47
AP-2500 Authentication Methods
NOTE
Advanced users can also manage the AP from a network computer using XML commands (tasks such as
adding and deleting users). See AAA Basic for configuration information and XML Interface Specification for
information on XML commands.
12. Click OK to save your changes to the AAA settings.
13. Click the Internal tab.
14. Configure the SSL parameters (Enable SSL and Certificate DNS Name), if desired.
• This provides secure communication between subscribers and the AP. If you enable this feature, you will also
need to upload your certificate keys to the AP. See Secure Socket Layer (SSL) for more information on this
feature.
15. Configure the Portal Page parameters if you want to provide a custom “Welcome” screen for your subscribers.
See Portal Page for detailed instructions and examples.
• Place a check mark in the Enable Portal Page box.
• Enter the URL for your Portal Page in the field provided.
• The Portal Page resides on an external Web server (such as a Windows 2000 Server running Internet
Information Services (IIS)) on your network.
NOTE
The Smart Client option is only applicable if you have enabled RADIUS. See Smart Client and Internal
Authentication with RADIUS for details.
16. Configure the Enable User Name and Enable New Subscribers settings.
• The table below describes the system response to the available User Name and New Subscribers
combinations:
Table 3-1 User Name and New Subscriber
• If you are renting cards to customers, disable User Name and New Subscribers. Only cards whose MAC
addresses are entered in the Authorized Subscribers Table will have access to the Internet.
• If you are using credit card services, enable User Name and New Subscribers (if you want subscribers to
create a username and password) or only enable New Subscribers (if you want subscribers to access the
network based on their Wi-Fi card’s MAC address).
— The only difference between these two scenarios is that with username/password, subscribers can
access the Internet from a different Wi-Fi device at a later date. For example: a subscriber purchases two
days of Internet access. On the second day, the subscriber returns to the hotspot with a different Wi-Fi
card. If using username/password authentication, the subscriber will be able to access the Internet using
the different card with no intervention from the hotspot operator. Note that the subscriber will only be able
to log in using a different Wi-Fi card if the account is not already in use (as displayed in the Current
Subscribers Table). Note that a subscriber that has turned off his computer or has left the hotspot is
removed from the Current Subscriber Table after 10 minutes.
• If you are manually entering user names and passwords into the Authorized Subscribers Table, enable User
Name but disable New Subscribers.
User Name New Subscribers System Response
Disabled (default) Enabled (default) Allows new and existing subscribers access to the network without supplying a User name
and password. Authentication is based on the MAC address of the subscriber’s Wi-Fi card.
This setting works in conjunction with credit card services.
Enabled Enabled Allows new and existing subscribers access to the network after supplying a user name
and password. This setting works in conjunction with credit card services.
Enabled Disabled Only allows existing subscribers after supplying a user name and password.
Disabled Disabled Only allows existing subscribers based on a card’s MAC address.