Allied Telesis AT-WR4500 manual HotSpot How-tos, Then we can use that certificate for hotspot

RADIUS client non-fatal errors:

•invalid username or password - RADIUS server has rejected the username and password sent to it without specifying a reason. Cause: either wrong username and/or password, or other error. Solution: should be clarified in RADIUS server's log files

•<error_message_sent_by_radius_server> - this may be any message (any text string) sent back by RADIUS server. Consult with your RADIUS server's documentation for further information

RADIUS client fatal errors:

•RADIUS server is not responding - user is being authenticated by RADIUS server, but no response is received from it. Solution: check whether the RADIUS server is running and is reachable from the HotSpot router

10.3.12 HotSpot How-to's

Description

This section will focus on some simple examples of how to use your HotSpot system, as well as give some useful ideas.

Setting up https authorization

At first certificate must be present with decrypted private key:

[admin@AT-WR4562] > /certificate print

Flags: K - decrypted-private-key, Q - private-key, R - rsa, D - dsa 0 KR name="hotspot.example.net"

subject=C=LV,L=Riga,O=MT,OU=dev,CN=hotspot.example.net,

emailAddress=admin@hotsot.example.net

issuer=C=LV,L=Riga,O=MT,OU=dev,CN=hotsot.example.net,

emailAddress=admin@hotsot.example.net serial-number="0" email=admin@hotsot.example.net

invalid-before=oct/27/2004 11:43:22 invalid-after=oct/27/2005 11:43:22 ca=yes

Then we can use that certificate for hotspot:

ip hotspot profile set default login-by=cookie,http-chap,https \ ssl-certificate=hotsot.example.net

After that we can see, that HTTPS is running on hotspot interface:

Bypass hotspot for some devices in hotspot network

All IP binding entries with type property set to bypassed, will not be asked to authorize - it means that they will have login-free access: