An Auth/gateway architecture is a construction that allows multiple HSMX devices to split functionality per machine and act as one-entity. One parent node handles Authentication while one or more children (called Gateways) execute the necessary packet-processing. When a subscriber connects to a subscriber network attached to a Gateway all unauthenticated traffic will be forwarded towards the Auth machine. Once the subscriber authenticates on the Auth machine, the Gateway is notified of the change and authenticated traffic egresses over the childs default gateway.
You can choose yourself which gateway you want to appoint as Auth gateway.
In order for the Auth gateway to connect to the network from the external gateway, the configuration for the interfaces on the gateway need to be set.
The rest of the configuration is done on the Auth gateway. Connections to the external gateways are configured here, you will also be able to indicate which subscriber networks need to forwarded to the Auth HSMX.
First we need to let the chosen gateway know that it will become the Auth gateway.
Other modes to set the gateway in are:
The Auth needs to know which gateways to control so we have to link them. When you set a gateway to mode ‘Authentication’, an extra tab - ‘Client gateway’ - will become visible under Periphery.
Now we have added the gateway we need to let the Auth HSMX know which subscriber network to control.
The Auth device is now set as parent of your other gateway. The subscriber network of your child gateway will now contain the IP of the parent device as virtual guest network. This means that an IP is set to which the child gateway will forward the user for authentication.
Now that you have set up the connection you can start configuring the portal and such. The idea is that you now configure your portals on the Auth gateway. When a user connects to the subscriber network of the portal he will land on the portal page configured on the Auth gateway.
User accounts are created and managed on the Auth HSMX. Accounts created on the Gateway cannot be used. The advantage of keeping accounts on the shared HSMX is that this way subscribers can use their account on every location where a HSMX connected with the Auth-gateway.
After I have added a gateway the connection is not accepted
I can connect to the subscriber network but I do not have access to internet & do not get a portal page
I can connect and the portal page appears but after that I cannot visit any site
When connecting to the network I still see the portal of the gateway itself, instead of that from the Auth