HotSpotEngine Getting Started Guide

HotSpotEngine Getting Started Guide HotSpot Management Solution Version 1.2 Revision 2 (April 22.2010) 1

Table of Contents 1.System Installation. 3 1.1 Prerequirement. 3 1.2 PreInstallation.. 3 1.3 Installation processes... 5 1.4 Console login... 9 1.5 Change console password.... 10 2. System Configuration... 10 2.1 DHCP client configuration.. 10 2.2 Hotspot administrator panel login 10 2.3 Change administrator password... 11 2.4 Change network address.. 12 2.5 Change default gateway and DNS... 12 2.6 Change date and time... 13 2.7 Change hotspot identification.. 13 2.8 Create billing plan 14 2.9 Add hotspot user.. 14 3. Hotspot Operation. 14 3.1 Integration with your network. 14 3.2 Hotspot login 15 3.3 Hotspot logout.. 15 3.4.Hotspot usage information... 15 3.5 DDWRT Integration 15 3.6 Mikrotik RouterOS Integration... 17 3.7 Paypal Integration 19 4.Troubleshoot & Tips... 22 4.1 Alternative logout. 22 4.2 Change hotspot login page... 22 4.3 Limited 4GB issue 22 4.4 Checking Downloaded File.. 22 4.5 Client Unable to Browsing... 23 4.6 Activate Software License... 23 5.Support 23 2

1.System Installation To install HotspotEngine, download the ISO image from the website and burn it into a blank CDROM using any CD Burner of your choice. To boot up the computer, set up the computer BIOS to boot from CDROM drive as first priority and insert the prepared CD into the CDROM Drive. HotSpotEngine CD installer should begin to install automatically. Warning: during the installation process, the installer will format the entire partition of your harddisk and use all space of that drive. 1.1.Prerequirement By default HotSpotEngine will act as router for your network, even though built in authenticating feature service can be used by other network via NAS remote. Thus, we have to provide 2 network interface cards (LAN Card). In addition to the required hardware you will need an existing network infrastructure A minimal setup will require a broadband internet connection with router. This router can be either wired or wireless. You will also need a dedicated wireless access point to use as your public hotspot. HotSpotEngine then sits between your router and hotspot (see diagram below for better explanation) [_Hotspot_] <--> [_HotSpotEngine_] <--> [_Router/Modem Router_] <--> (Internet) You may be able to use a standard wireless router for your hotspot access point by disabling its DHCP, Router and Encryption functionality and using only the switch/lan port (do not use the WAN or Internet port to connect to the HotSpotEngine machine.) WRT54XX Port Information 3

This method works on many wireless routers but not all. If you are having problems receiving an IP address after installation and are using a wireless router as an wireless access point, you may need an actual wireless access point. 1.2.Preinstallation and Default Configuration HotSpotEngine Installation process is simple and straightforward. The installer will set default password for console login (user root), hotspot administrator panel login and also the default address of all networks. HotSpotEngine is configured with the following defaults: Default console login (SSH port 22) Username : root Password : hengine Default hotspot administrator panel (HTTP port 80, FTP port 21) Address : http://192.168.120.1/admin Username : admin Password : hengine Default WAN network address: IP Address : 192.168.1.2 Subnet Mask : 255.255.255.0 Default Gateway and DNS IP Address : 192.168.1.1 Primary DNS : 192.168.1.1 Secondary DNS : 192.168.2.1 Default LAN network address : IP Address : 192.168.110.1 Subnet Mask : 255.255.255.0 Default Hotspot Network : Hotspot Gateway : IP Address : 192.168.120.1 Subnet Mask : 255.255.255.0 LAN Network (DHCP) : IP Address Range : 192.168.120.2 192.168.120.254 4

Subnet Mask : 255.255.255.0 1.3.Installation Process The installer automatically detects hardware to find CDROM drive, and scans it content The installer also automatically detect Network Hardware (Network Interface Card) and later the default network address 5

The installer automatically erases and format hard disk and use the entire space on that disk 6

The Installer automatically installs base system and install required software 7

Eventually, the installer installs GRUB boot loader Installation Process completed, and it will be reboot the computer and eject CDROM drive 8

HotSpotEngine Installation takes approximately 8-13 minutes (tested on Intel Core 2 duo, RAM 4 GB), and will use about 400-500 MB of space. 1.4.Console Login After installation, HotSpotEngine configuration is needed. For safety reason, we strongly suggest to update the root password. Default console can be used to perform password changing. For your convenience, web based administration system can be used to manage hotspot system. However certain operations such as system upgrade and network connection tools (ping and traceroute) should be performed in console prompt. Future releases of HotSpotEngine, will change the system so it does not need console prompt. 9

1.5.Change Console Password Once logged to the system, please type passwd to change the console password 2.System Configuration 2.1.DHCP Client Configuration To remotely manage the system configuration, connect your client computer to LAN interface and ensure the computer to have an IP assigned from the server (DHCP). If client computer does not have an IP assigned, you may have to check the cable or the server interface to which you are connected. Try to reconnect using another installed interface. 2.2.HotSpot Administrator Panel Login Once IP address acquired, remote web configuration can be accessed using a web browser at (note: before you can access web configuration interface, it requires to activate the software by uploading license file, for futher information please read activate software license sub chapter on this document): http://192.168.120.1/admin Default login for the web configuration is admin with default password hengine. It is strongly recommended to change the default password once you are logged in. You may access web administrator panel login by accessing http://admin, (its valid when you have configured DNS server correctly). 10

2.3.Change Administrator Password To change administrator password, click settings tab and find submenu password. Enter the new password twice as shown, and click save to save the changes. 11

2.3.Change Network Address To change HotSpotEngine Network Address, you need to click networking menu at settings tab, and point your browser to Interfaces tab, there are 2 sub items: 1. WAN Interface Set WAN interfaces with your internet connection sources. A manual (static) IP Address must be set on the WAN Interfaces. DHCP assignment on these interfaces are not currently supported. If your WAN Interfaces should get an IP Address from a DHCP server, please assign the IP Address to the interfaces manually instead. 2. LAN Interface In most cases, changes to the LAN interface is not necessary. If you currently have a 192.168.110.x currently running on your network you will have to change the LAN Interface so it will not interfere with your current network. LAN Interface is the distribution interface that is connected to every client via Wireless AP or Switch Hub Once each interface is set up, click Save Setting and reboot to apply the changes. 2.3.Change Default Gateway and DNS A correct setting of Gateway and DNS of the router is also needed. To change the default gateway and DNS of your router, click on the Networking menu and click on Gateway and DNS subtab. Enter the IP Address default gateway, primary DNS, and secondary DNS on the corresponding fields. In most cases you don t have to reboot to apply the changes, however if your hotspot client is unable to resolv the domain, you should reboot the server. It is happened when the primary and secondary DNS IP Address is changed rather than use its default value, since captive portal service is still using the previous DNS IP Address. 12

2.4.Change Date and Time Once HotSpotEngine is connected to the internet, we can use NTP client feature to synchronize the date and time with any NTP server on the internet. Click settings tab, select system menu and then select date and time menu. Select the city that suits with your time zone since is not every city in the world is listed here Unless you have your own preferred Time Server, leave Time Server value as its default. 2.5.Change HotSpot Identification Hotspot identification can be changed in the Settings tab, and click on the generals. Find Hotspot Identification sub menu. Type hotspot s name, address, city, country and phone on the corresponding fields. These items will affect the hostpot login page (captive portal login) and the invoice. 13

2.6.Create Billing Plan To create billing plan, click on packages tab, then add prepaid or add postpaid. Billing plan is a template of the internet access configuration. Billing plan is used to generate voucher or manually add the users. If postpaid plan is selected, you have to define the corresponding tariff of it. Tariff is not necessary on prepaid billing. 2.7.Add User Account User accounts is a combination of username and password used to access services provided, distinguished in two types: Voucher: A prepaid voucher is a random generated users and passwords. Prepaid billing system is applied. Click Generate voucher to generate user accounts. User: A manually set user and password. Both prepaid and postpaid can be applied to manually added users. A postpaid account requires a postpaid billing plan. Click add user to manually add a user account. In addition when postpaid account is stopping the internet connection, the operator will be closing via bill menu and afterwards click print invoice. When the invoice has been created for the postpaid account, that account would not ever be used again. 3.Hotspot Operation 3.1.Integration with your Network To integrate HotSpotEngine into your network, connect your existing network into the WAN interface, and your wireless access point / switch hub into the LAN interface. 14

3.2.Hotspot login To connect to the internet, user must login to the captive portal, by opening any website using any browser. By accepting all certificates prompted, user will be redirected to the login page. Enter a valid user name and password and the user will be able to access the internet. If pop up blocker is not activated, a pop up window will appear showing the usage statistic of the user, and a link to logout page. 3.3.Hotspot logout To logout, click on the logout button on the pop up window, or by performing an alternative logout. For alternative logout detailed information, read alternative logout section at this document. 3.4.Hotspot usage information To view usage information of the current user, click the manage/refill account at the hotspot login page. Alternatively, the page can be opened at http://status/ using a web browser. 3.5.DDWRT Integration To integrate hotspotengine with DDWRT there are 2 ways to perform this : Turn DDWRT/WRT54XX into Regular AP/non routing The trick is to make sure DHCP server on ddwrt is turned OFF in the router/access point so that your wired/wireless clients get IPs from your Hotspotengine and use HE s captive portal. There are more details on the DD-WRT wiki but the main idea is that you set the WAN to "Disabled", Disable DHCP, and plug the AP into your network using one of the LAN ports instead of the WAN port (or use the "Assign WAN Port to Switch" feature). You can actually do this with basically any Wireless router without DD-WRT using the same basic steps (disable DHCP, plug into LAN instead of WAN). In addition please visit the following url : http://www.dd-wrt.com/wiki/index.php/wireless_access_point 15

Built-in Chillispot captive portal hotspot feature on DDWRT At this point your wired/wireless client will get IPs from your ddwrt instead Hotspotengine DHCP server. Only hotspotengine s http login page and radius feature will be used by ddwrt. Configure your ddwrt flashed router as needed, after everything works properly you can continue to configure ddwrt s built-in hotspot. For futher information how to implement this please visit the following links: http://www.dd-wrt.com/wiki/index.php/chillispot http://vuksan.com/linux/chillispot/dd-wrt-chillispot.html In order to integrate built-in hotspot feature on ddwrt with HE, do the following steps: 1) Please configure your ddwrt built-in hotspot as mentioned on the links, to integrate with hotspotengine please configure the following items: Primary Radius Server IP : Hotspotengine WAN IP Backup Radius Server IP : Hotspotengine WAN IP Redirect URL : http://your.wan.ip.address/portal/login.php Shared Key : put your desired shared key UAM Secret : if you are using default value from HE, the UAM secret is h3n91neu4ms3chret you can see in login.php file at the following line 16

$uamsecret = "h3n91neu4ms3chret"; You may change it, with your desired uam secret. Make sure you change both (ddwrt hotspot menu and login.php file) 2) Open hotspotengine administrator panel, click settings tab and then click NAS menu, fill the following form on NAS page as follow : NAS IP : your ddwrt IP Address (if you are using Internet based hotspot your ddwrt IP address is gateway/masquerade router IP, commonly a public IP address. Secret : your shared key as you put on ddwrt hotspot page Description : your desired description 3) Once you have configured them, login via SSH / console access to HE and type : /etc/init.d/freeradius restart 4) After rebooting the router, ddwrt will use hotspotengine s access portal and radius feature 3.6.Mikrotik RouterOS Integration You need to setup and configure your Mikrotik Router OS by using Winbox. Winbox is the graphical tool for configuring the Mikrotik Router OS. For further information how to setup Mikrotik Built-in hotspot please consult the Mikrotik s User Guide. This guide assumes you have configured Mikrotik Hotspot successfully. To integrate Mikrotik hotspot with Hotspotengine, please do the following steps : 1. You need to add hotspotengine s radius server as authentication and accounting server, In the hotspot profiles (IP -> HotSpot -> Profiles) choose your hotspot profile and in RADIUS tab check Use RADIUS, and check Accounting item, for Interim Update use : 00:05:00, in Login tab de-select Cookie, de-select HTTP CHAP and allow HTTP PAP 17

2. Use Hotspotengine as the radius server, click Radius and click the + sign to add hotspotengine s radius server. Click Service and then check hotspot, enter hotspotengine WAN IP address to Address item and enter Secret with your desired secret 18

3. Open hotspotengine administrator panel, click settings tab and then click NAS menu, fill the following form on NAS page as follow : NAS IP : your Mikrotik IP Address Secret : your secret key as you entered on Mikrotik Radius Secret item Description : your desired description 4. Once you have configured them, login via SSH / console access to HE and type: /etc/init.d/freeradius restart 3.7.Paypal Integration Hotspotengine can work together with paypal. Paypal is used to create voucher(prepaid account), After successful transaction is made paypal will contact hotspotengine server and ask the software to generate username and password, and then show on the screen. Always keep in mind that if we are going to use paypal with hotspotengine, hotspotengine should be placed on the internet (Public IP Enabled) the server is accessible from the internet. In addition you would need paypal business/premier account, personal account does not support. 19

To integrate Paypal with Hotspotengine, please do the following steps : 1. Firstly, we need paypal payment data transfer (PDT) token, please login to paypal and then go to your profile page. 2. On profile page you would see a menu called Website Payment Preferences, under selling preferences item, click on it (As shown below) 3. Turn on Auto Return, put hotspotengine paypal page (/paypal/pdt) along with your domain/ip address i.e http://www.yourhostname.com/paypal/pdt or http://123.456.789.111/paypal/pdt 4. Turn On Payment data transfer at website payment preferences 5. Submit your changes,and then go back to website payment preferences page,once you have gotten your identity token, copy and paste to hotspotengine payment page. Take a look the following picture. 20

6. On hotspotengine page (admin panel -> settings -> payment), paste the identify token taken from paypal website to paypal token item, change enable paypal to yes and put your paypal email address, if you are ready to go in production environment select paypal type to live. 21

7. If you wish to testing it, before go to production environment, please create sandbox account by visiting www.sandbox.paypal.com, and do the same steps as describe above, and then select sandbox in paypal type on hotspotengine admin panel payment configuration along with the given paypal sandbox email from paypal to paypal email item. 4.Troubleshot and Tips 4.1 Alternative logout Logout can be performed from by clicking on the link on the internet usage information window that pops up when login is performed. Alternatively, logout can be performed by opening http://exit on your browser. 4.2. Change hotspot login page To edit the Hotspot Login interface, download the login files from the WAN interface of the HotspotEgine via FTP connection (for security reason you can t access FTP through Hotspot Network). 1. Access the WAN IP address (i.e : ftp://192.168.1.2) through FTP client of your choice. 2. Login using the administrative user account. 3. Make a backup of all files. 4. To change the language used, edit loadlang.php and customlang.php in language folder. 5. To edit the layout and color, edit the php files in templates folder 4.3. Limited 4GB Issue Credit of a volume based account is currently limited to 4 GB. When 4GB is reached, the account can not login/counter not working properly due to the limited size in 32 bit system. To solve this problem, delete the user and recreate the user account, in addition you should inform the customer regarding this one. 4.4. Checking Downloaded File To check whether downloaded ISO file is correct / not corrupt, if you are using Microsoft Windows we can use md5summer program (http://www.md5summer.org), in Linux we can use md5sum command. Both softwares are used to check the generated checksum hash of downloaded file with checksum that we provided. 22

4.5. Client Unable to Browsing If you are experiencing this, you should check the following conditions : Check whether hotspot client is getting the IP address from DHCP server, in Windows you can use ipconfig/all from command prompt, in Linux you can use ifconfig from console prompt. Check whether hotspot client is getting the correct DNS IP address (primary and secondary DNS), please ping any domain on the internet to ensure this, if the client resolves to ip address it means there s no problem with DNS client. Check whether personal firewall/antivirus software that installed on hotspot client, may block the connection to HotspotEngine (port 80,443,3990) In Most cases if those conditions are normal, HotSpotEngine will show captive portal login and you can use internet normally. However if you are still experiencing the problem, you may restart HotspotEngine Server. 4.6. Activate Software License In order to use the software (web interface) we must activate the software by uploading license file via SFTP (secure File Transfer Protocol), please use the following steps (example below uses winscp, however you may use any SFTP software of your choice: 1. Please download windows SFTP software i.e : winscp at http://www.winscp.net 2. Install and open winscp, you may access SFTP port via WAN IP address/ Hotspot network 3. Type your WAN IP address/ default hotspot gateway (192.168.120.1) to host name field, and put your root username (root) and password (console password) on the required fields, select SFTP for file protocol field. 4. Click login, once you are logged in browse the directory path /usr/local 5. Drag and Drop your license file (at left window) to hotspotengine server folder (right window), make sure your current directory server (right side) path is /usr/local (see the current folder path info at the top of window browser) 6. Open hotspot administrator panel, put the default username and password, and now you can configure the software as needed. 5. Support If you are a valid customer / trial user, please contact us at support@hotspotengine.com for further assistance we will do our best to help you. 23