ระบบเครือข่ายไร้สายในโรงเรียน tot

(. .)

OTPC (Wi-Fi Network) -

OTPC (Wi-Fi Network)

................................................................................................................................... (OVERVIEW)..............................................................................................................................

SYSTEM OVERVIEW....................................................................................................... . OVERVIEW ................................................................................................................................... . ARCHITECTURE ............................................................................................................................

DESIGN .............................................................................................................................. . OVERVIEW ................................................................................................................................... . DESIGN ........................................................................................................................................ . OTPC WI-FI NETWORK DIAGRAM ................................................................................................ . AUTHENTICATION SOLUTION LOG SYSTEM ................................................ . (AUTHENTICATION) ..................................................................................... . ........................................................... . ............................................................ . ........................................................................... . .............................................................................. . (SELF-REGISTER) ............................................................................

ZYXEL SMART GATEWAY ..................................................................... . .................................................................................................................... . ...............................................................................................

ZYXEL WIRELESS ACCESS POINT ...................................................... ......................................................................

.......... . IP STAR .................................................................................. . OBEC-NET ................................................................................... . OBEC-NET ( ROUTER CISCO 892) ................................................. . OBEC-NET ( ROUTER CISCO 892) .............................................

............................................................................................................................................. ......................................................................................................................... .........................................................................................................................


(Overview)

(Wi-Fi Network) () (Wi-Fi Network)

.. . . IP-VPN (MPLS) IPStar

OBEC Data Center 2 ( Intranet) (Internet) MPLS/VPN (Multi-Protocol Label Switching / Virtual Private Network) (Bandwidth) (Internet) (Technological Progress)


SYSTEM OVERVIEW

. Overview One tablet per child

OBEC Data Center 2 (Intranet) (Centralized Management) (Internet) -

, (Authentication) (Log System) Digital file, Video on demand, Video streaming Cloud application

. Architecture

OBEC Data Center 2 New Generation Wireless Network (Hybrid Architecture) (Centralized Management) (Monitoring) (Troubleshooting) (Traffic Management) OBEC Data Center 2 (Authentication) .. (Log System) (Traffic Management) (Intranet) (Internet) (Firewall) (Hacker) OBEC Data Center 2


DESIGN

. Overview

OTPC Wi-Fi

.. Registration Service

.. Authentication and Authorization Service

.. Log System

Functional Scope

. Design

OTPC Wi-Fi OTPC Wi-Fi 2

.. (Firewall) ..

. OTPC Wi-Fi Network Diagram

(Centralized Management) (Authentication) (Log) (OTPC Wi-Fi Data Center )

.. Wireless Controller .. Portal WEB Server .. Network Management Server .. RADIUS Server .. LOG Server .. Disk Storage


(Authentication)

(Log) (OTPC Wi-Fi Data Center)


. Authentication Solution Log System

..

...

(Wireless Access Point) (SSID)

... Radius Server OBEC Data Center 2 . (Password) (Mac-address) (Intranet) (Internet)

... .. Log server OBEC Data Center 2 .


. (Authentication)

.. (Authentication) ... MAC Address Tablet PC ... User Authentication MAC Address Tablet PC Page User Login

.. (Authentication Solution)

... Authentication Solution with New Access point (ZyXEL NWA5160N) (Access Point) ZyXEL

NWA5160N Authentication (LAN) (Wireless) Access Point (Firewall) Radius Server Data Center Mac Address User Authentication Page User Login Login Mac Address User

... Authentication Solution with Other Access point (HP 410) (Access Point) HP

HP 410 Authentication (LAN) (Wireless) ) Access Point (Firewall) OBEC Radius Server Mac Address Page User Login Login


.

(Bandwidth) Tablet


.

. OBEC-Net ( Router Cisco 892)

Router Cisco 892

- Port WAN 1 Router Cisco 892 OBEC-Net IP 10.x.x.x/31 - Port WAN 2 Router Cisco 892 TOT-CAT MPLS IP 172.x.x.x/31 - Port 6 Router Cisco 892 Port P1 Firewall - Port 7-8 Router Cisco 892 HP 410

Firewall - Port P1 Firewall Port 6 Router Cisco 892 IP 10.x.x.x/27

- Port P3-P4 Firewall - Port P3-P4 Firewall Access Point ZyXEL NWA5160-N IP 172.16.1.x/24

- Port P6 Firewall Network IP 192.168.10.x/23

Network IP 172.16.1.x/24 192.168.10.x/23 Network

Firewall NAT overload IP 10.x.x.x/27

OBEC-Net ( Router Cisco 892)


. OBEC-Net ( Router Cisco 892)

Port P1 Firewall CPE IP 172.x.x.x/31 Port P3-P4 Firewall Access Point ZyXEL NWA5160-N IP 172.16.1.x/24 Port P5 Firewall Access Point HP410 IP 172.16.8.x/23 Port P6 Firewall Network IP 192.168.10.x/23

Network IP 172.16.1.x/24, IP 172.16.8.x/23 192.168.10.x/23

Network Firewall NAT Polling IP 10.x.x.x/27 Polling

OBEC-Net ( Router Cisco 892)


. OBEC-Net

- Port P1 Firewall CPE IP 172.x.x.x/31 - Port P3-P4 Firewall Access Point ZyXEL NWA5160-N IP

172.16.1.x/24 - Port P5 Firewall Access Point HP410 IP 172.16.8.x/23 - Port P6 Firewall Network IP

192.168.10.x/23

Network IP 172.16.1.x/24, IP 172.16.8.x/23 192.168.10.x/23

Network Firewall NAT Polling IP 10.x.x.x/27 Polling

OBEC-Net


. IP Star

- Port P1 Firewall UT IP Star IP

192.168.5.100/24 IP Alias 10.x.x.x/30 - Port P3-P4 Firewall Access Point ZyXEL NWA5160-N IP

172.16.1.x/24 - Port P5 Firewall Access Point HP410 IP 172.16.8.x/23 - Port P6 Firewall Network By Pass Port

P6 Firewall UT IP UT IP 192.168.5.X/24

Network IP 172.16.1.x/24 IP 172.16.8.x/23 Network

Firewall NAT Polling Public IP x.x.x.x/30 Polling IP Alias 10.x.x.x/30 OTPC Server OBEC Data Center 2

IP 192.168.5.X/24 By Pass Port P6 Firewall NAT Polling UT

IP Star


.

2 .. (Firewall) .. (Access Point)

... Port P1 Firewall Port P3-P4 Firewall Access Point ZyXEL NWA5160-N IP 172.16.2.x/23 SSID: Student Tablet 172.16.4.x/23 SSID: ICT Free WiFi 172.16.6.x/23 SSID: Guest 172.16.14.x/23 SSID: Student WiFi

Port P5 Firewall Access Point IP 172.16.8.x/23 Port P6 Firewall Network IP 192.168.10.x/23

OTPC WIFI


. Access Point

Bandwidth: . GHz

Mode: B/G/N

Channel:

SSID: SSID SSID1 : Guest Security

password obec_wifi SSID2 : Student_WiFi MAC - Authentication

1 SSID3 : OBEC 802.1X User Authentication SSID4 : MICT_free_wifi


SSID Notebook


. (Self-Register)


User Password

- ( Login ) - () - ( 5 ) - ()


ZYXEL SMART GATEWAY

.

Wireless Access Point Media Modem/Router ISP Power Adapter


.

PWR

) 5~10 ( SYS

) 5~10 ( AUX AUX

AUX AUX

Ethernet Link

- Ethernet Port Ethernet Port

Ethernet Port

USB USB Port USB Port

USB 3G

Card slot ( 3G card)


ZYXEL WIRELESS ACCESS POINT

1. Power Over Ethernet (PoE) Data Link

PoE ZyXEL PoE12-HP.


PoE

Device Device

PWR

2. PWR/SYS ETHN () 1000Mbps 100Mbps - WLAN -


Power / Sys

) 5~10 (

Ethernet 10/100 Mbps 1000 Mbps

Ethernet Port WLAN


. IP Star


. OBEC-NET


. OBEC-NET ( Router Cisco 892)


Registration Registration

Registration MAC Address Self Register

Authentication Authentication Authorize OBEC

Authentication

Portal WEB Portal WEB Authentication MAC Address

Portal WEB Server Self Register

SSID SSID (Service Set Identifier) Wireless LAN SSID

SSID 802.1x Authenticate client ( assign VLAN) Port switch

association Access Point Radius () User Certificate Password

dot1x (802.1x) authentication data-link layer user account LAN ( wire wireless) RADIUS server RADIUS authentication layer (layer 2) RADIUS RADIUS Extensible Authentication Protocol EAP

EAP LEAP, EAP-TLS, PEAP, EAP-FAST,... LEAP username password EAP-TLS digital certificate authentication EAP EAP dot1x

authentication client VLAN QoS


ACL traffic client authorization Cisco Identity-Based Network Service

MAC Address MAC Address (Media Access Control Address) Network Card(LAN ,

Wireless LAN) Network Card MAC Address 01-23-45-67-89-ab 01:23:45:67:89:ab

Bandwidth Bandwidth ()

bps (bit per second) , Mbp (bps*1000000) Bandwidth 14.4 Kbps Bandwidth -

Firewall Firewall

Hardware Software Firewall Network (Access Control) Firewall (Source) , (Destination) , (Service/Port) "" Firewall "" "" "" "" (Authorized) (Destination) (Unauthorized) Firewall


Modem (Modem) MOdulator/DEModulator ( )

(Digital) (Analog) (Analog) (Digital)

Router (router) (forward)

3 OSI Model

Switch (Switch) Hub

Wireless Access Point (Wireless Access Point) WAP AP

. AP ( )

Wireless Access Point

- Wireless Access Point Stand alone

- Wireless Access Point Wireless Controller Wireless Access Point Wireless Access Point

All in one Router All in one Router 4

- Modem - Router - Switching - Wireless access point

ระบบเครือข่ายไร้สายในโรงเรียน tot

Documents