YesTurnkey Qon™ QR-100 Wi-Fi Hotspot Access Gateway
YesTurnkey’s QR-100 Wi-Fi Hotspot Access Gateway enables wireless ISPs, enterprises,
or schools to deploy WLANs with user authentication support. Based on the Web Redirection
technology, when an unauthenticated wireless user is trying to access a Web page,
a logon page is shown instead of the requested page, so that the user can type his/her
user name and password for authentication. Then, the user credential information
is sent to a back-end RADIUS (Remote Authentication User Dial-In Service) server
to see if the wireless user is allowed to access the Internet.
User Authentication, Authorization, and Accounting (AAA)
- Web redirection. When an unauthenticated wireless user is trying to access
a Web page, he/she is redirected to a logon page for entering the user name and
password. Then, the user credential information is sent to a back-end RADIUS server
- Captive portal. The access gateway can be configured to use a captive portal
page on the Web server maintained by the WISP.
- CGI-Based Authentication. Username/password information can be sent by directly
calling a CGI (Common Gateway Interface) function on the access gateway. This feature
is useful for authentication automation achieved by a specifically designed program
running on the wireless client computer.
- Unrestricted clients. Client computers with specific IP addresses or MAC
addresses can bypass the Web redirection-based access control.
- Walled garden. Some specific URLs can be accessed without authentication.
These URLs can be exploited by WISPs for advertisement purposes.
- RADIUS client. The WLAN hotspot access gateway communicates with a back-end
RADIUS server for wireless user authentication, authorization, and accounting.
- Showing authenticated users. Showing the status and statistics of every RADIUS-authenticated
user. And an authenticated user can be terminated at any time for management purposes.
- Authentication session control. Several mechanisms are provided for the network
administrator to control user authentication session lifetimes.
- IEEE 802.1x. If a wireless client computer supports IEEE 802.1x
Port-Based Network Access Control, the user of the computer can be authenticated
by the access gateway and wireless data can be encrypted when the
digital-certificate-based EAP-TLS authentication method is selected.
- Access point. The wireless access gateway is equipped with a built-in
Access Point (AP), which bridges packets between the wireless IEEE 802.11g
network interface and the wired Ethernet interface.
- 64-bit and 128-bit WEP, WPA, WAP2. For authentication and data
- Enabling/disabling SSID broadcasts. The user can enable or disable the
SSID broadcasts functionality for security reasons. When the SSID broadcasts
functionality is disabled, a client computer cannot associate the wireless AP
with an “any” network name (SSID, Service Set ID); the correct SSID has to be
specified on client computers.
- MAC-address-based access control. Blocking unauthorized wireless client
computers based on MAC (Media Access Control) addresses.
- Wireless client isolation. Wireless-to-wireless traffic can be blocked so
that the wireless clients cannot see each other. This capability can be used in
hotspots applications to prevent wireless hackers from attacking other wireless
- Associated wireless clients status. Showing the status of every wireless
client that is associated with the wireless AP.
- Detachable antennas. The factory-mounted antennas can be replaced with
high-gain antennas for different purposes.
Internet Connection Sharing
- DNS proxy. The WLAN hotspot access gateway can forward DNS (Domain Name System)
requests from client computers to DNS servers on the Internet. And DNS 3 responses
from the DNS servers can be forwarded back to the client computers.
- NAT server. Client computers can share a public IP address provided by an
ISP (Internet Service Provider) by NAT (Network Address Translation).
- DSL/Cable Modem Support. Supporting dynamic IP address assignment by PPPoE
(Point-to-Point Protocol over Ethernet) or DHCP and static IP address assignment.
- Bandwidth control. Network bandwidth consumed by each client can be limited.
Clients are identified by MAC address range or IP address range.
- Firmware upgrade. The firmware of the WLAN hotspot access gateway can be
upgraded by HTTP.
- Configuration backup. The configuration settings of the WLAN hotspot access
gateway can be backed up to a file via HTTP for later restoring.
- Configuration reset. Resetting the configuration settings to factory-default
- Web-based management. Configuring and monitoring the WLAN hotspot access
gateway via a Web browser. The management protocol is HTTP (HeperText Transfer Protocol)-based.
The access gateway can be configured to be managed by specific hosts from the WAN
- SNTP. Support for absolute system time by SNTP (Simple Network Time Protocol).
- Dynamic DNS. Support for dynamic DNS services provided by YesTurnkey DDNS
service, so that the access gateway can be associated with a domain name even if
it obtains an IP address dynamically by PPP, PPPoE or DHCP.
- Local log. System events are logged to the on-board RAM of the access gateway.
- Remote log by BSD syslog. Systems events are sent in the form of Syslog to
a remote SNMP management server.
- Periodical restart every day. The access gateway can be configured to restart
at a specific time every day. This mechanism is aimed at solving lockup caused by
firmware bugs that surface only after the access gateway has operated for a long
- Software watchdog timer. The access gateway’s watchdog program periodically
checks statuses of system services. If any service stops responding, it will be
- Wireless LAN: IEEE802.11g
- Ethernet: IEEE802.3u 10/100BaseTX
- 2.4-2.4835 GHz (IEEE 802.11b: DSSS, IEEE 802.11g: OFDM)
Data Rate & Modulation
- OFDM @ 54Mbps
- CCK @ 11/5.5Mbps
- DQPSK @ 2Mbps
- DBSK @ 1Mbps
- USA: 1-11 (FCC)
- Canada: 1-11 (IC)
- Europe: 1-13 (ETSI)
- France: 10-13
- Japan: 1-14
- 64-bit and 128-bit WEP encryption
- WPA-PSK, WPA, WPA2
- WAN: RJ-45 x 1 (10/100BaseTX)
- LAN: RJ-45 × 5 (10/100BaseTX)
- Output: +5V with max. 2A current
- 165mm (L) × 117mm (W) × 30mm (H)
- Power x 1
- AIR x 1
- WAN x 1
- LAN x 4
** The features and specifications are subject to change
without notice and does not represent a commitment on the part of the vendor.
Latest updated: 2014/04/14