File Deleting the Smtp Server Configuring SmtpRestoring the Default Configuration Setting the Smtp ServerSet smtpid on off Configuring NTPSetting the Smtp ID Setting the TimezoneEnabling Snmp Polling Configuring Snmp PollingConfiguring the NTP server Setting the TimeSnmp-pollmacaddress Testing to See if Snmp Polling will WorkDisabling Snmp Polling System Tools Connectivity and TestingTesting Connectivity Setting Specialized System OptionsPort-definition mixed tut vlan Setting and Deleting Static PortsDefining Ports Leftrighthelp ?Displaying Log Messages Disconnecting a Session on a PortSetting the Syslog Server Event TrackingExiting the Management Session System Administration ToolsDisplaying Version Information Keys Changing a PasswordDisplaying Control Keys PasswdSnmp System Location Snmp ManagementSnmp Agent Snmp System ContactSnmp Trap Recipient Snmp CommunityShow snmp trap-recipient Troubleshooting ToolsSystem Information Tools SMS2000% snmp delete trap-recipientSetting the ARP Polling Period Subscriber Connectivity CommandsUpgrades Setting the ARP Failure LimitArchiving SMS2000 Firmware and distributing it from a Server Upgrading from Tut Systems’ WebsiteLoading Another Image Verifying a Successful UpgradeReturning to an Older Firmware Version System Administration Authentication AuthenticationAdding the OCS as the Authentication Server Configuring the Command ServerSetting the Command Server for OCS Interaction Deleting the Command ServerAuth on Deleting an Authentication ServerTesting Authentication Auth add web url secret secret cmd-servAuth interval minutes off Setting the Authentication IntervalBypassing Authentication Auth off forcedweb authokurl blockallDeleting the Http Request Throttle Setting the Http Request ThrottleHttp Request Throttle Allow-NetsSet allow-netipaddress netmask dns-name Setting an Allow-NetSet authok url Setting the Automatic Redirection URLAutomatic Redirection URLs Deleting an Allow-NetDelete authok Authentication with RadiusDeleting the authok Adding a Radius ServerSyntax Description CommandUsage Guidelines Example DefaultDefault retrans-primary-only is Set nas-port-type Set NAS port type parameterSet nas-port-type integer Show status radius Example Testing Authentication on the Radius ServerConfiguring a Radius SSL Back Channel Show status radiusServer Functionality AuthorizationAuthorization AuthorizationSending Accounting Messages to a Syslog Server AccountingAccounting Deleting a Radius Accounting Server Radius Accounting ConfigurationConfiguring Accounting Parameters Sending Accounting Messages to a Radius ServerProvisioning ProvisioningBilling BillingGroup add groupname noinherit inherit groupname Service Creation Using Groups and RulesGroups Adding a GroupDeleting a Group Setting the Active Group ContextSubscribers that Cannot Support Authentication Setting Maximum Users Per PortSet rule rulename groupname priority rulestring SMS2000 RulesAdding a Rule Deleting a RuleIp=ipaddress ,netmask Rule Expression ComponentsIP Address MAC AddressTut=ipaddress-linenum*-portnum Not OperatorVlan=vlanida-vlanidb Expression and expression OperatorOr Operator ParenthesisUsing Rule Priorities Plug and Play With NAT IP AddressingIP Addressing Dhcp Pools Static Routable AddressesIP Multicasting Static Non-Routable AddressesUnderstanding 1to1 and 1to1 Unique IP Types Configuring IP TypesIptype default NAT static Dhcp 1to1 1to1Unique Set source-netstartaddress endaddress subnet-mask Setting a Source-NetDeleting a Configured Source-Net Source-NetsDhcp-server release macaddress Setting the DNS Server AddressCreating Dhcp Pools Removing a Dhcp AssignmentSet dns add ipaddress Static RoutesDeleting the DNS Server Address Adding RoutesSet lpr hostname off queuename maxpages maxbytes Setting up the LPR HostPrinting Obtaining the Radius Server Software Using SMS2000 with a Radius ServerConfiguring Radius Adding Users to the Radius Server Configuring Service ParametersAdding the SMS2000 as a Client on the Radius Server Radius Ports Using Real IP AddressesRadius Attributes Sent in Accounting Messages SMS2000 Status Attributes and StatisticsSMS2000 NAS File Radius Attributes Received in Access- Accept Packets Using Both Radius and OCS AuthenticationRadius Attributes Sent In Access Request Packets Shape xbps/rbps delete Setting Traffic ShapingDeleting Traffic Shaping Shape xbps/rbpsSMS2000 and Property Management Systems PMS Setting the PMS ServerTTY ACK-NAK ENQ-ACK-NAK Protocol ModesENQ-ACK-NAK Mode Loading Web Pages or Files Customizing SMS2000 Web Authentication with RadiusLoading and Deleting Customized Web Pages Files For GroupsImage Links Load web url defaultsPath Components Preserving the Web Form Customizing Web PagesUpgrading Deleting Web Pages or FilesWeb Page Redirection Size For Web Pages and External LinksReference Active Page ComponentsViewing Customizations Setting the Wpad Timeout Configuring Web Proxy SettingsWeb Proxy Settings Setting the Wpad CurlWeb Proxy Server Show proxy-ports Set proxy-ports portDelete proxy-ports port SMS2000 Troubleshooting Procedures SMS2000 TroubleshootingUnable to do credit card Snmp PollingMultiple frames opened BrowserLine Verify OCS screens offRadius Attributes in Access-Accept Packets Appendix a Radius Access-Accept Dictionary FileAppendix Appendix TUT Systems, Inc 100 Equipment Return and Repair Appendix B Technical Assistance and Customer SupportTechnical Support Internet TelephoneExclusive Remedies Appendix C SMS2000 Limited WarrantyHardware Limited Warranty Limitations of WarrantyFCC Radio Frequency Interference Statement Electrical Safety AdvisoryTut Systems, Inc., Customer Service Department AssistanceTUT Systems, Inc 104