D-Link DSA-3110, User Manual

Page 1: ...DSA 3110 Hotspot Service Gateway User Manual Rev 2 4 3 Jun 2009 RECYCLABLE ...

Page 2: ...terface 10 NET MENU 13 Network Interfaces 14 Configuring Static Interface 15 Configuring DHCP Interface 16 P T P Interfaces 16 Adding or Modifying PPTP Interface 17 Adding or Modifying PPPoE Interface 18 Applying Returning Configuration of Network P T P Interfaces 19 Network Statistics 20 Remote Access 21 Routing 22 Network Address Translation 24 DNS 25 DHCP 26 RADIUS 28 USERS AND GROUPS MENU 30 G...

Page 3: ... Loading Templates 43 Example of Custom Homepage Login Page 45 Allowed Networks 47 Free Surfing Zones 48 Default Language 48 Generator 49 Hotspot 50 SYSTEM MENU 51 Administrator Password 51 Configuration 52 Firmware Upgrade 54 System Time 55 System Log 56 Status Log 56 Ping Echo Request 57 SYSCTL 57 APPENDIX A RULES AND RESTRICTIONS FOR CREATING CUSTOM TEMPLATES 59 Page Format 59 General Structure...

Page 4: ...or users of the public network and the private one Using the DSA 3110 Hotspot Edition your organization is enabled to create a zone of public access including wireless keeping your private network secure and not accessible from outside and from the public access segment Regardless of the size and profile of the company the DSA 3110 Hotspot Edition used jointly with an access point or switch is the...

Page 5: ...ction Schemes Pictures 1 4 and 5 represent typical schemes for connecting the DSA 3110 Hotspot Edition Picture 1 A general scheme of the DSA 3110 Hotspot Edition connection in a public access zone jointly with the DSA 3100P thermal printer Page 5 of 61 ...

Page 6: ...DSA 3110 Hotspot Edition User Manual Picture 2 The UNS SP1 printer Picture 3 The CBM 910II printer Picture 4 A sample connection of the DSA 3110 Hotspot Edition in an Internet cafe Page 6 of 61 ...

Page 7: ...DSA 3110 Hotspot Edition User Manual Picture 5 A sample connection of the DSA 3110 Hotspot Edition in a hotel Page 7 of 61 ...

Page 8: ...ecific internal addresses are mapped to previously specified external addresses Dynamic NAT is a type of translation when a NAT enabled edge device is configured to translate internal private addresses to external public ones taken from a previously specified address pool As well several internal hosts of a network can use one external IP address which helps to save address space DSA 3110 Hotspot ...

Page 9: ...joint use with the DSA 3100P UNS SP1 or Citizen CBM 910II 40RF230 A cheque printers Built in DHCP server NAT Static routing Web based management interface SSH server CLI Configuration of interfaces with static address DHCP PPTP PPPoE Numerous features of iptables ip etc available from standard CLI of built in Linux OS Physical and Environmental Power supply external DC power adapter 5V 3A Reset to...

Page 10: ...ement interface includes a client side GUI and a HTTP server running on the DSA 3110 Hotspot Edition device Client to server communication is commonly realized via TCP IP port 80 To connect to the web based management interface of the device run a web browser on the management station and enter the IP address of the DSA 3110 Hotspot Edition device in the browser s address bar The default IP addres...

Page 11: ...ord page to change the password After successful registration the system statistics page is displayed Picture 6 The page displaying the system statistics The device allows changing the web based interface language in one click To do so click the English or Russian link in the right top corner of the screen You can switch to the other language from any page Page 11 of 61 ...

Page 12: ... via the hardware Reset button The hole of the button is located on the back panel of the device next to the power connector Use a small paperclip to activate the button insert it into the hole with the device turned on push and hold for 10 seconds If you act properly first the Status LED turns off for 2 or 3 seconds and then the LED blinks fast for some seconds which means the device is restoring...

Page 13: ...esources e g the Internet and all transmitted data are accounted automatically on the basis of time and traffic Ports 4 7 represent a switch with isolated ports i e packets cannot be transferred between the ports of the switch transferring packets to the other interfaces is only available Port 3 LAN2 interface Private LAN This port is mostly used to connect devices that form the internal Private n...

Page 14: ...Net menu Picture 8 The Net menu Follow the Network interfaces link Picture 9 The Net Network interfaces page You can enable disable stop or start any physical interface by clicking the relevant button located in the Actions column of the interface line To modify the settings of one of these interfaces follow the corresponding link e g LAN1 On the page displayed select the interface type Static or ...

Page 15: ...he subnet mask MTU The maximum transmission unit in the interface Optional MAC address The hardware address to be set for the interface Optional Metric The metric of the interface Allows assigning a priority for the interface The lower the value the higher is the interface priority Optional Default gateway The IP address of the default gateway Sets the address for routing packets to external netwo...

Page 16: ...ace type The type of configuration for this interface DHCP Start Select a radio button to enable or disable the interface auto start upon the load of the device Click the Save button P T P Interfaces This page is designed to modify the device settings and manage the PPTP and PPPoE interfaces of the device Go to the Net menu Picture 12 The Net menu Page 16 of 61 ...

Page 17: ...ng the relevant button located in the Actions column of the interface line To modify the settings of one of these interfaces follow the corresponding link to create a new p t p interface click the Add link On the page displayed select the interface type PPTP or PPPoE Adding or Modifying PPTP Interface Picture 14 Configuring a PPTP client for the interface Page 17 of 61 ...

Page 18: ...er Default route Select this checkbox to use the IP address of the server as the default route the destination address for all packets which routes have not been found Metric The parameter is used to assign a priority for this connection The lower the value the higher is the priority Start Select a radio button to enable or disable the interface auto start upon the load of the device Click the Sav...

Page 19: ...erver as the default route the destination address for all IP packets which routes have not been found Metric The parameter is used to assign a priority for this connection The lower the value the higher is the priority Start Select a radio button to enable or disable the interface auto start upon the load of the device Click the Save button Applying Returning Configuration of Network P T P Interf...

Page 20: ...Current configuration turns into the Previous one This management scheme provides for so called soft application of configuration for all network interfaces Picture 17 Rolling back to the previous configuration Network Statistics This page is designed to display network statistics the number of received transmitted packets errors etc for all physical and p t p interfaces running at the moment Pict...

Page 21: ...an access protocol HTTP HTTPS HTTP HTTPS to access the web based interface or SSH to access the CLI The page displays a set of rules that schedule access The rules are processed in the listed order downwards The arrow buttons located on the right of the rule table are used to change the order of the rules Picture 19 The Remote access page To add a new rule proceed to the Net Remote access page and...

Page 22: ...s click the Save button Routing This page is designed to add new static routes to the system routes for networks that are not connected directly to the device but are available through the interfaces of the device To modify the settings of static routing Open the Net Routing page Follow the Add routing link Enter the settings for the new route Destination network A destination network to which thi...

Page 23: ...SA 3110 Hotspot Edition User Manual Picture 21 Adding a new static route Picture 22 Applying the newly created static route Click the Apply button to apply the new configuration of routing Page 23 of 61 ...

Page 24: ...n the device The Factory button is used to restore the default setting of the NAT function By default the NAT function is enabled for the following networks 192 168 1 0 24 192 168 0 0 24 10 0 0 0 8 To modify the NAT settings do the following Open the Net Address translation page Click the Edit button Picture 23 The Net Address translation page Enter the slash separated pair of the subnet and subne...

Page 25: ...edirect the DNS requests of users to external DNS servers including the ones distributed by an ISP In this case the IP address of the device s LAN1 interface is specified as the DNS server and external DNS servers are specified in the device Note When you use the built in DHCP server the network parameters including DNS servers are distributed to clients automatically so you only need to specify e...

Page 26: ... of the pool of addresses used to distribute DHCP IP addresses to clients the Start address and End address fields Specify the number of IP addresses in the DHCP pool Specify the lifetime of the leased IP address of the DHCP server in minutes the time period of IP address lease at the end of this period the IP address is revoked and can be distributed to another device unless the previous device h...

Page 27: ...User Manual When you have specified the settings for your new DHCP server click the Save button on the Net DHCP Adding page and then click the Apply button on the Net DHCP page Picture 26 Adding a new DHCP server Page 27 of 61 ...

Page 28: ...e users of the local database Attention The data on the next time of authentication username and password check are contained in the SESSION_TIMEOUT field of the RADIUS packet For this reason the Account length parameter for the radius group users is useless though available on the page Attention The device can operate in both internal local DB and external located on the Radius server DB simultan...

Page 29: ...ing settings Authentication server address The IP address of the RADIUS authentication server the server where the external DB is kept Authentication server password The password to access the RADIUS authentication server Accounting server address The IP address of the RADIUS accounting server the server to which the data on users traffic are sent Accounting server password The password to access ...

Page 30: ...ne the access parameters profile for the users of this group such parameters as the bandwidth maximum access rate for the group and each group user individually the price per unit of information and the preset number of units in the group Groups may be of two types With time based access With traffic based access on the basis of consumed data For the first type of the groups the minute or hour mea...

Page 31: ...eft click the column heading An arrow appears in the heading of the column by which the table has just been sorted 2 Groups are filtered manually by entering the sequence of symbols by which groups should be filtered in the relevant fields of the Data filter section located above the columns of the group table The lines are selected by presence of the symbol sequence in the cells of the column For...

Page 32: ...unlimited expiration period so the cheque printer automatically creates new users but does not delete them from the system If you want the users created by the printer to be deleted automatically upon expiration of a specified time period edit the Account length parameter of the default group settings see below on how to configure the settings of a group The template of cheques issued by the print...

Page 33: ...0 has been specified for the field then the bandwidth is not limited and regarded as the maximum rate of the device 90 MBps 11520 KBps Quota A preset quota for users of this group the number of time or traffic units which can be paid for and used at once upon creating a user Account length A time period during which each user of this group can exist in the system from the moment of creation Option...

Page 34: ...on are handled as one user The local database contains accounts for all users of the public Hotspot network that are authenticated via HTTP In total you can create up to 250 users in the local database Each user belongs to a group which defines service data related to user data accounting the type of accounting the price unit the bandwidth etc for more details see the previous section The picture ...

Page 35: ...ields for filtering users the Data filter section 1 Users are sorted alphabetically by any column of the table To sort the users left click the column heading An arrow appears in the heading of the column by which the table has just been sorted 2 Users are filtered manually by entering the sequence of symbols by which users should be filtered in the relevant fields of the Data filter section locat...

Page 36: ... the file the Delete button The selected Overwrite existing checkbox allows creating new users with the names that have been already specified for users existing in the system the current ones are removed When you have performed the needed action for the file click the Return button Picture 37 Adding users from a file Additional Information on Users Page On this page you can obtain the information...

Page 37: ...system administrator manually END_OF_ACCOUNT The account lifetime is expired A user with such a status cannot be authorized by the system INTROERR Authentication error e g an incorrect password has been entered INTRODUCED Authentication has been passed successfully The access parameters are being configured SHAPED Authentication has been passed successfully The access parameters have been configur...

Page 38: ...s lifetime in the system auto the expiration period equals to the summary of the current system time and the value of the Account length field specified for the user s group manual the expiration period of the account is set manually irrespective of the value of the Account length field specified for the user s group unlimited the expiration period for the account is not set manual deletion is the...

Page 39: ... sort the users left click the column heading An arrow appears in the heading of the column by which the table has just been sorted 2 Active users are filtered manually by entering the sequence of symbols by which the users should be filtered in the relevant fields of the Data filter section located above the columns of the active user table For example when you enter def in the field above the Lo...

Page 40: ...f access to the global network through the device To suspend public access e g access to the Internet you must click the Logout button located at the bottom of the user statistics page Time and traffic are accounted until the button is clicked Note If a user has been inactive for 250 seconds this user is automatically logged out and public access for this user is blocked Inactivity is considered t...

Page 41: ...isabled Cheque Printing This page is designed to configure the cheque template issued by the connected thermal printer On the page you can change the values of fields and use every field to output textual or authentication data required for Hotspot users user name user password supplementary data for connection to the wireless network the network name encryption keys and type etc Authentication da...

Page 42: ...o not support Cyrillic symbols the fields containing such descriptions are presented in unreadable characters 2 When the special printer firmware designed for working with the DSA 3110 Hotspot Edition see here has been installed the UNS SP1 printer is represented DSA 3100P in the Select printer drop down list The Save button is used to save the cheque template to the device memory The Print button...

Page 43: ...tatistics pages If needed the administrator can substitute a previously created HTML page with the logo and design of the entity for standard HTML pages with the D link logo In addition the administrator can load all other files connected to the previously created HTML page or declared in it Images png gif jpeg etc Cascading style sheet files css Script files JavaScript VBScript etc To prepare you...

Page 44: ...ese names must be specified in the code of the HTML page To upload a custom template do the following 1 Proceed to the Options Upload templates page 2 Click the Choose button and select the required file on your local computer 3 Click the Upload button the name of the uploaded file appears in the Templates file list section 4 If the uploaded template uses css and script files repeat the last two s...

Page 45: ...et utf 8 meta http equiv cache control content no cache meta http equiv content style type content text css link rel stylesheet href templates user login css type text css head body inhibited_load on_load div id id_div_main_container form id id_form_main method post enctype application x www form urlencoded action index cgi div id id_div_login_input LNG hs_login input id A1 name A1 type text maxle...

Page 46: ...yle solid border top style solid border bottom style solid border left width 1px border right width 1px border top width 1px border bottom width 1px id_div_login_input div width 320px height 60px max width 320px max height 60px margin auto margin top 10px text align right id_div_login_input div input width 160px height 20px max width 158px max height 18px border left style solid border right style...

Page 47: ... name of the script file is specified in the demo template function on_load alert Your template has been uploaded Allowed Networks This page is used as an access filter to specify separate IP networks that can be authorized through the device Enter the ranges of IP addresses IP subnets in the Allowed nets field and click the Save button When you enter several IP subnets separate them by a space Pi...

Page 48: ... and click the Save button When you enter several IP addresses or IP subnets separate them by a space Enter the rate of access to free resources in kbps in the RATE KBPS field Attention Domain names are not supported In this field you can enter IP addresses or IP address ranges IP subnets only Picture 48 The Options Free surfing zone page Default Language This page is used to specify the default l...

Page 49: ...in characters The default value is 4 Max length The maximum length of the login username or password in characters The default value is 15 Case The case of characters upper lower any Allowed characters The values are manual or any When the manual option is selected the char digit and emphasis checkboxes are available You can select any of these checkboxes or all of them Prefix Specify characters t...

Page 50: ... public access zone and to disconnect all users from the access network simultaneously The Start button is used to enable the engine for user authorization The Stop button is used to disable the engine for user authorization The Restart button is used to suspend and then resume the engine for user authorization Picture 51 The Options HotSpot page Page 50 of 61 ...

Page 51: ...ttings Picture 52 The System page The Reboot button is used to restart the device Administrator Password Proceed to this page if you want to modify the settings of the administrator account used to access the web based configuration interface Picture 53 Changing the administrator password Page 51 of 61 ...

Page 52: ...ariffs Password Enter a new password for the selected user Password confirm Reenter the new password to avoid mistakes or misprints When you have modified the settings click the Save button Note When you select the Change system password checkbox the administrator password is changed not only for the web based interface but also for the CLI mode it is recommended to keep this checkbox selected Con...

Page 53: ...s the device is restoring the default settings After that the LED turns off for 2 or 3 seconds again and then the device is completely reset Restore Click this button to upload a previously saved configuration from a file on your local computer Click the Choose button to select a saved configuration file located on your computer Attention Upon loading a previously saved configuration the system ch...

Page 54: ... to upgrade the firmware the built in software of the device Picture 56 Upgrading the firmware through the web based interface To upgrade the firmware do the following Click the Choose button Select a firmware image file on your local computer Click the Save button Wait for several minutes Do not interrupt the upgrade process While the firmware is being installed the System Status log page of the ...

Page 55: ... server enter its domain name in the NTP servers field Picture 57 Configuring the system time To manually specify the date and time deselect the Enable NTP button then do the following Enter the current time and date to the fields Time and Date correspondingly Select your time zone e g Moscow time is GMT 3 Enable or disable automatic transition to daylight saving time standard time by selecting or...

Page 56: ...ged the results of the device load the work of the internal operating system of the device the time of users log in and log out If you select the Remote logging checkbox and enter an IP address in the Server field the log will be transmitted to UDP port 514 of the specified IP address Picture 58 The System log page Page 56 of 61 ...

Page 57: ... The Status log page Ping Echo Request Proceed to this page to test whether an IP address is reachable directly via the web based interface of the device To ping an IP address do the following Enter the relevant value in the Destination IP field Select the number of echo requests from the Count drop down list Click the Start button The output of pinging the specified IP address will be displayed o...

Page 58: ...an finely tune internal parameters of the Linux OS which is built in the DSA 3110 Hotspot Edition device Attention Incorrect settings may lead to complete malfunction of the system Please study documentation on the Linux OS man sysctl before configuring settings on this page Picture 61 System parameters of the Linux OS Page 58 of 61 ...

Page 59: ... dtd html xmlns http www w3 org 1999 xhtml xml lang en lang en head title D Link DSA title meta name author content D Link Russia meta name date content meta name generator content no generator meta name copyright content Copyright C 2008 D Link Russia meta name keywords content D Link DSA meta name description content D Link DSA meta http equiv content type content application xhtml xml charset u...

Page 60: ... path to a file you want to upload templates user file_name CSS Files Css files are connected via the following syntax link rel stylesheet href templates user name of css file type text css As the CGI program is located in the directory var www upon connection of a css file you should specify the path to the file with regard to this directory That is you should add the prefix templates user Exampl...

Page 61: ... the name of the file as the CGI program is located in the directory var www and all files uploaded by a user are located in the var www templates user Example img src templates user ttt jpg alt ttt Through css To add an image specify the name of the file containing the image in the css file without any prefixes Example div color FF0000 background image url ttt jpg Other Files xml txt Other files ...