Proxim AP-2500 - page 47

AP-2500 Authentication Methods

NOTE

Advanced users can also manage the AP from a network computer using XML commands (tasks such as

adding and deleting users). See AAA Basic for configuration information and XML Interface Specification for

information on XML commands.

12. Click OK to save your changes to the AAA settings.

13. Click the Internal tab.

14. Configure the SSL parameters (Enable SSL and Certificate DNS Name), if desired.

• This provides secure communication between subscribers and the AP. If you enable this feature, you will also

need to upload your certificate keys to the AP. See Secure Socket Layer (SSL) for more information on this

feature.

15. Configure the Portal Page parameters if you want to provide a custom “Welcome” screen for your subscribers.

See Portal Page for detailed instructions and examples.

• Place a check mark in the Enable Portal Page box.

• Enter the URL for your Portal Page in the field provided.

• The Portal Page resides on an external Web server (such as a Windows 2000 Server running Internet

Information Services (IIS)) on your network.

NOTE

The Smart Client option is only applicable if you have enabled RADIUS. See Smart Client and Internal

Authentication with RADIUS for details.

16. Configure the Enable User Name and Enable New Subscribers settings.

• The table below describes the system response to the available User Name and New Subscribers

combinations:

Table 3-1 User Name and New Subscriber

• If you are renting cards to customers, disable User Name and New Subscribers. Only cards whose MAC

addresses are entered in the Authorized Subscribers Table will have access to the Internet.

• If you are using credit card services, enable User Name and New Subscribers (if you want subscribers to

create a username and password) or only enable New Subscribers (if you want subscribers to access the

network based on their Wi-Fi card’s MAC address).

— The only difference between these two scenarios is that with username/password, subscribers can

access the Internet from a different Wi-Fi device at a later date. For example: a subscriber purchases two

days of Internet access. On the second day, the subscriber returns to the hotspot with a different Wi-Fi

card. If using username/password authentication, the subscriber will be able to access the Internet using

the different card with no intervention from the hotspot operator. Note that the subscriber will only be able

to log in using a different Wi-Fi card if the account is not already in use (as displayed in the Current

Subscribers Table). Note that a subscriber that has turned off his computer or has left the hotspot is

removed from the Current Subscriber Table after 10 minutes.

• If you are manually entering user names and passwords into the Authorized Subscribers Table, enable User

Name but disable New Subscribers.

User Name New Subscribers System Response

Disabled (default) Enabled (default) Allows new and existing subscribers access to the network without supplying a User name

and password. Authentication is based on the MAC address of the subscriber’s Wi-Fi card.

This setting works in conjunction with credit card services.

Enabled Enabled Allows new and existing subscribers access to the network after supplying a user name

and password. This setting works in conjunction with credit card services.

Enabled Disabled Only allows existing subscribers after supplying a user name and password.

Disabled Disabled Only allows existing subscribers based on a card’s MAC address.