Reset Search
 

 

Article

How to setup WiNG to enable HotSpot 2.0 global WiFi network?

« Go Back

Information

 
TitleHow to setup WiNG to enable HotSpot 2.0 global WiFi network?
Objective
What needs to be configured in order to provide HotSpot 2.0 functionality?
Environment
  • All Summit WM3000 Series Controllers
  • ExtremeWireless WiNG Controllers
  • ExtremeWireless WiNG Access Points
  • WiNG 5 Software
  • Hot Spot 2.0
  • Wi-Fi certified Passpoint
Procedure
Wi-Fi certified passpoint feature is supported since WiNG 5.6. It allows service providers to offload data to Wi-Fi.
This provides a guaranteed level of security for a user connecting to a hotspot and simplify the network discovery, selection and connection process for an end user.
There are given standards supported by the whole industry

When a certified wireless client discovers passpoint network and reads application/network information using the ANQP (Access Network Query Protocol) it receives details such as operator and venue name, connection information, network authentication realms and eap methods available.
Client can connect automatically to a network when it has credentials, or present the user a list of recommend networks. STA then connects securely using WPA2-Enterprise security
Other security benefits are built into passpoint networks, such as proxy arp, downstream-group-address-frame filtering, and P2P cross connect filtering.

ANQP attributes have to be configured in WiNG:

A) Using GUI

User-added image

User-added image


B) Using CLI

 
passpoint-policy HotSpot2
 access-network-type chargeable-public
 connection-capability http open
 domain-name <domain name>
 no internet
 ip-address-type ipv4 single-nat
 nai-realm example.com
  eap-method 1 tls auth-param credential cert
 nai-realm mail.example.com
  eap-method 1 ttls auth-param non-eap-inner mschapv2
  eap-method 2 ttls auth-param credential username-password
 nai-realm wi-fi.org
  eap-method 1 ttls auth-param non-eap-inner mschapv2
  eap-method 2 ttls auth-param credential username-password
  eap-method 3 tls auth-param credential cert
 net-auth-type accept-terms url <Terms & Agreement URL>
 operator name <operator name in plaintext>
 operator name iso-lang eng <operator ISO-639 name other than English>
 roam-consortium hex <ROAM consortium number>
 venue group business type research-and-development-facility
 venue name iso-lang eng <HEX venue name in ISO-639>
 3gpp mcc <MCC #> mnc <MNC #>
!
wlan HotSpot2
 ssid HotSpot2
 bridging-mode local
 encryption-type ccmp
 authentication-type eap
 protected-mgmt-frames optional
 proxy-arp-mode strict
 use aaa-policy default
 use passpoint-policy HotSpot2
!

Above marked HotSpot 2.0 attributes should be provided by the venue or network carrier.
Additional notes
More details about Passpoint / HotSpot 2.0 can be obtained from Wi-Fi.org

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255