59
AP-2500 Authentication Methods
• The customer must try to access a valid Web site to initiate a redirect. Entering an unreachable URL or invalid
Web address will not initiate a redirect to the External portal page.
• Customers who try to access e-mail first will not have a connection. Customers need to login via a Web
browser first.
3. Client sends its login credentials (User name/password) to the EWS (by way of the AP).
4. EWS authenticates the user based on the client’s login credentials and notifies AP of successful authentication
using XML commands (USER_ADD and UPDATE_CACHE).
5. AP performs the following tasks:
• Adds client to its Authorized Subscribers Table based on the settings received from the EWS.
• Updates the user’s State to “Valid” within its Current Subscribers Table.
• Redirects client to requested Web page or site specified by Home Page Redirection settings.
Configuration Instructions
The configuration instructions are divided into two topics:
•Setup your External Web Server
•Configure the AP-2500
Setup your External Web Server
Before configuring the AP to communicate with an EWS, you need to set up your Web server and determine how the
AP-2500 can integrate into your existing billing system (if applicable). You will also need to write the appropriate scripts
to communicate user information to the AP using XML and design a login page for your users that interfaces with your
external authentication service and communicates information back to the AP. See the XML Interface Specification for
more information.
NOTE
This configuration is intended for advanced users who have some background in Web design. You may want
to consider implementing either Internal Authentication or Internal Authentication with RADIUS if you do not
have experience working with XML.
Configure the AP-2500
Follow these steps to configure the AP to communicate with an External Web Server:
1. Configure the AP-2500’s basic settings. This includes the AP’s IP address, System parameters, and management
passwords. See Basic Configuration for details.
2. If not already open, access the AP’s Web browser interface. (See Logging into the Web Interface for instructions.)
3. Click Configure > Network > DHCP Server to configure the AP’s DHCP Server settings. The default setting
should be suitable for most networks.
• By default, the AP is configured to provide IP addresses to subscribers in the range of 10.0.0.12 to 10.0.0.36
with a 255.255.255.0 subnet mask. This is a private IP range. In most configurations, you should have
assigned the AP a public IP address (that is, an address valid on the Internet). Using the default settings, the
AP performs Network Address Translation (NAT) to provide Internet access to its clients. See Dynamic
Address Translation (DAT) for more information on NAT.
• You should change the default address range if it conflicts with the settings of another DHCP server on your
network. Also, before modifying the AP’s address pool, confirm that there is not another DHCP server on the
network already serving addresses from this particular address range.
• You can disable the AP’s DHCP server if there is another DHCP server that you want to use instead. See
Disabling the AP’s DHCP Server for details.
4. Configure IP Upsell, if desired. See IP Upsell for details.
• In general, it costs more to obtain public IP addresses from your ISP due to limited availability. If you have a
pool of public IP addresses that you can distribute, you can offer standard customers less expensive private
IP addresses and premium customers public IP addresses. This concept is known as “IP Upsell”.