Single LAN with Captive Portal

Single LAN Hotspot

This sample scenario represents the simplest HSG deployment, using HSG as a hotspot gateway and any type of wireless AP at the LAN side.

  • User can use any type of AP on the LAN side
  • All users and AP management IP are in the same flat network
  • A single landing page is used (can have multiple login methods on the same landing page for different user group access control)

Common use cases

Small Hotels | Large F&B | Retail Outlets etc.

Deployment of Single SSID, Default VLAN, and Portal Using UI

  • Upgrade the Hotspot Gateway box firmware version 20210213-2300. See link Upgrade Firmware

Step 1 – Physical Connection

  1. Connect the eth0 (WAN) Interface of HSG to ISP device (ONT or Modem)
    • Info The WAN port (eth0) of HSG is pre-configured to get Dhcp IP from ISP ONT/modem (or upstream router).
  2. Connect eth1 port of HSG to the LAN Switch.
    • InfoThe ETH1 port (eth1) of HSG is pre-configured to release IP to LAN.
  3. Connect the AP (3rd Party Access Point) to the LAN Switch.
    • Info Keep the Switch to default config (Flat Network). Configure AP to broadcast SSID and do not assign any VLAN.
  4. Connect eth2 port to a PC for Management access.
    • InfoThe ETH2 port (eth2) of HSG is pre-configured to release IP.

Step 2 – Access to Hotspot Gateway Management UI

  1. Login to Hotspot Gateway UI
    • on-premises Hotspot Gateway – Use the Management PC and browse to and with login with the credentials.


For Cloud-hosted HSG, User can contact the RansNet account manager for URL and login credentials.

Image 2: Hotspot Gateway login screen

Step 3 – Create Entity, User Account, and Permission for the User Account

  1. Create Entity – See link Create Customer Entity
    • User can use the Company name as entity name
  2. Create and Configure Permission for the User Account
    • Navigate to ‘ADMIN > Permissions‘. Click on the button and configure the required permission.
    • Recommendation – Create the new User Account and in the Profile field select ‘Super admin’ for this Scenario.
  3. Create User Account – See link Create User Account

Step 4 – Create Captive Portal and Login Method

  1. Create Captive Portal, Use the ‘Central‘ template’. See link Create/Edit Captive portal
    • InfoName the Portal Name as ‘Portaleth1
  2. Configure Login Methods for ‘Portaleth1‘. See link Login Method Types. Find the below details of the portal.
Portal Name: CPortal1
Portal Template: Central
Entity: [Customer’s Entity name]
Login Method: Standard Login Option
(Username & Password) & Email OTP
Table 1 : Captive portal Template details

Step 5 – Configure Hotspot Instance for the ETH1 interface.

  1. Navigate to ‘Hotspot Settings > Hotspot Instances’. Click on ‘eth1′ below the ‘interface’ column heading.

  • Step 5 – Cont…..
    1. Configure the Hotspot Instance settings as per the below table and save.
01Hotspot (Base)
Hotspot LANeth1
Hotspot Server / Ports192.168.8.1 / 4910, 5896
Client Network / Netmask192.168.8.0 /
Radius Server / / testing123
Hotspot PortalPaste the Full URL of the created Captive portal
Hotspot Instance (Optional)
Redirect / Success URL
Table 1: Hotspot Instance Setting

Step 6 – Configure Access Control

  1. Configure Username Password profile
    • Navigate to ‘HOTSPOT USERS > Access Profile’. Create a new Access Profile. See link New Access Profile
    • Select ‘User Authentication‘ from User type and enter the Username and password
    • Navigate to the ‘Account info’ tab on the ‘New User’ page and configure the relevant settings
  2. Configure Email OTP profile.
    • Info To configure the Email OTP profile, the user has to first test the Captive portal Email OTP authentication. After the first test is successful, the Email OTP auto-creates the profile in ‘Access Profile’ in the format of (RansNet_[Device Name]_[Interface Name]_[MAC Address, last 4 digits]_emailonepageotp. Eg : RansNet_mbox_br-vlan10_96-19_emailonepageotp). User can click on the Profile name and configure the account info settings as per the user requirement.


Users should use UI to configure, Captive portal. Login Method and Access Profile.

-----------------------------------Default Configuration--------------------------
hostname HSG800-WT
interface eth0
 description "Default connection to WAN"
 ip address dhcp
interface eth1
 description "Default connection to LAN"
 ip address
  lease-time 86400 86400
interface eth2
 description "Default OOB-Mgmt"
 ip address
  lease-time 86400 86400
interface eth3
 description "Reserved network"
interface loopback
 ip address
ip name-server
ip ntp-server
ip host rewrite
ip host rewrite
firewall-input 10 permit all tcp dport 80 src admin remark "WEB mgmt
from OOB"
firewall-input 11 permit all tcp dport 22 src remark "SSH mgmt from O
firewall-access 10 permit outbound eth0
firewall-snat 10 overload outbound eth0
security radius-server
 client key testing123 name HSG800WT
-----------------------------------Default Configuration--------------------------
security hotspot eth1
 hotspot-server ports 4910 5896
 client-local-dns on
 radius-server testing123

Deployment References Links (Videos/Demos)

  • Configure Login Method –
  • NOTE

    syslog server (user access logging) is enabled to collect DNS access logs and storing data up to the last 5 days.

    User access records are stored up to last 90 days

    User info (username and profile data) is kept unlimited