Title: Wireless Subscriber Gateway
1WirelessSubscriberGateway
- Sales Department
- Advanced Internet Access, LLC
- TEL 425-814-2216
- FAX 425-605-3549
- Email sales_at_aiallc.com
- www.InstantHotSpot.com
Ver 1.7
2Just Plug in..and go to the Internet
Users just want to simply plug in -- and go to
the Internet. No configuring. No network changes.
No software. The WSG-5000 solves connectivity
problems by offering
instant Internet access for guests with no
settings to change, no IP addresses to alter, and
no subnets or gateways to negotiate to properly
configure a guests laptop for the facilitys
network, that means without changing network
settings, even if they have a static IP address
pre-set.
Users simply plug into the network and they are
immediately connected.
3WSG-5000Wireless Subscriber Gateway
The Integrated Solution for small to medium area
Hot Spots
The Wireless Subscriber Gateway is a
free-standing intelligent gateway with a 4-port
switch, capable of supporting up to 100
simultaneous users. Designed for use in the
small to medium environments such as hotels,
lobbies, cafes, RV parks and marinas, the
Wireless Subscriber Gateway acts as an hotspot
access controller and provides instant Internet
access, advanced security and network management.
4Key Features and Highlights
IP Plug and PlayZero Configuration Outgoing
E-mail Redirection Transparent HTTP Proxy AAA and
Billing Web-based Internet Access Credit Card
Ready Dynamic Accounts 10 Billing
Profiles On-line Selective Service requires
optional payment gateway service, like
Security Layer 2 Isolation VPN Pass through SSL
Login Page/Administration Administration Access
Control Pass through IP/MAC Address Management LAN
Device Management Real-time Session List Syslog
Marketing Service Customized Login Page Login
Page Redirection Advertisement Link Walled
garden Miscellanies Pass Through IP/MAC
address Multiple WAN connections
5IP Plug and Play
- Zero Configuration Internet Access
- Outgoing Email Redirection
- Transparent HTTP Proxy
6Key FeaturesZero Configuration Internet Access
Easy-to-Use, Plug-and-Play Internet AccessAIAs
unique IP Plug-and-Play (iPnP) technology allows
subscribers to connect with ease for broadband
access without having to re-configure any of
their device IP settings including DHCP, DNS,
Proxy and dynamic and static IP address
assignments.
WSG-5000
ADSL Modem
Ethernet / VDSL / HomePNA Switch
Dynamic IP
Fixed Global IP
Fixed Private IP
DHCP Client
HTTP Proxy
7Key Features Outgoing Email Redirection
The WSG-5000 will redirect subscribers original
message of E-mail according to SMTP rules and
sent it out via the specified SMTP server. This
function could help subscribers to send E-mail
via the local SMTP server when their default SMTP
server is out of work or dont allow connecting
from Internet.
Pre-installed Email Server 210.66.77.88
- All SMTP packet from Subscribers will be
re-directed to specified SMTP Server which
pre-installed by service provider. - Relay function of this SMTP Server must be
enabled. - Subscribers no need to modify the SMTP setting
for their laptop.
Send mail
Send mail
Original SMTP Server Setting 192.168.100.3
Original SMTP Server Setting mail.aiallc.com
8Key Features Transparent HTTP Proxy
Supports common proxies acting as a proxy server.
This function could help subscribers without
changing proxy settings to eliminate support
calls related to client proxy settings. (only
support HTTP proxy)
WSG-5000
HTTP
Even subscribers browser has proxy server
setting, the WSG-5000 could work as proxy server
to serve this laptop. Subscriber do not need to
change the proxy setting of his laptop.
Proxy Server Enable
Proxy Server Disable
9AAA and Billing
- Web-based Internet Access
- Dynamic Accounts
- 10 Billing Profiles
- On-line Selective Service
- Real-time credit card authorization
10Key Features Web-based Internet Access
The Login page displays prompting the
subscriber to enter the username and password for
the first time Internet access. Subscribers
without valid username and password cannot access
Internet.
WSG-5000
ADSL /Cable Modem
Blocked
Login Page
Login Page
Login Page
User B
WITH valid credential
WITH valid credential
WITHOUT valid credential
11Key Features 10 Billing Profiles
The administrator can define up to 10 billing
profiles. The billing time base can be minute,
hour, day, week, month and unlimited.
12Key Features On-line Selective Service
Subscribers can choose from the pre-defined
service selections (billing profiles) when login
if PMS implemented.
Administrator can define 10 billing profiles
Subscriber can choose one billing profile when
login
13Key Features Dynamic Accounts
Dynamic Accounts can be created randomly and have
expired duration. It is designed for provisional
usage. You have three ways to operate the
accounts 1. Clicking a button on the 1 or
3-button printer connected to the WSG-5000
console port 2. Clicking a pre-defined button on
the Web-based Dynamic Account Operator and print
the receipt out on the attached thermal printer
or a PC-Connected printer. 3. Letting users log
in using a credit card. (Optional service from
)
2. From the Web-based dynamic account operator
1. From the connected AG-100
AG-100
Can choose from 10 billing profiles
14Security
- Layer 2 Isolation
- VPN Passthrough
- SSL Login Page and Administration
- Administration Access Control
15Key Features Layer 2 Isolation
Layer 2 VLAN Isolation prevents every wireless
and wired subscriber from communicating with each
other, even they are within the same subnet. They
can see the Internet, but not each other! This is
the best solution for Hotspot security,
preventing a guest (or drive-by user) from
hacking into your other guests.
WSG-5000
ADSL /Cable Modem
X
X
16Key Features VPN Pass-through
VPN Pass-through provides the subscribers who
want to run his VPN or secure tunneling client
software to connect to his/her companys VPN
server Interoperability List AVAYA(IPSec),
Cisco(IPSec), Nortel(IPSec), CheckPoint(IPSec) Sym
antec(IPSec), Microsoft Win2000 RRAS(PPTP, L2TP)
PPTP VPN Server
Mail
FTP
Company A
VPN Client PPTP
L2TP VPN Server
Secure Tunnel
Mail
FTP
VPN Client L2TP
The WSG-5000 supports only Encapsulating Security
Payload (ESP) tunnel mode. This is the most
common mode of establishing IPSec tunnels. In the
rare case that a subscriber is using one of the
other methods, then it would be necessary for
this user to be given a public IP address. Other
IPSec methods are Authentication Header (AH)
transport and tunnel mode and ESP transport mode.
Company C
IPSec VPN Server
Mail
FTP
Company B
VPN Client IPsec
17Key Features SSL Login Page/Administration
We use Secure HTML Login Page through SSL to
protect username and password while LAN users
login. That enables secure authentication within
the network, preventing wireless snoops from
seeing your guests keystrokes and data.
WSG-5000
ADSL /Cable Modem
X
(((((((((((((((((((((((
Login Page
Username ???????? Password ?????????
Wireless Airopeak
Subscriber Logins Username/Password are
encrypted, therefore even the packets are
captured ,hackers still uneasily to know the
username/password
User B
SSL Secure Login Page and Administrative Page
18Key Features Administration Access Control
The WSG-5000 integrates a secure administration
access control list that checks the source (IP
address) of administrator logins. A login is
permitted only if a match is made with the list
contained on the WSG-5000. If a match is not
made, the login is denied, even if a correct
login name and password are supplied.
Specified IP Address For Administration
IP Address without in the list
19Management
- LAN Device Management
- Real-time Session List
- Syslog
20Key Features LAN Device Management
The administrator can directly remote control the
devices under the LAN via WSG-5000 and check the
status(OK/Fail) of the LAN devices.
LAN Devices Management
Global IP 210.66.37.22
10.59.1.60
60001
10.59.1.65
60006
10.59.1.66
60007
Administrator
http//210.66.37.2260006
HPNA Switch
Private IP 10.59.1.60
WAP Wireless AP
WAP Wireless AP
Private IP 10.59.1.66
Private IP 10.59.1.65
21Key Features Real-time Session List
The remote site administrator could monitor the
real time usage status of WSG-5000 via Session
list page.
Administrator
Global IP 210.66.37.22
Network Management PC
PS 1
AP 1
AP 2
HPNA Switch
WAP Wireless AP
WAP Wireless AP
22Key Features System Logs
WSG-5000 provide 5 categories of logs which will
send to specified Syslog server. Network manager
can know the network status according to the
following logs. 1. System category System
information System Boot Notice System Manager
Activity information 2. Accounting Account
Created Subscriber Trace Logged-in Users 3.
Billing Billing Log 4. LAN Devices
Management LAN Devices Information LAN Devices
Alarm 5. Alert Administration Access Fail
Syslog Server
ADSL /Cable Modem
23Marketing Service
- Customized Login Page
- Login Page Redirection
- Advertisement Link
- Walled Garden
24Key Features Customized Login Page
The WSG-5000 provides the standard login page for
subscribers to input username and password.
However, some service providers like hotels,
coffee shops and airports may want to show their
customized page or redirect their hosted page for
promotion or corporate image, therefore WSG-5000
allows service provider or venue owner to specify
or modify the login page.
Up Frame
Connect to the specified web page
Down Frame
Provided by WSG-5000 in order to enter the
username and password
http//210.208.100.1/hotel/hilton.htm
25Key Features Login Page Redirection
Web Server
Login Page
WSG-5000 provides Integration sample Code, so you
can make your own HTML login page.
Login Page
http//208.55.224.160/hotspot/authentication.html
26Key Features Advertisement Link
Allow Service Provider to enter 10 URL for
Advertisement Link purpose. Every time after user
login successful, WSG-5000 will redirect the home
page to specified URL link. (Random redirection)
www.yahoo.com www.msn.com www.aiallc.com
27Key Features Walled Garden
Walled Garden allows non-subscribers to access to
specific URLs without authentication
28Miscellanies
- Pass Through IP/MAC address
- Multiple WAN Connections
29Key Features Pass Through IP/MAC
Pass Through IP/MAC address is useful for VIP
users without authentication and for devices that
do not have a web browser (cash registers, for
example) or that are connected with LAN port
(wireless access points, for example).
WSG-5000
Built-in Auth.
ADSL /Cable Modem
Guest or Subscriber
Guest or Subscriber
Guest or Subscriber
Hotel Staff
Hotel Manager
VIP Guest or Subscriber
No Authentication required
Username and Password required
30Key Features Multiple WAN connections
The system provides alternative WAN connection
such as PPPoE, DHCP Client or Static IP for
service provider to establish their service
networking quickly and easily.
PPPoE
DHCP Client
Static IP
31User Experience
- Subscriber Login Scenario
32User Experience Subscriber Login - Scenario
The procedure shows typical user login experience.
Subscriber Login
Popup Information Window after login successfully
33Conclusion
WSG-5000 can help you
34WSG-5000 can help you
Integrated Solution for rapid deployment The
WSG-5000 Instant HotSpot is a complete access
controller for small to medium hot-spots. It can
serve up to 100 simultaneous users and it is an
ideal hotspot solution to be deployed in the
hotels, lobbies, coffee shops, RV parks, and
other sites that commonly host business travelers
and offers instant high-speed Internet
connections. It is perfect for nearly any Hotspot
application! Deliver instant PnP connectivity
service With its IP Plug and Play technology, the
WSG-5000 Instant HotSpot helps solve
connectivity problems by offering instant
Internet access without the need for
configuration changes to the client computer or
any resident client-side software and allows
guests to send E-mail as usual without changing
E-mail SMTP server settings even if their
configured mail server is unavailable or behind a
corporate firewall. Ready to accept credit
cards With built-in hooks for leading payment
gateways like
, the WSG-5000 Instant HotSpot provides the
most comprehensive solution for fully-automated
access to your WiFi hotspot in its class.
35WSG-5000 can help you
Sophisticated Remote Management The WSG-5000
enables you to manage all your underlying network
devices with Syslog messaging, SNMP and LAN
devices Management to reduce maintenance
overhead. Comprehensive security The WSG-5000
provides a fully-secure operating environment
with VPN pass through, SSL certificate, and Layer
2 Isolation V-LAN Security. Enhance Local and
Personalized Service The login and logout pages
are fully customizable. The WSG-5000 has the
ability to let you redirect end users to your
advertising web pages, increase your potential
for revenue and customize locations where
end-users can visit free (walled
garden). Built-in AAA/Billing System The WSG-5000
has built-in AAA and billing system that is
allowed manager to control user for Internet
access and billing mechanism individually without
any external AAA server and billing server.
36Wi-Fi Hot SpotWSG-5000 for Small to Medium Size
Hotspot Solution
ADSL / Cable Modem
RADIUS Server
Billing Server
Service Server
WSG-5000 Hotspot Gateway Up to 100
Simultaneous users
Network Operation Center
Ethernet Switch / PoE Switch
Wireless STA
37Hotel VDSL Phoneline SolutionWSG-5000 and VDSL
infrastructure (WiredWireless)
2F
Room201
Guest Rooms
Notebook with Ethernet Interface
VM-120 VDSL Modem
Wireless STA
Enjoy Internet with freedom
1F
Open Area
Lobby Pool Coffee shop Restaurants Gardens
VM-120 VDSL Modem
Wireless AP
Control Center
Staff Bypass
DSLAM/PBX
Internet
ADSL / Cable Modem
WSG-5000 Wireless Subscriber Gateway
VS-1200 VDSL switch
38Hotel HomePNA Phoneline SolutionWSG-5000 and
HomePNA infrastructure (WiredWireless)
2F
Room201
Guest Rooms
Notebook with Ethernet Interface
PEC-120 HomePNA Converter
Wireless STA
Enjoy Internet with freedom
1F
Open Area
Lobby Pool Coffee shop Restaurants Gardens
PEC-120 HomePNA Converter
Wireless AP
Control Center
Staff Bypass
DSLAM/PBX
Internet
ADSL / Cable Modem
WSG-5000 Wireless Subscriber Gateway
PS-80 HomePNA switch