Solutions Support Event About us
 
1
2
3
 
Click to magnify
 
Feature
 | | |  
 
 

Features

  • User authentication with UAM (Universal Access Method), 802.1x/EAPoLAN, MAC Address
  • AAA RADIUS client and proxy server with EAP support
  • Universal Address Translation (UAT), web proxy support
  • WISPr compatible log-on via web browser with SSL/TLS
  • White List (walled garden area, free web sites) supported
  • Customizable welcome, log-on, and log-off pages, XML support(internal, external)
  • E-mail redirection
  • IP routing with IPsec and PPTP pass-through, NAT/NAPT
  • Per-user bandwidth management via RADIUS
  • WAN protocols: PPPoE, PPTP, DHCP client
  • DHCP server/relay/Client
  • VPN client: PPTP/MPPE, GRE
  • Management subnet for remote AP management
  • VLAN support
  • Multiple IP pools per LAN/VLAN
  • Remote management via SNMP v1, 2c, SNMP proxy, http(s), SSH, telnet, console
  • Up to 32 WISPs supported (32 RADIUS servers with backup server)

Public Access Control Gateway
The BROWAN Public Access Control Gateway (BG6020G) is a stand-alone network device with full-load capability and flexible network connection (Gigabit Fiber Optic Ports, Gigabit Copper Ports and 10/100Mbps Ethernet Ports). Also BG6020G could provide various functions for public Internet services, such as carrier-grade AAA (Authentication, Authorization and Accounting), IP Routing, and VPN functionality.

Multiple Authentication Methods
BG6020G supports many secure authentication methods including the standard web login, 802.1x/EAP, MAC authentication, and RADIUS. When using the web login method, all usernames and passwords are secured over SSL. EAP can be used either directly over 802.1x via RADIUS server or EAP authenticator resides within the Wireless LAN access point.

Accounting
For billing purpose, accounting information such as service time and data transfer volume is recorded by BG6020G in real time. The information will be forwarded to the network operation center through RADIUS server. A wide variety of billing plans from pre-paid time, pre-paid data token, post-paid subscriptions, pay-per-use and flat-rates are supported.

Backend Integration
BG6020G is fully based on the standard protocols and interfaces. It is compliant with the recommendations of the Wi-Fi Alliance ¡¥Best Current Practices for Wireless Internet Service Provider Roaming' (WISPr 1). Interoperability with leading RADIUS server and Web application servers (e.g. Funk) has been tested. For security, AAA functions and traffic management to the network operation center can be tunneled and encrypted by internal VPN gateway.

Multiple WISP Roaming
A single BG6020G can serve subscribers from multiple service providers through its integrated roaming logic. Beyond the RADIUS roaming, BG6020G supports up to 32 VLANs allowing network operators to define AAA and IP policies via WISP/VLAN.

Customizable Welcome Pages
Service providers can benefit from the flexible web redirection service by BG6020G. It provides a set of location, browser, and user-specific information to the backend system to enable personalized services by WISP. Detailed session and location information is available via Http(s)/XML interfaces. Web pages can be either stored locally on BG6020G or remotely on a web portal server.

None Configuration for Subscribers
BG6020G makes Internet access very easy and user-friendly.
Subscribers will be redirected to the provider's welcome page automatically regardless of their PC configuration. The UAT (Universal Address Translation) feature will accept and translate fixed company IP settings and web proxy configurations, so that users do not have to reset their corporate IP or web settings. Outgoing subscriber e-mails can be redirected to the operator's mail server in order to facilitate e-mail forwarding for foreign subscribers. The recipient sees the message as if it was sent from the user's home provider.

Remote Management
A variety of different management interfaces for remote configuration and monitoring, or updating BG6020G are available by access devices behind the controller. BG6020G can be managed via SNMP, http(s), SSH or telnet, or alternatively via the serial port.

Layer-3 Management
In a centralized network structure, the BG6020G and Browan's Access Ponits are separated at different location where one or more IP routers must be traversed via a layer-3 network. The layer-3 Management feature is to create GRE tunnels for the connection between them. The GRE tunnel enables the authentication traffic to be separated and to avoid presenting a web login page to a user already authenticated at layer-2. Therefore, the user could roam between different subnets without sign-in again and the connection would never be disconnected.

AP Client Isolation Policy
The AP Client Isolation mode prevents associated clients communicate with other wireless clients, only the Access Points. Furthermore, it also prevents clients under different Access Points to communicate to each other. The BG6020G enhances the client security and protect hotspot subscribers against any Intrusion or attacks within hotspot.