RADIUSdesk

Trace: click_to_connect_howto

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
user_guide:click_to_connect_howto [2016/06/12 21:34] adminuser_guide:click_to_connect_howto [2016/06/12 22:45] (current) – [Add the Click-to-Connect Button to the Log-in page] admin
Line 1: Line 1:
-====== Steps for a Clik-To-Connect Login Page ======+====== Steps for a Click-To-Connect Login Page ====== 
 ===== Create the Click-to-Connect Profile ===== ===== Create the Click-to-Connect Profile =====
  
 Weather you want to limit your click-to-connect users for one hour or one day or 1 GB of data, something **you have to add to the Profile Component** you choose is an attribute set that will **reset the limitation with every device**. Otherwise the first customer to connect will use up the allowed data and no one else will be allowed access. Weather you want to limit your click-to-connect users for one hour or one day or 1 GB of data, something **you have to add to the Profile Component** you choose is an attribute set that will **reset the limitation with every device**. Otherwise the first customer to connect will use up the allowed data and no one else will be allowed access.
  
-RADIUSdesk installs with two ready-to-use Click to connect Profiles.  Select the CTC-1Hour Profile for one hour free access and CTC-100M for 100Mb free access.+RADIUSdesk installs with two ready-to-use Click to connect Profiles.  Select the **CTC-1Hour Profile** for one hour free access and **CTC-100M** for 100MB free access.
  
-If you build your own Profiles:+====If you build your own Profiles:====
  
 For a Profile Component that limits Time, the following attributes  <wrap em>in red</wrap> are important to include: For a Profile Component that limits Time, the following attributes  <wrap em>in red</wrap> are important to include:
  
-==== One Hour free access per device per day ====+== One Hour free access per device per day ==
 ^ Attribute       ^ Check or Reply   ^Operator ^Value     ^ Comment    ^ ^ Attribute       ^ Check or Reply   ^Operator ^Value     ^ Comment    ^
 |Rd-Total-Time    |Check  |:=   | 3600       |This is in seconds  |Rd-Total-Time    |Check  |:=   | 3600       |This is in seconds 
Line 19: Line 20:
  
  
 +For a Profile Component that limits Data,  the following attributes <wrap em>in red</wrap> are important to include:
  
- +== 100MB Data free per device per day ==
-For a Profile Component that limits Data,  the following attributes are important to include:+
 ^ Attribute       ^ Check or Reply   ^Operator ^Value     ^ Comment    ^ ^ Attribute       ^ Check or Reply   ^Operator ^Value     ^ Comment    ^
-|Rd-Total-Data    |Check  |:=   50000000       |Multiply by 1024 if you want to be more technical :-P  |  +|Rd-Total-Data    |Check  |:=   10000000       |Multiply by 1024 if you want to be more technical :-P  |  
-|Rd-Reset-Type-Data |Check  |:=   dynamic       | The **dynamic** type has to be used together with **Rd-Reset-Interval-Data**  |+|<wrap em>Rd-Reset-Type-Data</wrap> |Check  |:=   <wrap em>daily</wrap>       | For each device to have this limit daily  |
 |Rd-Cap-Type-Data |Check  |:=   | hard       | Options are hard or soft. Soft will not cut the user off if they are over the limit  | |Rd-Cap-Type-Data |Check  |:=   | hard       | Options are hard or soft. Soft will not cut the user off if they are over the limit  |
-|Rd-Reset-Interval-Data |Check  |:=   | 3600       | Reset every 3600 seconds, thus one hour.  | +|<wrap em>Rd-Mac-Counter-Data</wrap> |Check  |:=   |<wrap em> 1</wrap>       | This counter will be enforced on each device connecting  |
-|Rd-Mac-Counter-Data |Check  |:=   | 1       | This counter will be enforced on each device connecting  |+
 |Fall-Through |Reply  |:=   | Yes       | Required to group these components together  | |Fall-Through |Reply  |:=   | Yes       | Required to group these components together  |
  
 +---------
  
-===== Counters that limit per device ===== +===== Create the Click-to-Connect User =====
-  * Sometimes we would like a data and/or time counter to be applied to each device connecting. +
-  * This comes in handy with the **Click-to-connect** feature of the Dynamic Login Pages. +
-  * One can then without much trouble assign a 50Mb daily limit to people visiting a coffee shop. +
-  * RADIUSdesk also has an enhancement to the regular daily, weekly and monthly counters. You can specify how often the counter needs to reset. +
-  * We can also specify the hour when the daily counter should reset. This is handy for hotels where people have to check-out **before** a certain hour and new people can check-in **after** that hour. +
-  * Let us look at a few practical implementations.+
  
-==== 50Mb Data per device - Reset each hour ==== +  *Create a New Permanent User called **click_to_connect@radiusdesk**. (Radiusdesk is the NAS ID of our default captive portal. Be sure to fill in <wrap em>YOUR NAS ID</wrap> after the **@** sign.)
-^ Attribute       ^ Check or Reply   ^Operator ^Value     ^ Comment    ^ +
-|Rd-Total-Data    |Check  |:=   | 50000000       |Multiply by 1024 if you want to be more technical :-P  |  +
-|Rd-Reset-Type-Data |Check  |:=   | dynamic       | The **dynamic** type has to be used together with **Rd-Reset-Interval-Data**  | +
-|Rd-Cap-Type-Data |Check  |:=   | hard       | Options are hard or softSoft will not cut the user off if they are over the limit  | +
-|Rd-Reset-Interval-Data |Check  |:=   | 3600       | Reset every 3600 seconds, thus one hour.  | +
-|Rd-Mac-Counter-Data |Check  |:=   | 1       | This counter will be enforced on each device connecting +
-|Fall-Through |Reply  |:=   | Yes       | Required to group these components together  |+
  
-==== 500Mb Data - Reset every 12 hours ==== +  * Give it the password of **click_to_connect**
-^ Attribute       ^ Check or Reply   ^Operator ^Value     ^ Comment    ^ +
-|Rd-Total-Data    |Check  |:=   | 500000000       |Multiply by 1024 if you want to be more technical :-P  |  +
-|Rd-Reset-Type-Data |Check  |:=   | dynamic       | The **dynamic** type has to be used together with **Rd-Reset-Interval-Data** +
-|Rd-Cap-Type-Data |Check  |:=   | hard       | Options are hard or soft. Soft will not cut the user off if they are over the limit  | +
-|Rd-Reset-Interval-Data |Check  |:=   | 43200       | Reset every 12 hours (43200 seconds) +
-|Rd-Mac-Counter-Data |Check  |:=   | 1       | This counter will be enforced on each device connecting +
-|Fall-Through |Reply  |:=   | Yes       | Required to group these components together  |+
  
-===== Create the Click-to-Connect User =====+  * Select the **Realm** and the** Profile** you want to use as discussed above.
  
-  * Click on Permanent Users on the RADIUSdesk home screen 
-{{:user_guide:permanent_users_icon.png?200|}} 
-  * Create a permanent user called **click_to_connect@radiusdesk**. (Radiusdesk is our NAS ID the default captive portal. Be sure to fill in YOUR NAS ID after the **@** sign.) 
-  * Give it the password of **click_to_connect** 
-  * Select the Realm and the Profile you want to use. We suggest an uncapped type profile. 
   * Also ensure that the **Cap type for Data** says on **Hard**.   * Also ensure that the **Cap type for Data** says on **Hard**.
-{{:user_guide:click_to_connect_03.png|}} 
-{{:user_guide:click_to_connect_02.png|}} 
-{{:user_guide:click_to_connect_01.png|}} 
-{{:user_guide:click_to_connect_04.png|}} 
  
 +  * Click **OK** 
 +
 +{{:user_guide:click_to_connect-perm.png?400|}}
 +<WRAP center round tip 60%>
 ==== Whats in a name? ==== ==== Whats in a name? ====
-  * You may wonder why we call the **Click-to-Connect** user **click_to_connect@fbt-01**.+  * You may wonder why we call the **Click-to-Connect** user **click_to_connect@radiusdesk**.
   * The name can be broken up in two parts.   * The name can be broken up in two parts.
   * The first part is everything before the **@**.   * The first part is everything before the **@**.
   * The last part is everything after the **@**.   * The last part is everything after the **@**.
   * The user's password has to be the same as the first part e.g. click_to_connect.   * The user's password has to be the same as the first part e.g. click_to_connect.
-  * The second part will be automatically added by the login pages when the user clicks the **Click-to-connect** button and is determined by a the configuration of the Dynamic login pages.+  * The second part will be automatically added by the login pages when the user clicks the **Click-to-connect** button and is determined by a the configuration of the Dynamic login pages 
 +</WRAP>
  
-Time to tackle the last bit which is the **NAS device** and **Dynamic login pages** and see how it all comes together.+--------- 
 +===== Enable the Click-to-Connect Button to the Log-in page =====
  
 +  * Click on **Menu -> Dynamic login pages** , The Dynamic login pages Window opens.
  
----------+{{:user_guide:menu-dynamic-login.png?200|}}
  
-===== Add the NAS device ===== +  * **Select** the Login Page you want to add Click-to-connect button to.
-  Click on **Menu -> NAS devices -> NAS devices** to open the NAS devices management applet. +
-  * Since the Coova Chilli captive portal used by **Funky Bean There** comes from an unknown IP Address we will add a NAS device with connection type **Dynamic client**. +
-  * We will use the value of **nasid** specified in the Coova Chilli set-up to uniquely identify the incoming connection. +
-  * We assume that it was specified as **fbt-01** (Short for Funky Been There - 01). The value of **nasid** will then be used by Coova-Chilli in the RADIUS requests which it sends out to the RADIUS server in the form of the **NAS-Identifier** attribute. +
-  * After you selected **Dynamic client** you can specify **Unique AVP combination** as **NAS-Identifier** and the value **fbt-01** in the **Dynamic AVP detail** sub-tab. +
-  * On the **NAS** sub-tab you can specify the **Name** also as **fbt-01** (It is a good convention to keep them the same) along with shared secret. This shared secret is the same as the one defined in the Coova Chilli configuration. +
-  * The realms should only show the **Funky Been There** realm. +
-<WRAP center round tip 60%> +
-When you do this action as the root user; the list of realms will change depending weather you decide to make a NAS device **available to sub-providers** or not. +
-</WRAP> +
-  * After you added the device; be sure to edit it again and ensure that the **NAS -> Optional info** sub-tab also have the NAS-Identifier specified as **fbt-01**. +
-  * Save you work and wait at least 10 minutes to allow the cron job to restart the FreeRADIUS server in order for this device to be added. +
-<WRAP center round tip 60%> +
-This cron entry runs a script to check if FreeRADIUS needs a restart +
-<code bash> +
-#Every 10 minutes to keep it stable +
-*/10 * * * * www-data /var/www/cake2/rd_cake/Console/cake -app /var/www/cake2/rd_cake Freeradius >> /dev/null 2>&+
-</code> +
-</WRAP> +
-  +
-Now that we have the NAS device added to RADIUSdesk; we can do the **Dynamic Login page**+
  
--------+  * Click **Edit** on the Action Toolbar in the Dynamic login pages Window.
  
-===== Add a Dynamic login page ===== +  * Click on the **Click-to-Connect Tab** in the Edit Window.
-  * Click on **Menu -> Dynamic login pages** to open the Dynamic login pages management applet.+
  
-<WRAP center round alert 60%> +{{:user_guide:enable_click-to-connect.png|}} 
-**Hey!!** There is already some login pages listed here+ 
 +  Tick the **Enable** check box to insert the Click-to-connect button on the Login page. 
 + 
 +  * If you want **no other** fields on the login page, also tick the **Only Click-to-connect** check box.  
 + 
 +  * Your login page should now look like this: 
 + 
 +{{:user_guide:free_access.png?400|}}
  
-  * If there happen to be login pages listed already which you did not intend to have listed, it is because that realm has the **Make available to sub-providers** option checked. 
-  * To fix this you have to log out as the current Access Provider and log in as root.  
-  * Now you can remove the unwanted login pages by un-checking that option. 
-  * Log in again as the Access Provider for **Funky Bean There**. 
-</WRAP> 
-  * Click on the plus sign in the toolbar and add the new Dynamic login page. 
-  * Add your own new Dynamic login page and make it **NOT** available to sub-providers. 
-  * After you added the Dynamic Login page you can further edit it by uploading photos for the slideshow. 
Last modified: 2016/06/12 21:34