Administrator Manual
The branch of the domain contains the HGWs and PGWs, depending on the authentication method you have selected in the domain.
HGW gateways are equipments placed between the access point network and internet, they route users ‘ anonymous requests to Welcome Portal or login page for registration or authentication.
Login credentials for the user can be provided directly by the manager of the HGW gateway or the user, if set out by the domain, may obtain them by registering independently to the service using the procedure specified to this phase.
PAEGW gateways are equipments to which the customers’s devices send authentication requests and which, in turn, forward them to the HSNM’s radius that checks the username and password and assigns the characteristics of the connections based on the product assigned to the user.
Login credentials for the user are generally created by the manager and provided to users.
PGWs are instead equipmenta to which the customers’ routers send authentication requests and that, in turn, they forward to the radius of HSNM that checks the username and password and assigns the characteristics of the connections based on the product that is assigned to the user. Technically, they are called NAS.
Managers create the login credentials for the user and provide them to the hotspot’s owner who will have to configure the routers.
By clicking the bar with the right mouse button or pressing the context properties button , you expand the context dropdown menu that contains a range of options grouped by: default; edit; admin; Welcome Portal.
It contains the following options:
| Option | Description |
| Dashboard | For further details about the contents of the various tiles, please refer to the “Tile Types of the Dashboards” paragraph. |
In addition to the standard options, contains the following options:
| Option | Description |
| Add Virtual Gateway | Allows you to add a virtual gateway. |
| Add Printer | Allows you to add a new HSNM Printer. |
| Add Map, Zone or Floor | Adds a map, a zone or a floor on which to place access points. |
It contains the following options:
| Option | Description |
| Connected Devices | For the HGW and PAEGW gateways reachable over the net by HSNM, if you have inserted the configuration data and if based on MikroTik RouterOS, it displays the list of the device connected in Wi-Fi. |
| Display All Connected Users | Shows in a table all users connected to the gateway. |
| Display All Users who Used this Gateway | Displays in a table all users who used or are using this gateway. |
| Download the Certificate for the Device |
Downloads the certificate to upload to devices for the WPA Enterprise authentication. Available only for domains with the authentication mode set to “WPA Enterprise” |
| Download Gateway Config Files | Downloads the configuration files, for Mikrotik RouterOS, of the gateway generated based on the parameters you have set |
| Download Walled Garden | Download a file with the list of the walled garden |
| Manufacturer’s Management Interface | Shows the page for managing the appliance made available by the manufacturer. |
| Gateway Route | Locates the gateway on a map and tracks the route taken. The gateway must be enabled to store GPS coordinates. |
| List of Access Points | Opens a page containing a list of all access points entered for the gateway. |
| Map of the Gateways | Shows the position of the gateways on the map based on the defined GPS coordinates. |
| User Traffic Log | Displays the traffic log files of the users of the gateway. |
It contains the following options:
| Option | Description |
| Bypass or block IP/MAC-address |
Opens the page that allows defining the IP address, the subnets or the MAC-addresses of devices that must bypass the Welcome Portal and/or that must be blocked for the specific gateway. Available only for HGW and PAEGW gateways. |
| Custom App | Goes to the management of the Apps customised and specific for the gateway. To make them visible in the Welcome Portal, you have to assign them in the configuration of gateway. |
| Custom Images | Opens the page for managing custom images for the gateway. They are usable only in the current gateway. |
| Download QR Code |
Downloads a PDF file with the QR Code and instructions for connecting. Available only for HGW gateways. |
| Languages | Allows you to define the images of all the languages and also the parameters for the additional languages
Available only in the Enterprise edition. |
| Surveys, Quizzes and Tests | Opens the page for managing surveys, quizzes and tests. |
| Templates | Allows you to manage the templates that customise the Welcome Portal for the gateway. |
| Translations | Allows you to customise, specific for the gateway, the texts displayed in the Welcome Portal, in the standard apps, in user login page without Welcome Portal and in the printing of “ Cards” or to add texts for additional languages. |
| User Interface Preview | Available only on gateway branches and it displays the user interface with the Welcome Portal or the login page based on how the domain is configured. |
| Walled Garden | Allows you to define the accessible URLs by users of the gateway without logging in and registering. |
To add a gateway, select the data tab, press the context properties button of the domain in which insert a gateway and select “ Add gateway”. While, to modify a gateway, always in the data tab, press the context button on the gateway and select “ Edit”. In both cases, a page appears that allows you to manage the contents of the following fields:
It is important to enter the GPS coordinates (latitude and longitude fields) eventually also derived in automatic way from the address. They are used to display the map of the gateways and for the geo referenced “ Advertising Campaigns“.
| Field | Description | ||||||||
| ID | ID of the record. Auto-assigned Identifier of the record. It can be used to use the API or external integrations.
It is displayed during editing phase of an existing data and not during insertion of a new record. |
||||||||
| Created on | Date and time of creation of the gateway. | ||||||||
| Gateway Name | Name assigned to the gateway.
Editable only if the user has permissions to manage the data of the gateway. |
||||||||
| Gateway MAC Address |
MAC address of the gateway used to recognize the correct domain and gateway when you perform either a redirect to the Welcome Portal or the radius login. If in the Redirect URL you specify the hotspotname parameter, using the name assigned in the “Gateway Name” field, you do not need to define it. If the gateway passes the “Calling Station ID” that matches the gateway name, you do not need to define it. If the radius cannot recognize the gateway from which the login request originates, the log contains an “info” that also defines the “Calling Station ID” passed in. In this case, define the gateway name with the value corresponding to the “Calling Station ID” or assign the value in this field. |
||||||||
| Title for the Authentication Method | Title displayed at the top of the login App for the authentication method. If you want to offer multiple authentication methods to users, proceed as follow:
In this way two TABs will be displayed in the login App where the users can choose the authentication method to use.
|
||||||||
| Address | Address where the gateway is installed. Used to calculate the GPS coordinates. | ||||||||
| ZIP Code | ZIP code. | ||||||||
| City | City where the gateway is installed. | ||||||||
| Country | Country where the gateway is installed. | ||||||||
| Phone | Telephone number of the person in charge. | ||||||||
| Mobile Phone | Mobile number of the person in charge. | ||||||||
| Activate Logs | Enables the registration of logs for the gateway. To enable this feature, it is necessary that IP address of the connection must be static, i.e. it does not change for each adsl reconnection of the manager. If it changes, the logs will not be registered because the IP is not recognised. Possible options are:
Editable only if the user has permissions to manage the data of the gateway. |
||||||||
| Internet Connection IP Address or DynDNS Name | Defines the IP address or DynDNS name with which the gateway will contact the HSNM. Mandatory if: you active the syslog filter in the system settings; if you want to to permit the disconnection of users from the backend from the page “ Connected devices”; if from the frontend of the user profile’s App it is allowed to disconnect the device. Editable only if the user has permissions to manage the data of the gateway. |
||||||||
| URL or IP to Access the Management Web | URL or IP to access the web management of the gateway
If the backend is in HTTPS and the web management access of the device is in HTTP, it will open a new browser tab. In other cases, it will open a new tab on the HSNM backend. |
||||||||
| Hardware Type | Hardware type of the gateway.
Warning! Ubiquiti UniFi Controller does not support or has errors in accounting radius. The data are correct only if the system is able to reach the UniFi Controller (usually with NAT or VPN rules) and compensate dicrectly for deficiencies by enabling the various parameters of the panel “Fields for Gateway Configuration” and under panel “Radius”. If it is not possible, it is recommended to use this type of gateway only for user authentication. The user data rate can not be parameterised by the products but can only be defined in the controller. Editable only if the user has permissions to manage the data of the gateway. |
||||||||
| Gateway RouterOS Version | RouterOS version.
Visible only if in the “Hardware type” field, you have selected “MikroTik”. Editable only if the user has permissions to manage the data of the gateway. |
||||||||
| Uptime | Updatime, active time of the gateway.
The field contains a value only if the gateway’s scripts are updated to version 6 and later. Visible only if in the field “Hardware Type” has been selected MikroTik. |
||||||||
| Welcome Portal Template | Declares the template to use for this gateway that parameterises the contents and the graphic unit interface of the Welcome Portal or login page. If you enable the “Use domain settings” option, it will use the template defined in the domain.
Selectable templates are coloured in base to the level they belong to. In specific, custom templates for the domain are displayed in light blue and in yellow ochre the ones for the system. |
||||||||
| Template Color Scheme | Colour scheme to use for the selected template. If you enable the “Use domain settings” option, it will use the colour defined in the domain. |
||||||||
| Advertising | Defines the type of advertising, derived from “ Advertising Campaigns“, that can be displayed to users. Possible values are:
If in the domain, you have defined to not display advertising, this value is not considered in this field. |
||||||||
| Surveys, Quizzes or Tests | Enables the request for surveys, quizzes or tests. Possible values are:
Editable only if user has the permissions to manage the domain data. |
Allows defining the parameters for the gateway’s geolocation and tracking.
| Field | Description |
| Longitudine | GPS coordinates of the gataway: longitude.
If not filled, it is defined by address. GPS coordinates are re-calculated automatically if not defined or if you change the address, city or country. To force coordinates, define address, city and country, save, then define the desired coordinates and resave. |
| Latitudine | GPS coordinates of the gataway: latitude. The display of the gateways’ maps automatically fills in this field, if not already filled, on the basis of the address, city or nation. To set coordinates, define address, city and country, save, define the desired coordinates and resave. GPS coordinates are re-calculated automatically if not defined or if you change the address, city or country. To force coordinates, define address, city and country, save, then define the desired coordinates and resave. |
| GPS Coordinate Storing | Enables or disables storing GPS coordinates sent every five seconds by the gateway.
Visible only with MikroTik hardware types. The tracking of the gateway’s GPS coordinates requires a GPS detector compatible and to be connected to the MikroTik. Moreover, on the MikroTik RouterOS there must be installed and enabled the GPS package. |
|
Vehicle |
Define the reference vehicle. To define the vehicle you need to purchase the “Fleet GPS Tracking & Telemetry” module. |
Using the parameters in this section you can set the times and the months of the gateway activation.
You can then create systems functioning based on the opening hours, days or months of the companies who offer the services.
| Field | Description |
| Timezone |
Defines the timezone of the gateway. The value entered affects the gateway’s activation times and the calculation of the speed modulation of products of guests. If you select “Use default”, it will consider the Timezone defined in the manager. |
| Operating Hours | Defines the operating hours of the gateway. The gateway will be active during the highlighted hours.Timetables depend on the selected Timezone. |
| Operating Days | Defines the operating days of the gateway. The gateway will be active on the highlighted days. |
| Operating Months | Defines the operating months of the gateway. The gateway will be active during the months that are highlighted, partially active in the months not highlighted or disabled in the months that are not highlighted. The gateway can be partially active in the non-highlighted months if in the manager or reseller has been defined a percentage in the “Reduce the Maximum Number of Users of the Gateway to” field. If the percentage is equal to zero, the system is disabled in the months that are not highlighted. With these options, it is then possible to define seasons or gateways with seasonal peaks. |
As described for the domain it is possible to inject popup for advertising or for information etc. in the Welcome Portal defined in the advertising campaign. If you are using a CO.IN. gateway (Content Injector for HSNM) it is possible to inject popups also on the external visited pages.
In this section, you can define, for each gateway, whether to activate or not this function and the parameters that will influence user’s experience.
The panel is not visible if advertising has been disabled in the “General Data” appropriate field.
| Field | Desciption |
| Popup Injection | It allows you to enter popups in the Welcome Portal and in the pages viewed by users during web navigation. The possible options are:
Warning! Injection works only if advertising module is active and advertising campaigns have been entered with content for injection. |
| Time of First Popup | Defines the number of seconds that must pass before the first insertion of popup. |
| Popup Frequency | Defines the frequency of the popups calculated in seconds. |
| Display in the Welcome Portal | If enabled, contents are injected also in the Welcome Portal. |
| Display the Toolbar | States whether to display the toolbar that allows the user to return to the Welcome Portal while browsing.
Requires the use of CO.IN. Not visible with “PAEGW”-gateway type. |
Allows defining some parameters for the CO.IN.usage (Content Injector for HSNM)
Not visible with “PAEGW”-gateway type.
| Field | Description |
| CO.IN. Gateway GUID |
GUID of the gateway CO.IN. to enable for this gateway. It is necessary to enter the GUID of the CO.IN.gateway for security reasons. After defining the GUID for this gateway, only the CO.IN. gateway with the same GUID will be able to perform the injection of contents |
| Wake On Lan | Wake On Lan for CO.IN. If enabled, it automatically turns the CO.IN. on in case it has accidentaly powered off or for example due to a temporary electrical power failure. This feature is available only if the gateway’s hardware is MikroTik-Type. |
| Use CO.IN. DNS | Use the CO.IN. DNS server to improve the performance and obtain, on CO.IN., the DNS usage statistics with the required domains.
In order to use this feature, it is necessary to have CO.IN. updated to version 2.0 or higher. |
Warning! CNA of Apple, Android and Windows Phone has problems with the injection of contents in the web pages viewed by users while browsing. If you want to enable injection please disable the CNA.
| Field | Description |
| App to Load | List of system Apps to upload for this gateway. To select the Apps, open the list by clicking in the field and make the selection. To remove an App already selected, click the button of the App already uploaded. In addition to the Apps specific for the domain (press the button of the domain properties then select “ Custom app”) and for the gateway (press the button of the gateway properties then select “ Custom app”), it uploads also the system Apps defined in this field. To see the system Apps, press the button of the properties on “ System” and select “ Custom app”. |
After authentication through social login, you can ask the user, depending on the used social networks, to press “I like”, “Follow” or “Circle”.
In order to do this, you have to indicate the URL of the page or the ID of the user who can be “liked” or to “follow”.
For a description on how you can create the pages, please refer to the section “enable social login” in this manual.
The values entered in the gateway are considered more important and specific than those of the domain. Therefore, if the same field is definable in both the gateway and the domain and you have entered the values into both levels, it will consider the ones of the gateway. If you do not enter them into the gateway, it adopts the ones of the domain.
Not visible with “PAEGW”-gateway type.
| Field | Description |
| URL or Page ID for “I Like” or “Publish” | Defines the complete URL (without HTTP://) or the Facebook page ID which the user can press “Like” on or “Publish a post” to. |
| Publish a Post to Facebook | At the registration or connection using Facebook, users have the possibility to publish a post on the activity log or user’s timeline. Possible values are: Use the domain settings: considers the domain settings. Yes: users can publish a post on to their timeline. Never: users cannot publish post and it ignores the domain settings. |
| Twitter Username | Define the Twitter username that the user must follow (Follower). When the user logs in, he may click “follow” before accessing the internet. |
Warning! If you have choosen the “QR Code & connect. No registration, no password” authentication type the CNA properties are always considered “Disabled”.
If you print cards with the QR Code, to facilitate the access, we suggest you to disable the CNA.
Not visible with “PAEGW”-gateway type.
| Field | Description |
| Disable the Apple CNA | If enabled, disables the Apple mini browser (captive network assistant) which has several limitations (e.g. it does not display the YouTube videos). The user must manually open the browser after having been connected to Wi-Fi. The option will be active from the next update of “ Walled Garden“ Not available if you have selected “Ruckus Access point”, “Ruckus Zone Director” or CISCO Meraki in the hardware type. In this case, you have to manually enter the Walled gardens in the configuration of the appliances. For the list of the Walled gardens to open, please refer to the “ Walled Garden” paragraph. |
| Disable the Android CNA | If enabled, disables the Android mini browser Android (captive network assistant) which has several limitations (e.g. it does not display the YouTube videos). The user must manually open the browser after having been connected to Wi-Fi. The option will be active from the next update of “ Walled Garden“. Not available if you have selected “Ruckus Access point”, “Ruckus Zone Director” or CISCO Meraki in the hardware type. In this case, you have to manually enter the Walled gardens in the configuration of the appliances. For the list of the Walled gardens to open, please refer to the “ Walled Garden” paragraph. Warning! The usage of Android CNA has several limitations: In some versions, it does not display YouTube videos; after the login, the CNA closes automatically and therefore user is no more inside the Welcome Portal and cannot be redirected to a Custom URL; pressing the Facebook button “I Like” on Android 6, it displays a blank white page and closes the Welcome Portal; etc. |
| Disable the Windows Phone CNA | If enabled, disables the Windows Phone mini browser (captive network assistant). The user must manually open the browser after having been connected to Wi-Fi. The option will be active from the next update of “ Walled Garden“.
Not available if you have selected “Ruckus Access point”, “Ruckus Zone Director”, CloudTrax or CISCO Meraki in the hardware type. In this case, you have to manually enter the Walled gardens in the configuration of the appliances. For the list of the Walled gardens to open, please refer to the “ Walled Garden” paragraph. Warning! The usage of Windows Phone CNA has several limitations: it does not display YouTube videos; after the login, the CNA closes automatically and therefore user is no more inside the Welcome Portal and cannot be redirected to a Custom URL; etc. |
|
Field |
Description |
|
Enable Google Analytics |
Enable the Google Analytics service. Google Analytics is a service that Google makes available to users to monitor their website or web service. Analytics is a real dashboard that shows statistics and data related to user access. |
|
Google Analytics ID |
Enter the Google Analytics ID (Es. UA-NNNNNNNN-NN). |
|
Enable Facebook Pixel |
Enable the Facebook Pixel service. |
|
Facebook Pixel ID |
Enter the Facebook Pixel ID (i.e. NNNNNNNNNNNNNNN). Facebook Pixel tracks the passage of users allowing you to measure actions and create more targeted advertising. |
| Field | Description |
| Maximum Number of Users |
Maximum number of users connected to the gateway. Once this number is reached, other users will no longer be able to connect unless there are disconnections. To indicate that the number of users is not limited, edit a zero value. It is used to create a multi-tenant system. If in the reseller and/or in the manager, you have specified a maximum value of users, then the minimum value in this field is equal to five. The maximum value that you can edit depends: on the “Maximum Number of Users per Gateway” defined in the reseller and/or in the manager, on the concurrent users defined in the “Maximum Number of Users” in the manager or reseller and on how many gateways you have already inserted. To not stress the system, the count of the current number of connected users is not done at every access to the Welcome Portal but every minute. In some special cases and on systems with lots of users, it may happen that the maximum number of defined users is exceeded. Editable only if the user has permissions to manage the data of the gateway. |
| Maximum Number of Views per minute |
The sum of the maximum number of views per minute, you need to enter in the manager’s gateways cannot exceed the value defined in the manager. A value of zero indicates that no limit has been set. It is used to create a multi-tenant system. It allows limiting the access to the Welcome Portal. When several devices try to view the Welcome Portal in the same minute and their number exceeds the defined value, the user will see a message that the system is busy and to wait for X seconds. Editable only if the user has permissions to administrate the reseller’s data. |
| Notes for the Gateway | Enter possible notes for the gateway.
Available only if the user has permissions to manage the data of the gateway. |
| Enable Notification |
Enables sending notifications for gateway monitoring. Available only for Mikrotik gateways. |
|
Verify Internet Connection |
Enable verifying Internet connectivity upon users login. If not active, the login procedure is faster but users are not notified if the Internet connection is missing. |
|
Show Wizard |
Show a notification on the dashboard inviting the user to run the initial setup wizard to configure the gateway. The value will be automatically disabled when the wizard runs and completes. |
| Lock the Gateway | If enabled, it blocks the logins to all users of the gateway.
Available only if the user has permissions to manage the data of the gateway. |
After you have entered and saved this information by pressing the button on the gateway properties in sidebar and choosing “ Download Gateway Config Files“, you can download a .zip file containing all the files necessary to configure a gateway and compatible based on MikroTik RouterOS.
This entire section is available only if the user has the permissions to manage the data of the gateway.
Visible only if the type of gateway is MikroTik.
Visible only if the type of gateway is MikroTik and not “PAEGW”.
| Field | Description |
| Authentication via Mac-address | If enabled, it is possible to create users with a username and password equal to the MAC address of the device. This avoids the Welcome Portal and consequently the manual registration and authentication phase.
Enable this option only if really necessary otherwise an authentication request will be senT to the Wifi connection of any device. |
| Field | Description |
| Use Wireless | If enabled, the commands for configuring the wireless card (WLAN1) will be added in the configuration script of the gateway and the hotspot service will be configured on this interface. If disabled, no wireless card will be configured and the hotspot service will be configured on the Ether2 |
| SSID | Enter the SSID of the wireless network that you want to be displayed by the users who connect to this gateway.
It appears only if “Use wireless” is enabled. |
| Field | Description |
| Force Disconnections | If enabled, connections not receiving updates from the gateway during the double of the time defined in the ‘Interim Update’ of the product policy, are automatically closed
For Ubiquiti UniFi Controller, we recommend you to enable this option. |
| Send Disconnection Requests to the Gateway | In addition to forcing disconnections, it also sends a radius request for disconnection to the gateway. Some types of gateways (i.e. Ubiquiti) may not send the stop to the radius and consider the device always active. If enabled, the gateway must be reachable via the port indicated with UDP protocol.
For Ubiquiti UniFi Controller, we recommend you to enable this option. For Mikrotik it is not available. |
| Port for Disconnection Requests | Port used by the gateway to accept the disconnection requests. Port 3799 is commonly used but it depends on the type of gateway.
For Ubiquiti UniFi Controller, we recommend you to enable this option. For Mikrotik it is not available. |
| Verify User Consumption | If the gateway does not support all the necessary radius attributes and the device is able to send the disconnection requests, the system periodically verifies the consumption of the connected users and in case they reach the time/traffic limits or at the expiration, it disconnects the user Wan. For Ubiquiti UniFi Controller, we recommend you to enable this option. For Mikrotik it is not available. |
|
Secret for Radius |
Password to be used when configuring the radius. |
Visible only if the type of gateway is MikroTik.
|
Field |
Description |
|
WAN Configuration Type |
Allows choosing how to configure the WAN.
If you choose “Manual Configuration of the Gateway”, all subsequent parameters of this section will be hidden. |
|
Same Network of the Appliance |
Enable it if the gateway is on the same network (physical and IP) of HSNM. If enabled, in the configuration script of the gateway, it will add the commands to define, in the DNS configuration, a static host that associates the domain name, defined in “System Setting”, to the IP address (generally private) of HSNM. Warning! If not enabled and the gateway is on the same network in the NAT of the appliance, the gateway may fail to contact HSNM. |
|
Addressing Mode |
Type of network addressing
“PPPoE Client”, “USB Modem” and LTE are not available for domains with PPPoE authentication type. |
|
Interface |
Select the WAN interface.
“WLAN2”is not available for domains with “PPPoE” as authentication type. Some (EtherX) interfaces are not in the list if they had been already used in the Hotspot Interfaces of the virtual gateways. |
|
Use a VLAN |
Enables or disables the use of a VLAN for the WAN interface. Visible only if you have selected “Ether1” or “WLAN 2” in the interface type. |
|
VLAN ID |
ID for the VLAN. It allows numeric values between 2 and 4095. Visible only if “Use a VLAN” is enabled. Visible only if you have selected “Ether1” or “WLAN 2” in the interface type and you have enabled “Use a VLAN”. |
|
Use DHCP client for the WAN |
Enables or disables the DHCP client for the WAN interface. If enabled, in the configuration script of the gateway it will add the commands to define a DHCP client in the network interface of the hotspot service that will be connected to the corporate network of the manager. If disabled, it will display the fields for the definition of IP address, subnet mask and gateway. These fields will be automatically added to the commands of the configuration script to define the IP address of the network interface of the gateway that will be connected to corporate network of the manager. Visible only if you have selected “Ether1” or “WLAN 2” in the interface type. |
|
WAN IP Address |
IP address that you want to assign to the WAN interface. Visible only if “Use DHCP” is enabled and if you have selected “Ether1” or “WLAN 2” in the interface type. |
|
WAN Network Mask |
Network mask that you want to assign to the WAN interface. Visible only if “Use DHCP” is enabled and if you have selected “Ether1” or “WLAN 2” in the interface type. |
|
WAN Gateway |
IP address of the gateway for the WAN interface. It should coincide with the private IP address assigned to the router of the internet connection of the manager. Visible only if “Use DHCP” is enabled and if you have selected “Ether1” or “WLAN 2” in the interface type. |
|
PPPoE Client Username |
PPPoE client’s username. Visible only if in the type of network addressing you have selected “PPPoE Client”. |
|
PPPoE Client Password |
PPPoE client’s password. Visible only if in the type of network addressing you have selected “PPPoE Client”. |
|
Dial on Demand PPPoE Client |
If enabled, it connects to the PPPoE server only when internet traffic is generated. Visible only if in the type of network addressing you have selected “PPPoE Client”. |
|
MTU PPPoE Client |
Defines MTU of the PPPoE Client’s interface. If it is defined to zero the MTU will not be set. Visible only if in the type of network addressing you have selected “PPPoE Client”. |
|
APN |
Enter the APN provided by the operator of the SIM card. Visible only if you have selected “USB Modem or LTE in the Addressing Mode. |
|
Authentication |
Enable SIM card authentication. Activation allows you to view the “Usermane” and “Password” fields. With some operators it is not necessary to enable it. Visible only if you have selected “USB Modem” or “LTE” in the Addressing Mode. |
|
Username |
Enter the username provided by the operator of the SIM card. Visible only if you have selected “PPPoE Client”, “USB Modem”or “LTE” in the Addressing Mode. |
|
Password |
Enter the password provided by the operator of the SIM card. Visible only if you have selected “PPoE Client”, “USB Modem” or “LTE” in the Addressing Mode. |
|
Modem Initialization AT Command |
Enter the AT command to use to initialise the modem. Visible only if you have selected “USB Modem in the Addressing Mode. |
|
Dial AT Command |
Enter the AT command to use to make the call. Generally ATDT. Visible only if you have selected “USB Modem in the Addressing Mode. |
|
USB Port |
Select the USB port of the MikroTik gateway where the USB modem is connected. Visible only if you have selected “USB Modem in the Addressing Mode. |
|
Dial Out Phone Number |
Enter the phone number provided by the SIM card operator in order to dial out. Visible only if you have selected “USB Modem in the Addressing Mode. |
Visible only if the type of gateway is MikroTik.
| Field | Description |
| SSL Certificate | Select thwe SSL certificate to use.
The list shows the “Non-private” certificates entered at the system, reseller and manager level. Editing this field or changing the certificate to “SSL Certificate” involves the automatic installation or update of the certificate installed in the gateways. When the certificate espires, then you simply have to change the certificate to “SSL Certificates”. For the “PAEGW” gateway types it can be defined for any HotSpot virtual gateway types. |
| Domain Name (Hotspot DNS Name) | Domain name used by the Hotspot service to load the login page.
It must correspond to the domain of the certificate selected in the “SSL Certificate” field. Not visible for “PAEGW” gateway types. |
| Add EtherX to the Guest Bridge |
If activated, it adds the gateway ethernet X to the bridge in order to activate the (HotSpot, WPA Enterprise or PPPoE) service even on the ethernet. To activate only if the gateway that you are configuring, has 2 or more network cards. If you are using the ethernet in the WAN, it will not appear in the list. |
Visible only if the type of gateway is MikroTik.
| Field | Description |
| Keep-Alive timeout | Defines the Keep-Alive timeout to check the accessibility of the client. If clients are no more reachable, for example for the loss of the WiFi connection, after the defined time they are disconnected automatically. For example, if you want to keep a user logged for any length of time without forcing him to relog even when he switches off his device, you have to define a sufficiently high time. The value is dynamically updated every five minutes in the gateways. Warning, disconnection can be caused also by the Timeout Idle and the Timeout Session defined in the product policy. If “Not Defined”, the client remains connected even if, for example, disconnects from the WiFi network or the gateway no longer reaches the HSNM. Any disconnection will be caused by the values defined in the policy of the products (“Session Timeout” and “Timeout for Idle”) or in the products (time and/or traffic credit or expiration). |
| IP Address | IP address to assign to the interface (WLAN1 or Ether2 depending if you have enabled the “use wireless” field) on which you will activate the hotspot service. |
| Network Mask | Enter the network mask that you want to assign to the interface (WLAN1 or Ether2 depending if you have enabled the “use wireless” field) on which you will activate the hotspot service. |
| DNS IP Addresses | Enter the IP addresses of the DNS servers (separated by commas) that you want to assign to the gateway. It is very important that the inserted DNS is operating, otherwise the users accessing the service may have problems viewing pages. |
| First IP Address for the DHCP Address Pool | Enter the first IP address of the pool of addresses that will be assigned by the DHCP server that is configured on the interface where the hotspot service will be activated on. The IP addresses of the pool will be assigned to the devices that connect. |
| Last IP Address for the DHCP Address Pool | Enter the last IP address of the pool of addresses that will be assigned by the DHCP server that is configured on the interface where the hotspot service will be activated on. The IP addresses of the pool will be assigned to the devices that connect. |
| DHCP Lease Time | Specify the lease time, expressed in hours, for the IP address assignment of the connected devices
Warning! Set a value equal to or greater than the maximum time for inactivity is defined in the product policy used in the domain. |
| Use a VLAN | Enables or disables using a VLAN for the bridge interface of the hotspot. |
| VLAN ID | ID of the VLAN. The numeric values allowed are from 2 to 4095
Visible only if “Use a VLAN” is enabled. |
Visible only if the gateway type is MikroTik and not “PAEGW”.
| Field | Description |
| GPS Available | Activate if the gateway supports GPS. |
| GPS Type | GPS type. If you use the integrated GPS (for example in the LtAP mini 4G Kit, LtAP mini, LtAP mini LTE kit, LtAP mini LTE kit-US models) it is advisable to connect an external GPS antenna. The possible options are: USB; Integrated. |
| USB Port for the GPS Antenna | USB port where the GPS antenna is connected.
Visible only if “USB” has been selected on “GPS type”. |
Visible only if the gateway type is MikroTik.
| Field | Description |
| Use VPN | Enables or disables the VPN configuration in the gateway. It can be useful if you want that, the hotspots managed by HSNM are on the same IP network of HSNM so you can e.g. activate the sending of LOGs also for hotspots connected to xDSL connection with dynamic IP. If enabled, in the configuration script of the gateway, it will add the commands to define a VPN client using the ”PPTP server name”, “Username PPTP” and “PPTP Password” fields. If disabled, it does not allow the inclusion of: PPTP server name; Username PPTP; Password PPTP. |
| PPTP Server Name | Host name or IP address of the PPTP server to which the gateway will connect to establish a VPN.
It is displayed only if “Use VPN” is enabled. |
| PPTP Username | Username for the PPTP connection.
It is displayed only if “Use VPN” is enabled. |
| PPTP Password | Password for the PPTP connection.
It is displayed only if “Use VPN” is enabled. |
Visible only if the gateway type is MikroTik.
| Field | Description |
| Minutes for the Update |
Defines the auto-update interval (in minutes) of the “ Walled Garden” (free URL) and of the IPs or MAC-address to bypass or block for the gateway. The minimum value is 5 minutes. Not visible for “PAEGW”-type gateways. |
| Monitoring Interval | Defines the interval (in minutes) for monitoring the status of the gateway and the access point. |
Visible only if the gateway type is MikroTik.
| Field | Description |
| Admin Password | Admin password for Router OS. |
| Custom Commands | Custom commands in addition to the standard ones to be included in the script generated for configuring the gateway. |
Visible only if the gateway type is MikroTik.
| Field | Description |
| Upgrade Script | If enabled, it upgrades the gateway scripts. After the upgrade the check is disabled in order to perform the upgrade once |
| Upgrade Config | If enabled, updates, reconfigures and automatically reboots the gateway (this feature is only available for the gateway configured from version 2.0.137 and later ones). After the update, the check is disabled in order to perform the update only once. Warning! If the data entered are incorrect, the gateway may not be any more accessible! |
| Import Users | If enabled, imports users from “MikroTik HotSpot users” generated by printers or external tools. |
In the upper-righ corner of the command bar, if you are editing a gateway, the following buttons are displayed:
| Button | Description |
|
Show Gateway Setup Wizard |
By clicking the button, you close the current page and show the setup wizard for configuring the gateway. |
| Upload Configuration | It allows you to perform the automatic configuration of the MikroTik gateway type. For further information, please refer to the “Upload MikroTik Configuration” paragraph described below. Visible only if you have chosen MikroTik as hardware type. |
Thanks to this feature it is possible to configure in a simple and automatic way the MikroTik gateway type.
When pressing the “Upload Configuration” button in the command bar, the following fields will be displayed:
| Field | Description |
| IP Address Assigned to the Gateway |
IP address assigned to the gateway. In order to upload the configuration, it must be reachable from the system. If you have not assigned it yet, log in to the router using WinBox and assign one to the IP/Addresses session. If you wish to use a specific port (the default one is 8728), define it after the IP address by separating it from the colon in the form “IP:Port”. |
| Username to Log In | Username to log in the MikroTik gateway. |
| Password to Log In | Password to log in the MikroTik gateway. On new devices, the password is empty |
By pressing the “Run” button, the gateway configuration will be performed.
At the end of the operation, a confirmation message or any will appear. If the upload has been successfully performed, the gateway will be automatically restarted.
To add a PGW, select the data tab, press the context properties button of the domain in which insert a PGW and select “ Add gateway”. While, to modify a PGW, always in the data tab, press the context button on the PGW and select “ Edit”. In both cases a page appear that allows you to manage the contents of the following fields
It is important to enter the GPS coordinates (latitude and longitude fields) eventually also derived in automatic way from the address. They are used to display the map of the gateways.
| Field | Description |
| ID | ID of the record. Auto-assigned Identifier of the record. It can be used to use the API or external integrations.
It is displayed during editing phase of an existing data and not during insertion of a new record. |
| Created on | Date and time of creation of the gateway. |
| Gateway name | Name assigned to the gateway. |
| Address | Address where the gateway is installed. Serve per calcolare le coordinate GPS. |
| ZIP | ZIP code. |
| City | City where the gateway is installed. |
| Country | Country where the gateway is installed. |
| Phone | Telephone number of the person in charge. |
| Mobile phone | Mobile number of the person in charge. |
| Active logs | Enable the registration of the logs for the gateway.
Visible only if you log in with administrator credentials. |
| Internet Connection IP Address or DynDNS Name |
Defines the IP address or DynDNS name that HSNM has to use to reach the gateway. Mandatory if: you enable the syslog filter in System Settings, or you need to allow disconnecting users from the back-end by selecting the “ Connected Devices” page or if you allow disconnecting the device from the front-end of the user profile App. Editable only if the user has permissions to administrate the data of the gateway. |
| Hardware type | Hardware type.
Visible only if you log in using the administrator credentials. |
| Gateway RouterOS version |
RouterOS version It is displayed only if you log in using the administrator credentials. |
| Uptime |
Gateway uptime. |
|
Maximum Number of Users |
Maximum number of users connected to the gateway. Oncethis number is reached, other users will no longer be able to connect unless there are disconnections. To indicate that the number of users is not limited, edit a zero value.It is used to create a multi-tenant system.If in the reseller and/or in the manager, you have specified a maximum value of users, then the minimum value in this field is equal to five. The maximum value that you can edit depends: on the “Maximum Number of Users per Gateway” defined in the reseller or manager, on the concurrent users defined in the “Maximum Number of Users” of the manager or reseller and on how many gateways you have already inserted. To not stress the system, the count of the current number of connected users is not done at every access to the Welcome Portal but every minute. In some special cases and on systems with lots of users, it may happen that the maximum number of defined users is exceeded.Editable only if the user has permissions to administrate the data of the gateway. |
|
Welcome Portal Template |
Declares the template to use for this gateway which parameterizes the contents and the graphic form of the Welcome Portal or the login page. If you enable the “Use default” option, it will be used the color you set in the domain. The selectable templates are colored according to the membership level. In particular, the customized templates for the gateway are in white, those of the domain in light blue and those of the system in yellow ocher. |
|
Template Color Scheme |
Color scheme to use for the selected template. If you enable the “Use default” option, it willuse the color you set in the domain. |
| Advertising
|
Defines the type of advertising, derived from “ Advertising Campaigns”, that can be displayed to users. Possibile values are:
Editable only if the user has permissions to administrate the data of the gateway and if you have not disabled the advertising in the domain. If in the domain you have defined to not display the advertising, the value of this field is not considered. |
|
Surveys, Quizzes and Tests |
Enables the request of surveys, quizzes or tests. Possible values are:
Editable only if the user has permissions to administrate the data of the domain. |
Allows to define the parameters for the gateway’s geolocation and tracking.
| Field | Description |
| Longitude | GPS coordinates where the gateway is installed: longitude. The display of the gateways’ maps automatically fills in this field, if not already filled, on the basis of the address. |
| Latitude | GPS coordinates where the gateway is installed: latitude. The display of the gateways’ maps automatically fills in this field, if not already filled, on the basis of the address. |
Using the parameters in this section you can set the times and the months of the gateway activation.
You can then create systems functioning based on the opening hours, days or months.
| Field | Description |
| Timezone |
Defines the timezone of the gateway. The value entered affects the gateway’s activation times and the calculation of the speed modulation of products of guests. Using this value, it is possible to parameterise international gateways with different time zones than the one set in the system, reseller or manager. If you select “Use default”, it will consider the Timezone defined in the manager. |
| Operating Hours | Defines the operating hours of the gateway. The gateway will be active during the highlighted hours.
Timetables depend on the time zone associated with the selected Timezone. |
| Operating Days | Defines the operating days of the gateway. The gateway will be active on the highlighted days. |
| Operating Months | Defines the operating months of the gateway. The gateway will be active during the months that are highlighted, partially active in the months not highlighted or disabled in the months that are not highlighted. The gateway can be partially active in the non-highlighted months if in the manager or reseller has been defined a percentage in the “Reduce the Maximum Number of Users of the Gateway to” field. If the percentage is equal to zero, the system is disabled in the months that are not highlighted. With these options, it is then possible to define seasons or gateways with seasonal peaks. |
| Field | Description |
| Notes for the gateway | Enter possible notes for the gateway.
It is displayed only if you enter using the administrator credentials. |
| Virtual Gateway with its Own Walled Gardens | If enabled, it allows generating walled gardens specific for each virtual gateway. If disabled, the number of the generated walled gardens will result much lower but shared with all the virtual gateways |
| Lock the gateway | If enabled, locks the log in to all users who try to connect to the gateway. |
After you have entered and saved this information by pressing the button on the gateway properties in sidebar and choosing “ Download Gateway Config Files“, you can download a .zip file containing all the files necessary to configure a PGW and compatible based on MikroTik RouterOS.
This section is displayed only if you enter using the administrator credentials.
| Field | Description |
| Authentication via Mac-address | Enables authentication via MAC address. Enabling this option, you have the ability to create users with username and password equal to the MAC address of the device, skipping the Welcome Portal and the entire manual registration and authentication process. Warning! Enable this option only if really necessary otherwise it will send an authentication request at the WiFi connection of any device. Not available for MikroTik-type gateways with PPPoE “Authentication Mode“. |
| Authenticate Users without Domain Name | Enables user authentication without the @NomeDominio suffix. In practice, the Real is automatically added by the PPPoE MikroTik NAS.
Available only for MikroTik-type gateways with PPPoE “Authentication Mode“. |
| Field | Description |
| Same network of the appliance | Enable it if the gateway is on the same network (physical and IP) of HSNM. If enabled, in the configuration script of the PGW, it will add the commands to define, in the DNS configuration, a static host that associates the domain name, defined in “ System Settings“, to the IP address (generally private) of HSNM. If not enabled and the PGW is on the same network in the NAT of the appliance, the PGW may fail to contact HSNM. |
| Interface | Select the WAN interface. Possible value is: Ether1. |
| Use a VLAN | Enables or disables the use of a VLAN for the WAN interface. |
| VLAN ID | ID for the VLAN. It allows numeric values between 2 and 4095. Visible only if “Uses VLAN” is enabled. |
| Uses DHCP client for the Wan | Enables or disables the DHCP client for the WAN interface. If enabled, in the configuration script of the PGW it will add the commands to define a DHCP client in the network interface of the PPPoE service that will be connected to the corporate network of the manager. If disabled, it will display the fields for the definition of IP address, subnet mask and gateway. These fields will be automatically added to the commands of the configuration script to define the IP address of the network interface of the PGW that will be connected to corporate network of the manager. |
| WAN IP address | IP address that you want to assign to the WAN interface. Visible only if “Use DHCP” is enabled. |
| WAN Network mask | Network mask that you want to assign to the WAN interface. Visible only if “Use DHCP” is enabled. |
| Wan Gateway | IP address of the PGW for the WAN interface. It should coincide with the private IP address assigned to the router of the internet connection of the manager. Visible only if “Use DHCP” is enabled. |
| Field | Description |
| Add EtherX to the PPPoE Bridge | If enabled, it adds the etherX of the to the bridge in order to activate the PPPoE service also on the ethernet. To be activated only if the gateway you are configuring has X or more network adapters. |
| IP Address | IP address to assign to the interface Ether1 on which you will activate the PPPoE service. |
| Network Mask | Enter the network mask that you want to assign to the interface Ether1 on which you will activate the PPPoE service. |
| DNS IP Addresses | Enter the IP addresses of the DNS servers (separated by commas) that you want to assign to the PGW. It is very important that the inserted DNS is operating, otherwise the users accessing the service may have problems viewing pages. |
| DHCP Lease Time | Specify the lease time (in hours) for assigning the IP address to the connected devices. |
| Field | Description |
| Keep-Alive timeout |
Defines the Keep-Alive timeout to check the reachability of the routers. If routers are no longer reachable, for example for the loss of the connection, after the define time, they are automatically disconnected. Warning! Disconnection can be also caused by the Timeout for Idle and the Session Timeout defined in the product policies. If “Not Defined”, the router remains connected even if no longer reached by the HSNM. Any disconnection will be caused by the values defined in the product policies (“Session Timeout” and “Timeout for Idle”) or in the products (time and/or traffic credit or expiration). |
| IP Address | IP address of the gateway interface (Ether2). |
| Network Mask | Network mask of the gateway interface (Ether2). |
| DNS IP Addresses | Enter the IP addresses of the DNS servers (separated by commas) that you want to be assigned to the PGW. It is very important that the DNS entered are functional. |
| DHCP Lease Time | Defines the Lease Time, expressed in hours, for the IP address assigment of the connected devices.
Warning! Set a value equal to or greater than the maximum idle time defined in the product policies used in the domain. |
| Use VLAN | Enable or disable the usage of a VLAN for the bridge interface. |
| VLAN ID | ID for the VLAN. The allowed numerical values are between 2 and 4095.
Visible only if “Use a VLAN” is enabled. |
| Field | Description |
| Use VPN | Enables or disables the VPN configuration in the PGW. It can be useful if you want the routers managed by HSNM are on the same IP network of HSNM so you can e.g. activate the sending of LOGs also for PGWs connected to xDSL connection with dynamic IP. If enabled, in the configuration script of the PGW, it will add the commands to define a VPN client using the ”PPTP server name”, “Username PPTP” and “PPTP Password” fields. If disabled, it does not allow the inclusion of: PPTP server name; Username PPTP; Password PPTP. |
| PPTP server name | Host name or IP address of the PPTP server to which the PGW will connect to establish a VPN.
It is displayed only if “use VPN” is enabled. |
| PPTP username | Username for the PPTP connection.
It is displayed only if “use VPN” is enabled. |
| PPTP Password | Password for the PPTP connection.
It is displayed only if “use VPN” is enabled. |
| Field | Description |
| Monitoring Interval | Defines the interval (in minutes) for monitoring the status of the gateway. The minimum value is 1 minute. |
| Field | Description |
| Admin password | Admin password for RouterOS. |
|
Save the Data Rate |
Saves the data rate of users, reading them from PPPoE MikroTik server. In this way you will be able to display the “Ethernet Data Rate (Last 24 Hours)” graph for the user. The data rate of users is read directly from MikroTik routers by connecting through the RouterOS APIs to the IP address of the WAN or to the IP address of the internet connection declared in the data of the gateway. |
| Custom Commands | Custom commands in addition to the standard ones to be included in the script generated for configuring the PGW. |
| Field | Description |
| Upgrade Config | If enabled, updates, reconfigures and automatically reboots the gateway (this feature is only available for the gateway configured from version 2.0.137 and later ones). After the update, the check is disabled in order to perform the update only once. Warning! If the data entered are incorrect, the gateway may not be any more accessible! |
In the upper-righ corner of the command bar, if you are editing a gateway, the following buttons are displayed:
| Button | Description |
|
Upload Configuration |
It allows you to perform the automatic configuration of the MikroTik gateway type. For further information, please refer to the “Upload MikroTik Configuration” paragraph described below. Visible only if you have chosen MikroTik as hardware type. |
Thanks to this feature it is possible to configure in a simple and automatic way the MikroTik gateway type.
When pressing the “Upload Configuration” button in the command bar, the following fields will be displayed:
| Field | Description |
|
IP Address Assigned to the Gateway |
IP address assigned to the gateway. In order to upload the configuration, it must be reachable from the system. If you have not assigned it yet, log in to the router using WinBox and assign one in the IP/Addresses session |
|
Username to Log In |
Username to log in the MikroTik gateway. |
|
Password to Log In |
Password to log in the MikroTik gateway. On new devices, the password is empty |
By pressing the “Run” button, the gateway configuration will be performed.
At the end of the operation, a confirmation message or any will appear. If the upload has been successfully performed, the gateway will be automatically restarted.