HOTSPOT GATEWAY
16 Introduction
Port Mapping
This feature allows the network administrator to setup a port mapping scheme that
forwards packets received on a specific port to a particular static IP (typically private
and misconfigured) and port number on the subscriber side of the NSE. The
advantage for the network administrator is that free private IP addresses can be used
to manage devices (such as Access Points) on the subscriber side of the NSE without
setting them up with Public IP addresses.
RADIUS-driven Auto Configuration
Nomadix’ unique RADIUS-driven Auto Configuration functionality utilizes the
existing infrastructure of a mobile operator to provide an effortless and rapid method
for configuring devices for fast network roll-outs. Once configured, this methodology
can also be effectively used to centrally manage configuration profiles for all
Nomadix devices in the public access network.
Two subsequent events drive the automatic configuration of Nomadix devices:
1. A flow of RADIUS Authentication Request and Reply messages between the
Nomadix gateway and the centralized RADIUS server that specifies the location
of the meta configuration file (containing a listing of the individual configuration
files and their download frequency status) are downloaded from an FTP server
into the flash of the Nomadix device.
2. Defines the automated login into the centralized FTP server and the actual
download process into the flash.
Optionally, the RADIUS authentication process and FTP download can be secured by
sending the traffic through a peer-to-peer IPSec tunnel established by the Nomadix
gateway and terminated at the NOC (Network Operations Center). See also, “Secure
Management” on page 18.
RADIUS Client
Nomadix offers an integrated RADIUS (Remote Authentication Dial-In User Service)
client with the NSE allowing service providers to track or bill users based on the
number of connections, location of the connection, bytes sent and received, connect
time, etc. The customer database can exist in a central RADIUS server, along with
associated attributes for each user. When a customer connects into the network, the
RADIUS client authenticates the customer with the RADIUS server, applies
associated attributes stored in that customer's profile, and logs their activity (including
bytes transferred, connect time, etc.). The NSE's RADIUS implementation also
handles vendor specific attributes (VSAs), required by WISPs that want to enable
more advanced services and billing schemes, such as a per device/per month
connectivity fee. See also, “RADIUS Proxy” on page 17.
To Next Page
Loading...
