Справочник Пользователя для Interepoch Technology Inc. IWE3200
2
1.2. Features
z
User Authentication, Authorization, and Accounting
Web redirection.
When an unauthenticated wireless user is trying to access a Web page,
he/she is redirected to a logon page for entering the user name and password. Then, the
user credential information is sent to a back-end RADIUS server for authentication.
user credential information is sent to a back-end RADIUS server for authentication.
Local pages or external pages.
The IWE3200 can be configured to use log-on,
log-off, authentication success, and authentication failure pages, which are stored in
itself or stored in an external Web server maintained by the WISP. The contents of
local authentication pages can be customized.
itself or stored in an external Web server maintained by the WISP. The contents of
local authentication pages can be customized.
Advertisement links.
The log-off authentication page can be configured to show a
sequence of advertisement banners.
Unrestricted clients.
Client computers with specific IP addresses or MAC ad-
dresses can bypass the Web redirection-based access control.
Walled garden.
Some specific URLs can be accessed without authentication. These
URLs can be exploited by WISPs for advertisement purposes.
IEEE 802.1x.
If a wireless client computer supports IEEE 802.1x Port-Based Network
Access Control, the user of the computer can be authenticated by the access Router and
wireless data can be encrypted by 802.1x EAP authentication method combined with WEP
encryption.
wireless data can be encrypted by 802.1x EAP authentication method combined with WEP
encryption.
RADIUS client.
The IWE3200 communicates with a back-end RADIUS server for wire-
less user authentication, authorization, and accounting. Authentication methods including
EAP-MD5, EAP-TLS/EAP-TTLS, PAP, and CHAP are supported.
EAP-MD5, EAP-TLS/EAP-TTLS, PAP, and CHAP are supported.
Robustness.
To enhance authentication integrity, the access Router can be config-
ured to notify the RADIUS server after it reboots.
Showing authenticated users. Showing the status and statistics of every RA-
DIUS-authenticated user. And an authenticated user can be terminated at any time for
management purposes.
DIUS-authenticated user. And an authenticated user can be terminated at any time for
management purposes.
Authentication session control.
Several mechanisms are provided for the network
administrator to control user authentication session lifetimes.
z
IEEE 802.11b/g Compliant
Wireless Operation
Access Point. The AP enables IEEE 802.11 Stations (STAs) to automatically asso-
ciate with it via the standard IEEE 802.11 association process. In addition, the IEEE
802.11 WDS (Wireless Distribution System) technology can be used to manually es-
tablish wireless links between two APs.
ciate with it via the standard IEEE 802.11 association process. In addition, the IEEE
802.11 WDS (Wireless Distribution System) technology can be used to manually es-
tablish wireless links between two APs.
64-bit and 128-bit WEP (Wired Equivalent Privacy).
For authentication and
data encryption.