Single LAN Hotspot

This sample scenario represents the simplest HSG deployment, using HSG as a hotspot gateway and any type of wireless AP at the LAN side.

• User can use any type of AP on the LAN side
• All users and AP management IP are in the same flat network
• A single landing page is used (can have multiple login methods on the same landing page for different user group access control)

Common use cases

Small Hotels | Large F&B | Retail Outlets etc.

Deployment of Single SSID, Default VLAN, and Portal Using UI

Prerequisite

• Upgrade the Hotspot Gateway box firmware version 20210213-2300. See link Upgrade Firmware

Procedure

Step 1 – Physical Connection

1. Connect the eth0 (WAN) Interface of HSG to ISP device (ONT or Modem)
   • Info– The WAN port (eth0) of HSG is pre-configured to get Dhcp IP from ISP ONT/modem (or upstream router).
2. Connect eth1 port of HSG to the LAN Switch.
   • Info– The ETH1 port (eth1) of HSG is pre-configured to release IP to LAN.
3. Connect the AP (3rd Party Access Point) to the LAN Switch.
   • Info– Keep the Switch to default config (Flat Network). Configure AP to broadcast SSID and do not assign any VLAN.
4. Connect eth2 port to a PC for Management access.
   • Info– The ETH2 port (eth2) of HSG is pre-configured to release IP.

Step 2 – Access to Hotspot Gateway Management UI

1. Login to Hotspot Gateway UI
   • on-premises Hotspot Gateway – Use the Management PC and browse to http://10.10.10.1 and with login with the credentials.

Step 3 – Create Entity, User Account, and Permission for the User Account

1. Create Entity – See link Create Customer Entity
   • User can use the Company name as entity name
2. Create and Configure Permission for the User Account
   • Navigate to ‘ADMIN > Permissions‘. Click on the button and configure the required permission.
   • Recommendation – Create the new User Account and in the Profile field select ‘Super admin’ for this Scenario.
3. Create User Account – See link Create User Account

Step 4 – Create Captive Portal and Login Method

1. Create Captive Portal, Use the ‘Central‘ template’. See link Create/Edit Captive portal
   • Info– Name the Portal Name as ‘Portaleth1‘
2. Configure Login Methods for ‘Portaleth1‘. See link Login Method Types. Find the below details of the portal.

Portal Name: CPortal1 Portal Template: Central Entity: [Customer’s Entity name] Login Method: Standard Login Option (Username & Password) & Email OTP

Step 5 – Configure Hotspot Instance for the ETH1 interface.

1. Navigate to ‘Hotspot Settings > Hotspot Instances’. Click on ‘eth1′ below the ‘interface’ column heading.

• Step 5 – Cont…..
  1. Configure the Hotspot Instance settings as per the below table and save.

Step 6 – Configure Access Control

1. Configure Username Password profile
   • Navigate to ‘HOTSPOT USERS > Access Profile’. Create a new Access Profile. See link New Access Profile
   • Select ‘User Authentication‘ from User type and enter the Username and password
   • Navigate to the ‘Account info’ tab on the ‘New User’ page and configure the relevant settings
2. Configure Email OTP profile.
   • Info– To configure the Email OTP profile, the user has to first test the Captive portal Email OTP authentication. After the first test is successful, the Email OTP auto-creates the profile in ‘Access Profile’ in the format of (RansNet_[Device Name]_[Interface Name]_[MAC Address, last 4 digits]_emailonepageotp. Eg : RansNet_mbox_br-vlan10_96-19_emailonepageotp). User can click on the Profile name and configure the account info settings as per the user requirement.

-----------------------------------Default Configuration--------------------------
hostname HSG800-WT
!
interface eth0
 description "Default connection to WAN"
 enable
 ip address dhcp
!
interface eth1
 description "Default connection to LAN"
 enable
 ip address 192.168.8.1/22
dhcp-server
  lease-time 86400 86400
  router 192.168.8.1
  dns 8.8.8.8 8.8.4.4
  range 192.168.8.2 192.168.11.254
  enable
!
interface eth2
 description "Default OOB-Mgmt"
 enable
 ip address 10.10.10.1/24
 dhcp-server
  lease-time 86400 86400
  router 10.10.10.1
  dns 8.8.8.8 8.8.4.4
  range 10.10.10.10 10.10.10.20
  enable
!
interface eth3
 description "Reserved network"
!
interface loopback
 enable
 ip address 2.1.2.1/32
!
ip name-server 8.8.8.8 8.8.4.4
!
ip ntp-server 203.211.159.1 62.201.225.9
!
ip host macc.ransnet.com 2.1.2.1 rewrite
ip host splash.ransnet.com 2.1.2.1 rewrite
!
firewall-input 10 permit all tcp dport 80 src 10.0.0.0/8 admin remark "WEB mgmt
from OOB"
firewall-input 11 permit all tcp dport 22 src 10.0.0.0/8 remark "SSH mgmt from O
OB"
!
firewall-access 10 permit outbound eth0
!
firewall-snat 10 overload outbound eth0
!
security radius-server
 client 2.1.2.1 key testing123 name HSG800WT
 start
-----------------------------------Default Configuration--------------------------
!
security hotspot eth1
 hotspot-server 192.168.8.1 ports 4910 5896
 client-network 192.168.8.0 255.255.252.0
 client-static 192.168.8.0 255.255.252.0
 client-local-dns on
 redirect-url http://www.ransnet.com
 radius-server splash.ransnet.com testing123
 hotspot-portal https://captive.ransnet.com/RNSrilanka/CPortal1/login.php
 start

Deployment References Links (Videos/Demos)

• Create Captive portal – https://youtu.be/yrjAkt8XkT8
• Configure Login Method – https://www.youtube.com/watch?v=ggSg9NxykxU&t=220s

• Create Captive portal – https://youtu.be/yrjAkt8XkT8