Hotspot Gateway¶
The RansNet Hotspot Gateway (HSG) is an integrated platform for delivering managed guest Wi-Fi and hotspot services — combining a captive portal, AAA/RADIUS authentication, per-user access control, and account management in a single solution. It powers everything from a simple guest splash page to large multi-VLAN, multi-portal deployments with billing and self-service.
Hotspot features are configured under HOTSPOT SETTINGS and HOTSPOT USERS in the mfusion management interface, or via the CLI on each device.
How the Hotspot Works¶
When a guest connects to a hotspot network, the system walks them through a standard flow:
- Connect — The guest joins the hotspot SSID and receives an IP from the instance's DHCP scope.
- Redirect — Unauthenticated traffic is intercepted and redirected to the captive portal login page.
- Authenticate — The guest logs in via the configured method (username/password, OTP, payment, etc.); credentials are validated against RADIUS.
- Authorize — The user's access profile is applied — bandwidth limits, time and data quotas, and access rules.
- Account — RADIUS tracks the session for analytics, billing, and policy enforcement.
Each hotspot instance maps to a LAN interface or VLAN, so a single gateway can serve multiple networks — each with its own portal, login method, and policies.
Core Components¶
Captive Portal¶
The branded login page guests see on connection. Supports multiple templates, flexible login methods (username/password, email/SMS OTP, direct access, payment gateway), and full customization. See Captive Portal Configuration.
Authentication (UAM/AAA/RADIUS)¶
Universal Access Method (UAM) integration with a local or external RADIUS server handles authentication, authorization, and accounting for every user session. See UAM/AAA/RADIUS.
Hotspot Instance¶
The per-network controller that ties together DHCP, portal, RADIUS, and access policy for a specific LAN interface or VLAN. See Hotspot Instance.
Access Profiles and Users¶
Access profiles define the authorization policy (speed, time, data, device limits) applied after login; user accounts and vouchers grant access. See Access Profile, User Management, and Guest Management.
In This Section¶
| Topic | Description |
|---|---|
| Overview | Hotspot architecture and the end-to-end user access flow |
| Captive Portal | Portal creation, login methods, branding, and seamless re-login (portal-sticky) |
| UAM/AAA/RADIUS | Authentication, authorization, and accounting via local or external RADIUS |
| Hotspot Instance | Per-VLAN instance: DHCP, portal binding, access control, and client-sticky |
| Access Profile | Authorization policy — bandwidth, time, data quota, and device control |
| User Management | Manual account creation, CSV/PMS import, and per-account access rights |
| Guest Management | Front-desk console for issuing guest accounts and vouchers |
Deployment Examples¶
For end-to-end hotspot deployments, see the captive-portal use-case guides:
- Basic Setup — Multi-SSID / multi-VLAN on-premise hotspot
- Hotspot Roaming — Seamless roaming across VLANs with one SSID and portal
- VLAN Steering — Dynamically assign users to VLANs by profile
- Captive Portal over SD-WAN (CloudX) — Centralized portal shared across remote sites
- Crew Wi-Fi Hotspot — Maritime fleet guest management
- Hotel Wi-Fi Hotspot — Hotel HSIA with PMS integration
- Payment Gateway — Monetizing guest Wi-Fi with paid plans