SlideShare a Scribd company logo

Mimosa 2.4 Software Release: Key Features and Auto Provisioning Workflow

Mimosa Networks
Mimosa Networks

1) The 2.4 software release from Mimosa Networks includes new features like auto provisioning, VLAN tagging, and a fallback IP address for C5 devices. 2) The auto provisioning allows C5 devices to be automatically unlocked and configured through a Radius server integrated with a customer's billing system. This streamlines installation. 3) VLAN tagging options include assigning a unique VLAN per C5, double tagging with QinQ, and separate management VLANs for security. A persistent fallback IP address prevents loss of connectivity during installation.

Internet
1 of 31
Download to read offline
@GoMimosa Mimosa Networks 2.4 Software Release: Overview and Basic Training A5/A5c, C5/C5c PTMP, PTP Presented By: David Stiff Vice President, Product Management Mimosa Networks
• What’s in the 2.4 release? • Auto Provisioning Details • VLANs • Fallback IP Address • Mobile App 3.0 Agenda
• Auto Provisioning • 802.1x Secure Auto Connect for SRS • C5 Auto-Unlock for WPA2/Enterprise Security • Radius Subscriber/C5 Provisioning (VSA) • C5 Auto Configuration (file) • Fallback IP Address • VLAN per C5, VLAN double tagging (QinQ) 2.4 Major Features (1)
• KRACK (Key Reinstallation Attacks) Fix • Fix for both A5/A5c and C5/C5c • Enhanced Interference Rejection • Significantly improves performance in the presence of high interference • Improved Peak Client Throughput • As subscribers scale their networks above 25 stations, a single client can burst to utilize peak available capacity 2.4 Major Features (2)
• C5 Ethernet Data Port Authentication (802.1x) • A5 MAC forwarding table • SNMP enhancements • 802.1p Downlink Priority Tagging • Disable Traffic shaping for UDP traffic • C5 auto LED brightness, derives time from A5 • C5 follows A5 regulatory domain • Broadcast SSID is always enabled for CPE and Trunk mode. 2.4 Other Features
• C5 factory default mode is SRS • Improves SSID scanning and reduces a reboot step during initial setup • G2 no longer requires IP connectivity to A5 management interface for software upgrades • Enables A5/C5 to be in a separate management VLAN from the G2 • The SNR value is replaced with the EVM value and EVM is no longer shown as a separate statistic • C5 reset unlock command is removed • Resetting the unlock code is no longer necessary as the C5 learns it’s regulatory domain from the A5 it is associated to Noteworthy 2.4 Updates & Fixes
Auto Provisioning
C5 Auto Configuration • Dramatically shortens C5 installation time • Enables lower skilled installation technicians “Satellite TV Guys” • Automates C5 unlock and configuration • Integrates into customer billing system for subscriber provisioning & management • RADIUS based C5 Fresh out of box C5/C5c Update firmware from Mimosa App Associate Subscriber Info Provision C5/C5c Select Network and Aim Authenticate & Secure Client Uniquely
Conf iden tial WPA2/Enterprise Security (802.1X) C5 Authentication • 2-Factor authentication using EAP-PEAP & MSCHAPv2 • Mimosa device certificates (optional) • Predefined user/pass (MAC/Serial) or user defined Radius Subscriber Provisioning • Radius server integrated into customer’s billing system • Per subscriber provisioning of rate limits, VLANs, and network settings using Mimosa VSA library • Subscriber configuration update via Radius COA and DM C5 Auto-Unlock • Cloud connected A5 unlocks to the A5’s cloud account • C5 Follows A5 regulatory domain • Enabled when using WPA2/Enterprise Security C5 Auto Configuration (flat file) • Optional C5 settings can be loaded via a flat file located on customer’s file system Install App • Firmware updates, SSID Selection, Aiming Key Features Inventory Management on Mimosa Cloud • Easily scan C5 for inventory and RADIUS passwords. C5 Persistent Fallback IP address • C5 has a new non-routable persistent fallback IP address, preventing disconnects during installation. (169.254.200.20) C5 Auto Provisioning
Mimosa Cloud – Device Inventory 1 Scan C5 Inventory into Mimosa Cloud C5 Serial Number + MAC Export C5 SN + MAC & inventory .csv 2 Billing SystemImport into Subscriber Management system3
To enable auto-unlock and subscriber provisioning the following is required: • 2.4 Software (A5 & C5) • Mimosa cloud connected A5 • Radius Server • Minimum requirement is WPA2/Enterprise (802.1x) for C5 authentication to use auto-unlock • Recommended to use RADIUS VSA to provision the C5. For security, at least C5 management password • Automated Subscriber Management system (recommended) • Handles the automation of configuring RADIUS Auto Provisioning Requirements
C5 Auto Configuration Options Network & Management • C5 Management IP Information (DHCP/static) • Management VLAN • Management password • Device name Subscriber Provisioning • Traffic Shaping (Max UL/DL, Commit UL/DL) • Subscriber VLAN System Settings • Wireless MAC protocol • Firmware version & image location • Config file & location Network & Management • C5 Management IP Information (DHCP/static) • Management VLAN • Management password • Device name System Settings • Wireless MAC protocol • Firmware version & image location From Radius Subscriber + Device Config From Flat File Device Config Flat File location is configured via RADIUS Adding DHCP Option 66/67 config file location in next release RADIUS and Flat File format documentation & sample files are available online http://ap.help.mimosa.co/ug-radius-installation-files
Enterprise/RADIUS Authentication • Using IEEE 802.1X with RADIUS protocol • Supported for WiFi-Interop and SRS modes • Terminology • Two factor authentication • Outer Tunnel (between C5 and RADIUS server) -- Optional • EAP-PEAP using Mimosa Certificates (Authentication Server should be pre-configured with Mimosa’s Trusted CA certificates) • Inner Tunnel (between C5 and RADIUS server) • MS-CHAPv2 using a username and password (default username and password is the <C5-WIFI- MAC><C5-SERIAL-NUMBER>) C5 IEEE 802.1X Supplicant A5 IEEE 802.1X Authenticator RADIUS Server Authentication Server
Flat File Setup (optional) • Flat File location is pushed to the C5 via RADIUS • Supported file transfer protocols: TFTP, FTP, HTTP, HTTPS. • No per subscriber settings are available, use RADUIS for VLAN and rate limiting provisioning. • Flat File settings are useful for network wide device settings • DNS, SNMP, Syslog, etc Sample Flat File configuration for a C5 Management: DNS1: 8.8.8.8 DNS2: 8.8.4.4 EnableSNMP: True SNMPCommunityString: mimosa SNMPTrapServer: 1.1.1.1 NTPServerAddress: time.nist.gov RemoteSyslog: EnableSyslog: True SyslogServerAddress: 1.1.1.1 SyslogPort: 514 SyslogProtocol: UDP
Auto Provisioning Workflow 1 – Back Office • Inventory Mimosa products (generate credentials) • Customer provisions billing system/radius server with new C5 credentials • Customer ensures C5 configuration file is setup (optional) 2 – Onsite • Tech finds suitable C5 mounting location • Install App pushes firmware to C5 • Install App selects SSID and connects 3 – Automation • Association & 802.1x 2-factor Authentication (A5/Radius) • Subscriber & Device provisioning (Radius/File) • Auto C5 Unlock (Mimosa cloud) 4 – Onsite • Install App aims C5 • Tech secures C5 and finishes install AAA Radius Billing System (optional) File Server www.mimosa.co
Auto Provisioning Workflow 1 – Back Office • Inventory Mimosa products (generate credentials) • Customer provisions billing system/radius server with new C5 MAC/SN • Customer ensures C5 configuration file is setup 2 – Onsite • Tech finds suitable C5 mounting location • Install App pushes firmware to C5 • Install App used to select SSID and connect 3 – Automation • Association & 802.1x 2-factor Authentication (A5/Radius) • Subscriber & Device provisioning (Radius/File) • Auto C5 Unlock (Mimosa cloud) 4 – Onsite • Install App aims C5 • Tech secures C5 and finishes install AAA Radius (optional) File Server Billing System
Auto Provisioning Workflow 1 – Back Office • Inventory Mimosa products (generate credentials) • Customer provisions billing system/radius server with new C5 MAC/SN • Customer ensures C5 configuration file is setup 2 – Onsite • Tech finds suitable C5 mounting location • Install App pushes firmware to C5 • Install App selects best SSID and connects 3 – Automation • Association & 802.1x 2-factor Authentication (A5/Radius) • Subscriber & Device provisioning (Radius/File) • Auto C5 Unlock (Mimosa cloud) 4 – Onsite • Install App aims C5 • Tech secures C5 and finishes install AAA Radius Billing System (optional) File Server Auth & Provision Unlock
Auto Provisioning Workflow 1 – Back Office • Inventory Mimosa products (generate credentials) • Customer provisions billing system/radius server with new C5 MAC/SN • Customer ensures C5 configuration file is setup 2 – Onsite • Tech finds suitable C5 mounting location • Install App pushes firmware to C5 • Install App selects SSID and connects 3 – Automation • Association & 802.1x 2-factor Authentication (A5/Radius) • Subscriber & Device provisioning (Radius/File) • Auto C5 Unlock (Mimosa cloud) 4 – Onsite • Install App aims C5 (audio assist) • Tech secures C5 and finishes install AAA Radius Billing System (optional) File Server
Auto Provisioning Workflow 1 – Back Office • Inventory Mimosa products (generate credentials) • Customer provisions billing system/radius server with new C5 MAC/SN • Customer ensures C5 configuration file is setup 2 – Onsite • Tech finds suitable C5 mounting location • Install App pushes firmware to C5 • Install App selects SSID and connects 3 – Automation • Association & 802.1x 2-factor Authentication (A5/Radius) • Subscriber & Device provisioning (Radius/File) • Auto C5 Unlock (Mimosa cloud) 4 – Onsite • Install App aims C5 • Tech secures C5 and finishes install AAA Radius Billing System C5 (optional) File Server
A5 GUI Configuration Authentication Configuration Accounting Configuration CoA Configuration Accounting supports START and STOP messages Secondary servers are optional Wireless->SSID->Edit
CPE Ethernet Port Authentication • IEEE 802.1X Port based Authentication • Enabling RADIUS authentication of the devices connecting to Ethernet Port of C5 • Terminology • Ethernet Port is disabled for data traffic till RADIUS authentication is successful Device connecting to Ethernet port of C5 Supplicant C5 IEEE 802.1X Authenticator A5 Authenticator Proxy RADIUS Server Authentication Server Configured in Wireless->SSID->Edit 802.1x port authentication AAA Radius
VLANs
Subscriber network Untagged or untagged Unique VLAN tag per C5 data packet InternetRouter A5 C5 802.1Q VLAN Trunk VLAN per C5 • Enables VLAN tagging per C5 for upstream device client isolation and identification (802.1Q) • Supports VLAN double tagging for QinQ • Support for separate C5 management VLAN • Secures management VLAN from subscriber access
VLANS tagging is enabled when using Fixed/CPE SSID Mode. Independent from the Management VLAN. Trunk mode (pass through) is used to transport existing VLANs. • Per CPE VLAN • Adds a VLAN tag per client assigned manually or via RADIUS • Default VLAN tag is used when no per C5 VLAN configured. Useful as the a provisioning VLAN until a subscriber VLAN is set. • Multiple C5/clients can use the same VLAN. • SSID VLAN • Adds the same VLAN tag for all C5/clients connected to an SSID • QinQ Support • Utilize both CPE VLAN and SSID VLAN for stacked or double tagged VLANs. • C-VLAN – VLANs from the customer network are allowed to pass-through • CPE VLAN (CPE S-VLAN) is first tag, SSID VLAN (S-VLAN) is the second tag. Understanding Data VLANs
Enabling VLANs SSID and CPE VLANs are enabled in the Wireless->SSID page • The SSID VLAN will add the same VLAN tag to all C5 client. • Enabling CPE Data VLAN will add a tag per C5 • The Default CPE Data VLAN tag will be assigned if no manual or RADIUS VLAN tag is specified. Useful as a provisioning or remediation VLAN.
Assigning per C5 VLANs Per C5 VLAN assignments are managed in the Client->Settings tab or via Radius • Manually assign VLANs to each C5 • C5s can have the same VLAN, but client isolation will prevent traffic from flowing directly between C5/C5.
Configuring TPID • Provider Bridging customization for Q-in-Q • Custom TPID for CPE (C-VLAN) and SSID (S-VLAN) • Leave these values to default for normal single and double tagging VLAN use.
¡ New persistent fallback IP address of 169.254.200.20. ¡ In addition to the C5 default IP of 192.168.1.20, this non-routable IP address is always reachable regardless of a manual or DHCP assigned IP address to C5. ¡ It is recommended to this new persistent IP address when using auto-provisioning to prevent loss of connectivity to the C5. ¡ Most laptop DHCP clients will default to an IP address this subnet, making connectivity to an un configured C5 extremely easy. Fallback IP Address
A5 MAC Forwarding Table
Android iOS* • Supports 2.4 Auto-Provisioning • Automated C5 firmware updates • Guided install process • Auto or Manual unlock/configure mode • Audible Aim and connect G2 POE Required for the installer Battery Pack Recommended Installation Streamlining Install App v1.3 *Avail Dec ‘17
Additional Resources WEBINARS Learn More About Fixed Wireless Networks CASE STUDIES Find Out How Mimosa Solutions are Helping Customers TALK TO AN EXPERT How Can We Help You? Chat with our Support Team

Recommended

Aula 2 - Introdução ao Mercado de Trabalho
Aula 2 - Introdução ao Mercado de TrabalhoAula 2 - Introdução ao Mercado de Trabalho
Aula 2 - Introdução ao Mercado de TrabalhoCharles Lima
 
CLUBE JUVENIL.pptx
CLUBE JUVENIL.pptxCLUBE JUVENIL.pptx
CLUBE JUVENIL.pptxAlexSantos923771
 
O Racismo
O RacismoO Racismo
O Racismomarleneves
 
A Diversidade Humana
A Diversidade HumanaA Diversidade Humana
A Diversidade HumanaDiogo Mateus
 
Bullying
BullyingBullying
BullyingPedro Peixoto
 
Informação, tecnologia e globalização
Informação, tecnologia e globalizaçãoInformação, tecnologia e globalização
Informação, tecnologia e globalizaçãoLeonardo Moraes
 
Trabalho sobre drogas
Trabalho sobre drogasTrabalho sobre drogas
Trabalho sobre drogaswolveninex lol
 
Como lidar com as diferentes Gerações (Tradicionalistas, Baby Boomers, X, Y ...
Como lidar com as diferentes Gerações (Tradicionalistas, Baby Boomers, X, Y ...Como lidar com as diferentes Gerações (Tradicionalistas, Baby Boomers, X, Y ...
Como lidar com as diferentes Gerações (Tradicionalistas, Baby Boomers, X, Y ...Mauro de Oliveira
 

Recommended

Aula 2 - Introdução ao Mercado de Trabalho
Aula 2 - Introdução ao Mercado de TrabalhoAula 2 - Introdução ao Mercado de Trabalho
Aula 2 - Introdução ao Mercado de TrabalhoCharles Lima
 
CLUBE JUVENIL.pptx
CLUBE JUVENIL.pptxCLUBE JUVENIL.pptx
CLUBE JUVENIL.pptxAlexSantos923771
 
O Racismo
O RacismoO Racismo
O Racismomarleneves
 
A Diversidade Humana
A Diversidade HumanaA Diversidade Humana
A Diversidade HumanaDiogo Mateus
 
Bullying
BullyingBullying
BullyingPedro Peixoto
 
Informação, tecnologia e globalização
Informação, tecnologia e globalizaçãoInformação, tecnologia e globalização
Informação, tecnologia e globalizaçãoLeonardo Moraes
 
Trabalho sobre drogas
Trabalho sobre drogasTrabalho sobre drogas
Trabalho sobre drogaswolveninex lol
 
Como lidar com as diferentes Gerações (Tradicionalistas, Baby Boomers, X, Y ...
Como lidar com as diferentes Gerações (Tradicionalistas, Baby Boomers, X, Y ...Como lidar com as diferentes Gerações (Tradicionalistas, Baby Boomers, X, Y ...
Como lidar com as diferentes Gerações (Tradicionalistas, Baby Boomers, X, Y ...Mauro de Oliveira
 
Igualdade e respeito as diferenças
Igualdade e respeito as diferençasIgualdade e respeito as diferenças
Igualdade e respeito as diferençasPaulo Raimundo Garcia de Oliveira
 
Trabalho infantil
Trabalho infantilTrabalho infantil
Trabalho infantilstephanye bitencourt
 
Gravidez na Adolescência
Gravidez na AdolescênciaGravidez na Adolescência
Gravidez na Adolescênciaportoseguro
 
Estilos parentais e práticas educativas
Estilos parentais e práticas educativasEstilos parentais e práticas educativas
Estilos parentais e práticas educativasLudmila Moura
 
A adolescência
A adolescênciaA adolescência
A adolescênciaRoberto Nobre
 
Movimento antiglobalização
Movimento antiglobalizaçãoMovimento antiglobalização
Movimento antiglobalizaçãoRosane Domingues
 
O Uso Seguro das Redes Sociais
O Uso Seguro das Redes SociaisO Uso Seguro das Redes Sociais
O Uso Seguro das Redes SociaisRicardo Henrique Roson
 
Fundamentos do desenvolvimento mobile - Daniel da cruz do amaral rocha
Fundamentos do desenvolvimento mobile - Daniel da cruz do amaral rochaFundamentos do desenvolvimento mobile - Daniel da cruz do amaral rocha
Fundamentos do desenvolvimento mobile - Daniel da cruz do amaral rochaDanielAmaral70
 
Slides da aula de Sociologia (Luciano) sobre Violência
Slides da aula de Sociologia (Luciano) sobre ViolênciaSlides da aula de Sociologia (Luciano) sobre Violência
Slides da aula de Sociologia (Luciano) sobre ViolênciaTurma Olímpica
 
Diversos tipos de violência
Diversos tipos de violênciaDiversos tipos de violência
Diversos tipos de violêncialucia_nunes
 
Transtorno do déficit de atenção e hiperatividade tdah power point
Transtorno do déficit de atenção e hiperatividade tdah power pointTranstorno do déficit de atenção e hiperatividade tdah power point
Transtorno do déficit de atenção e hiperatividade tdah power pointSme Otacílio Costa
 
Maus tratos
Maus tratosMaus tratos
Maus tratosStrindade
 
8 carreiras e profissões
8 carreiras e profissões8 carreiras e profissões
8 carreiras e profissõesRapport Assessoria
 
Relação Família Escola
Relação Família EscolaRelação Família Escola
Relação Família EscolaJoaquim Colôa
 
1 direitos e deveres crianças
1 direitos e deveres crianças1 direitos e deveres crianças
1 direitos e deveres criançasLurdesmartins17
 
AEE
AEEAEE
AEEacfnicole
 
Trabalho: Família e violência doméstica
Trabalho: Família e violência domésticaTrabalho: Família e violência doméstica
Trabalho: Família e violência domésticamluisavalente
 
Autismo programa-de-educacao-individualizada-pei
Autismo programa-de-educacao-individualizada-peiAutismo programa-de-educacao-individualizada-pei
Autismo programa-de-educacao-individualizada-peiRosane Domingues
 
Adolescencia
AdolescenciaAdolescencia
AdolescenciaWAGNER OLIVEIRA
 
Atendimento Educacional Especializado
Atendimento Educacional EspecializadoAtendimento Educacional Especializado
Atendimento Educacional Especializadoceciliaconserva
 
Enterprise grade firewall and ssl termination to ac by will stevens
Enterprise grade firewall and ssl termination to ac by will stevensEnterprise grade firewall and ssl termination to ac by will stevens
Enterprise grade firewall and ssl termination to ac by will stevensbuildacloud
 
Webinar NETGEAR - Insight, le funzionalita' per il Networking Management
Webinar NETGEAR - Insight, le funzionalita' per il Networking ManagementWebinar NETGEAR - Insight, le funzionalita' per il Networking Management
Webinar NETGEAR - Insight, le funzionalita' per il Networking ManagementNetgear Italia
 

More Related Content

What's hot

Gravidez na Adolescência
Gravidez na AdolescênciaGravidez na Adolescência
Gravidez na Adolescênciaportoseguro
 
Estilos parentais e práticas educativas
Estilos parentais e práticas educativasEstilos parentais e práticas educativas
Estilos parentais e práticas educativasLudmila Moura
 
Movimento antiglobalização
Movimento antiglobalizaçãoMovimento antiglobalização
Movimento antiglobalizaçãoRosane Domingues
 
Fundamentos do desenvolvimento mobile - Daniel da cruz do amaral rocha
Fundamentos do desenvolvimento mobile - Daniel da cruz do amaral rochaFundamentos do desenvolvimento mobile - Daniel da cruz do amaral rocha
Fundamentos do desenvolvimento mobile - Daniel da cruz do amaral rochaDanielAmaral70
 
Slides da aula de Sociologia (Luciano) sobre Violência
Slides da aula de Sociologia (Luciano) sobre ViolênciaSlides da aula de Sociologia (Luciano) sobre Violência
Slides da aula de Sociologia (Luciano) sobre ViolênciaTurma Olímpica
 
Diversos tipos de violência
Diversos tipos de violênciaDiversos tipos de violência
Diversos tipos de violêncialucia_nunes
 
Transtorno do déficit de atenção e hiperatividade tdah power point
Transtorno do déficit de atenção e hiperatividade tdah power pointTranstorno do déficit de atenção e hiperatividade tdah power point
Transtorno do déficit de atenção e hiperatividade tdah power pointSme Otacílio Costa
 
Relação Família Escola
Relação Família EscolaRelação Família Escola
Relação Família EscolaJoaquim Colôa
 
1 direitos e deveres crianças
1 direitos e deveres crianças1 direitos e deveres crianças
1 direitos e deveres criançasLurdesmartins17
 
Trabalho: Família e violência doméstica
Trabalho: Família e violência domésticaTrabalho: Família e violência doméstica
Trabalho: Família e violência domésticamluisavalente
 
Autismo programa-de-educacao-individualizada-pei
Autismo programa-de-educacao-individualizada-peiAutismo programa-de-educacao-individualizada-pei
Autismo programa-de-educacao-individualizada-peiRosane Domingues
 
Atendimento Educacional Especializado
Atendimento Educacional EspecializadoAtendimento Educacional Especializado
Atendimento Educacional Especializadoceciliaconserva
 

What's hot (20)

Igualdade e respeito as diferenças
Igualdade e respeito as diferençasIgualdade e respeito as diferenças
Igualdade e respeito as diferenças
 
Trabalho infantil
Trabalho infantilTrabalho infantil
Trabalho infantil
 
Gravidez na Adolescência
Gravidez na AdolescênciaGravidez na Adolescência
Gravidez na Adolescência
 
Estilos parentais e práticas educativas
Estilos parentais e práticas educativasEstilos parentais e práticas educativas
Estilos parentais e práticas educativas
 
A adolescência
A adolescênciaA adolescência
A adolescência
 
Movimento antiglobalização
Movimento antiglobalizaçãoMovimento antiglobalização
Movimento antiglobalização
 
O Uso Seguro das Redes Sociais
O Uso Seguro das Redes SociaisO Uso Seguro das Redes Sociais
O Uso Seguro das Redes Sociais
 
Fundamentos do desenvolvimento mobile - Daniel da cruz do amaral rocha
Fundamentos do desenvolvimento mobile - Daniel da cruz do amaral rochaFundamentos do desenvolvimento mobile - Daniel da cruz do amaral rocha
Fundamentos do desenvolvimento mobile - Daniel da cruz do amaral rocha
 
Slides da aula de Sociologia (Luciano) sobre Violência
Slides da aula de Sociologia (Luciano) sobre ViolênciaSlides da aula de Sociologia (Luciano) sobre Violência
Slides da aula de Sociologia (Luciano) sobre Violência
 
Diversos tipos de violência
Diversos tipos de violênciaDiversos tipos de violência
Diversos tipos de violência
 
Transtorno do déficit de atenção e hiperatividade tdah power point
Transtorno do déficit de atenção e hiperatividade tdah power pointTranstorno do déficit de atenção e hiperatividade tdah power point
Transtorno do déficit de atenção e hiperatividade tdah power point
 
Maus tratos
Maus tratosMaus tratos
Maus tratos
 
8 carreiras e profissões
8 carreiras e profissões8 carreiras e profissões
8 carreiras e profissões
 
Relação Família Escola
Relação Família EscolaRelação Família Escola
Relação Família Escola
 
1 direitos e deveres crianças
1 direitos e deveres crianças1 direitos e deveres crianças
1 direitos e deveres crianças
 
AEE
AEEAEE
AEE
 
Trabalho: Família e violência doméstica
Trabalho: Família e violência domésticaTrabalho: Família e violência doméstica
Trabalho: Família e violência doméstica
 
Autismo programa-de-educacao-individualizada-pei
Autismo programa-de-educacao-individualizada-peiAutismo programa-de-educacao-individualizada-pei
Autismo programa-de-educacao-individualizada-pei
 
Adolescencia
AdolescenciaAdolescencia
Adolescencia
 
Atendimento Educacional Especializado
Atendimento Educacional EspecializadoAtendimento Educacional Especializado
Atendimento Educacional Especializado
 

Similar to Mimosa 2.4 Software Release: Key Features and Auto Provisioning Workflow

Enterprise grade firewall and ssl termination to ac by will stevens
Enterprise grade firewall and ssl termination to ac by will stevensEnterprise grade firewall and ssl termination to ac by will stevens
Enterprise grade firewall and ssl termination to ac by will stevensbuildacloud
 
Webinar NETGEAR - Insight, le funzionalita' per il Networking Management
Webinar NETGEAR - Insight, le funzionalita' per il Networking ManagementWebinar NETGEAR - Insight, le funzionalita' per il Networking Management
Webinar NETGEAR - Insight, le funzionalita' per il Networking ManagementNetgear Italia
 
Brkcrt 2214
Brkcrt 2214Brkcrt 2214
Brkcrt 2214Mac An
 
Cisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna centerCisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna centerCisco Canada
 
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for business
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for businessCreator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for business
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for businessPaul Evans
 
The right Wireless Architecture for you
The right Wireless Architecture for youThe right Wireless Architecture for you
The right Wireless Architecture for youCisco Canada
 
Deploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXDeploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXCisco Canada
 
Dell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch ProvisioningDell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch ProvisioningDell World
 
How Automation And Intelligence Can Simplify Your High Availability
How Automation And Intelligence Can Simplify Your High AvailabilityHow Automation And Intelligence Can Simplify Your High Availability
How Automation And Intelligence Can Simplify Your High AvailabilityPrecisely
 
Cloud as a Service: A Powerful New Cloud Management Platform
Cloud as a Service: A Powerful New Cloud Management PlatformCloud as a Service: A Powerful New Cloud Management Platform
Cloud as a Service: A Powerful New Cloud Management PlatformBMC Software
 
Bluemix Local – Relay Options and Challenges
Bluemix Local – Relay Options and Challenges Bluemix Local – Relay Options and Challenges
Bluemix Local – Relay Options and Challenges Eduardo Patrocinio
 
Cloud based dlms cosem metering head end
Cloud based dlms cosem metering head endCloud based dlms cosem metering head end
Cloud based dlms cosem metering head endNirmal Thaliyil
 
Discover the Power of ThousandEyes on Your Meraki MX
Discover the Power of ThousandEyes on Your Meraki MXDiscover the Power of ThousandEyes on Your Meraki MX
Discover the Power of ThousandEyes on Your Meraki MXThousandEyes
 
FieldServer Overview 2015.r1
FieldServer Overview 2015.r1FieldServer Overview 2015.r1
FieldServer Overview 2015.r1Eric W Dunn
 
Citrix Day 2014: ShareFile Enterprise
Citrix Day 2014: ShareFile EnterpriseCitrix Day 2014: ShareFile Enterprise
Citrix Day 2014: ShareFile EnterpriseDigicomp Academy AG
 
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks
 

Similar to Mimosa 2.4 Software Release: Key Features and Auto Provisioning Workflow (20)

Enterprise grade firewall and ssl termination to ac by will stevens
Enterprise grade firewall and ssl termination to ac by will stevensEnterprise grade firewall and ssl termination to ac by will stevens
Enterprise grade firewall and ssl termination to ac by will stevens
 
Webinar NETGEAR - Insight, le funzionalita' per il Networking Management
Webinar NETGEAR - Insight, le funzionalita' per il Networking ManagementWebinar NETGEAR - Insight, le funzionalita' per il Networking Management
Webinar NETGEAR - Insight, le funzionalita' per il Networking Management
 
Brkcrt 2214
Brkcrt 2214Brkcrt 2214
Brkcrt 2214
 
Cisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna centerCisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna center
 
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for business
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for businessCreator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for business
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for business
 
The right Wireless Architecture for you
The right Wireless Architecture for youThe right Wireless Architecture for you
The right Wireless Architecture for you
 
FieldServer for Integrators Overview
FieldServer for Integrators OverviewFieldServer for Integrators Overview
FieldServer for Integrators Overview
 
Deploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXDeploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CX
 
Dell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch ProvisioningDell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch Provisioning
 
How Automation And Intelligence Can Simplify Your High Availability
How Automation And Intelligence Can Simplify Your High AvailabilityHow Automation And Intelligence Can Simplify Your High Availability
How Automation And Intelligence Can Simplify Your High Availability
 
Cloud as a Service: A Powerful New Cloud Management Platform
Cloud as a Service: A Powerful New Cloud Management PlatformCloud as a Service: A Powerful New Cloud Management Platform
Cloud as a Service: A Powerful New Cloud Management Platform
 
F5 TMOS v13.0
F5 TMOS v13.0F5 TMOS v13.0
F5 TMOS v13.0
 
Bluemix Local – Relay Options and Challenges
Bluemix Local – Relay Options and Challenges Bluemix Local – Relay Options and Challenges
Bluemix Local – Relay Options and Challenges
 
Cloud based dlms cosem metering head end
Cloud based dlms cosem metering head endCloud based dlms cosem metering head end
Cloud based dlms cosem metering head end
 
F5 Cloud Story
F5 Cloud StoryF5 Cloud Story
F5 Cloud Story
 
Discover the Power of ThousandEyes on Your Meraki MX
Discover the Power of ThousandEyes on Your Meraki MXDiscover the Power of ThousandEyes on Your Meraki MX
Discover the Power of ThousandEyes on Your Meraki MX
 
FieldServer Overview 2015.r1
FieldServer Overview 2015.r1FieldServer Overview 2015.r1
FieldServer Overview 2015.r1
 
Citrix Day 2014: ShareFile Enterprise
Citrix Day 2014: ShareFile EnterpriseCitrix Day 2014: ShareFile Enterprise
Citrix Day 2014: ShareFile Enterprise
 
WAF deployment
WAF deploymentWAF deployment
WAF deployment
 
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-Sheet
 

Recently uploaded

FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
 
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Deliverybabeytanya
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirtrahman018755
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewingbigorange77
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaimessage0108
 

Recently uploaded (20)

FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
 
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewing
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of india
 

Mimosa 2.4 Software Release: Key Features and Auto Provisioning Workflow

  • 1. @GoMimosa Mimosa Networks 2.4 Software Release: Overview and Basic Training A5/A5c, C5/C5c PTMP, PTP Presented By: David Stiff Vice President, Product Management Mimosa Networks
  • 2. • What’s in the 2.4 release? • Auto Provisioning Details • VLANs • Fallback IP Address • Mobile App 3.0 Agenda
  • 3. • Auto Provisioning • 802.1x Secure Auto Connect for SRS • C5 Auto-Unlock for WPA2/Enterprise Security • Radius Subscriber/C5 Provisioning (VSA) • C5 Auto Configuration (file) • Fallback IP Address • VLAN per C5, VLAN double tagging (QinQ) 2.4 Major Features (1)
  • 4. • KRACK (Key Reinstallation Attacks) Fix • Fix for both A5/A5c and C5/C5c • Enhanced Interference Rejection • Significantly improves performance in the presence of high interference • Improved Peak Client Throughput • As subscribers scale their networks above 25 stations, a single client can burst to utilize peak available capacity 2.4 Major Features (2)
  • 5. • C5 Ethernet Data Port Authentication (802.1x) • A5 MAC forwarding table • SNMP enhancements • 802.1p Downlink Priority Tagging • Disable Traffic shaping for UDP traffic • C5 auto LED brightness, derives time from A5 • C5 follows A5 regulatory domain • Broadcast SSID is always enabled for CPE and Trunk mode. 2.4 Other Features
  • 6. • C5 factory default mode is SRS • Improves SSID scanning and reduces a reboot step during initial setup • G2 no longer requires IP connectivity to A5 management interface for software upgrades • Enables A5/C5 to be in a separate management VLAN from the G2 • The SNR value is replaced with the EVM value and EVM is no longer shown as a separate statistic • C5 reset unlock command is removed • Resetting the unlock code is no longer necessary as the C5 learns it’s regulatory domain from the A5 it is associated to Noteworthy 2.4 Updates & Fixes
  • 8. C5 Auto Configuration • Dramatically shortens C5 installation time • Enables lower skilled installation technicians “Satellite TV Guys” • Automates C5 unlock and configuration • Integrates into customer billing system for subscriber provisioning & management • RADIUS based C5 Fresh out of box C5/C5c Update firmware from Mimosa App Associate Subscriber Info Provision C5/C5c Select Network and Aim Authenticate & Secure Client Uniquely
  • 9. Conf iden tial WPA2/Enterprise Security (802.1X) C5 Authentication • 2-Factor authentication using EAP-PEAP & MSCHAPv2 • Mimosa device certificates (optional) • Predefined user/pass (MAC/Serial) or user defined Radius Subscriber Provisioning • Radius server integrated into customer’s billing system • Per subscriber provisioning of rate limits, VLANs, and network settings using Mimosa VSA library • Subscriber configuration update via Radius COA and DM C5 Auto-Unlock • Cloud connected A5 unlocks to the A5’s cloud account • C5 Follows A5 regulatory domain • Enabled when using WPA2/Enterprise Security C5 Auto Configuration (flat file) • Optional C5 settings can be loaded via a flat file located on customer’s file system Install App • Firmware updates, SSID Selection, Aiming Key Features Inventory Management on Mimosa Cloud • Easily scan C5 for inventory and RADIUS passwords. C5 Persistent Fallback IP address • C5 has a new non-routable persistent fallback IP address, preventing disconnects during installation. (169.254.200.20) C5 Auto Provisioning
  • 10. Mimosa Cloud – Device Inventory 1 Scan C5 Inventory into Mimosa Cloud C5 Serial Number + MAC Export C5 SN + MAC & inventory .csv 2 Billing SystemImport into Subscriber Management system3
  • 11. To enable auto-unlock and subscriber provisioning the following is required: • 2.4 Software (A5 & C5) • Mimosa cloud connected A5 • Radius Server • Minimum requirement is WPA2/Enterprise (802.1x) for C5 authentication to use auto-unlock • Recommended to use RADIUS VSA to provision the C5. For security, at least C5 management password • Automated Subscriber Management system (recommended) • Handles the automation of configuring RADIUS Auto Provisioning Requirements
  • 12. C5 Auto Configuration Options Network & Management • C5 Management IP Information (DHCP/static) • Management VLAN • Management password • Device name Subscriber Provisioning • Traffic Shaping (Max UL/DL, Commit UL/DL) • Subscriber VLAN System Settings • Wireless MAC protocol • Firmware version & image location • Config file & location Network & Management • C5 Management IP Information (DHCP/static) • Management VLAN • Management password • Device name System Settings • Wireless MAC protocol • Firmware version & image location From Radius Subscriber + Device Config From Flat File Device Config Flat File location is configured via RADIUS Adding DHCP Option 66/67 config file location in next release RADIUS and Flat File format documentation & sample files are available online http://ap.help.mimosa.co/ug-radius-installation-files
  • 13. Enterprise/RADIUS Authentication • Using IEEE 802.1X with RADIUS protocol • Supported for WiFi-Interop and SRS modes • Terminology • Two factor authentication • Outer Tunnel (between C5 and RADIUS server) -- Optional • EAP-PEAP using Mimosa Certificates (Authentication Server should be pre-configured with Mimosa’s Trusted CA certificates) • Inner Tunnel (between C5 and RADIUS server) • MS-CHAPv2 using a username and password (default username and password is the <C5-WIFI- MAC><C5-SERIAL-NUMBER>) C5 IEEE 802.1X Supplicant A5 IEEE 802.1X Authenticator RADIUS Server Authentication Server
  • 14. Flat File Setup (optional) • Flat File location is pushed to the C5 via RADIUS • Supported file transfer protocols: TFTP, FTP, HTTP, HTTPS. • No per subscriber settings are available, use RADUIS for VLAN and rate limiting provisioning. • Flat File settings are useful for network wide device settings • DNS, SNMP, Syslog, etc Sample Flat File configuration for a C5 Management: DNS1: 8.8.8.8 DNS2: 8.8.4.4 EnableSNMP: True SNMPCommunityString: mimosa SNMPTrapServer: 1.1.1.1 NTPServerAddress: time.nist.gov RemoteSyslog: EnableSyslog: True SyslogServerAddress: 1.1.1.1 SyslogPort: 514 SyslogProtocol: UDP
  • 15. Auto Provisioning Workflow 1 – Back Office • Inventory Mimosa products (generate credentials) • Customer provisions billing system/radius server with new C5 credentials • Customer ensures C5 configuration file is setup (optional) 2 – Onsite • Tech finds suitable C5 mounting location • Install App pushes firmware to C5 • Install App selects SSID and connects 3 – Automation • Association & 802.1x 2-factor Authentication (A5/Radius) • Subscriber & Device provisioning (Radius/File) • Auto C5 Unlock (Mimosa cloud) 4 – Onsite • Install App aims C5 • Tech secures C5 and finishes install AAA Radius Billing System (optional) File Server www.mimosa.co
  • 16. Auto Provisioning Workflow 1 – Back Office • Inventory Mimosa products (generate credentials) • Customer provisions billing system/radius server with new C5 MAC/SN • Customer ensures C5 configuration file is setup 2 – Onsite • Tech finds suitable C5 mounting location • Install App pushes firmware to C5 • Install App used to select SSID and connect 3 – Automation • Association & 802.1x 2-factor Authentication (A5/Radius) • Subscriber & Device provisioning (Radius/File) • Auto C5 Unlock (Mimosa cloud) 4 – Onsite • Install App aims C5 • Tech secures C5 and finishes install AAA Radius (optional) File Server Billing System
  • 17. Auto Provisioning Workflow 1 – Back Office • Inventory Mimosa products (generate credentials) • Customer provisions billing system/radius server with new C5 MAC/SN • Customer ensures C5 configuration file is setup 2 – Onsite • Tech finds suitable C5 mounting location • Install App pushes firmware to C5 • Install App selects best SSID and connects 3 – Automation • Association & 802.1x 2-factor Authentication (A5/Radius) • Subscriber & Device provisioning (Radius/File) • Auto C5 Unlock (Mimosa cloud) 4 – Onsite • Install App aims C5 • Tech secures C5 and finishes install AAA Radius Billing System (optional) File Server Auth & Provision Unlock
  • 18. Auto Provisioning Workflow 1 – Back Office • Inventory Mimosa products (generate credentials) • Customer provisions billing system/radius server with new C5 MAC/SN • Customer ensures C5 configuration file is setup 2 – Onsite • Tech finds suitable C5 mounting location • Install App pushes firmware to C5 • Install App selects SSID and connects 3 – Automation • Association & 802.1x 2-factor Authentication (A5/Radius) • Subscriber & Device provisioning (Radius/File) • Auto C5 Unlock (Mimosa cloud) 4 – Onsite • Install App aims C5 (audio assist) • Tech secures C5 and finishes install AAA Radius Billing System (optional) File Server
  • 19. Auto Provisioning Workflow 1 – Back Office • Inventory Mimosa products (generate credentials) • Customer provisions billing system/radius server with new C5 MAC/SN • Customer ensures C5 configuration file is setup 2 – Onsite • Tech finds suitable C5 mounting location • Install App pushes firmware to C5 • Install App selects SSID and connects 3 – Automation • Association & 802.1x 2-factor Authentication (A5/Radius) • Subscriber & Device provisioning (Radius/File) • Auto C5 Unlock (Mimosa cloud) 4 – Onsite • Install App aims C5 • Tech secures C5 and finishes install AAA Radius Billing System C5 (optional) File Server
  • 20. A5 GUI Configuration Authentication Configuration Accounting Configuration CoA Configuration Accounting supports START and STOP messages Secondary servers are optional Wireless->SSID->Edit
  • 21. CPE Ethernet Port Authentication • IEEE 802.1X Port based Authentication • Enabling RADIUS authentication of the devices connecting to Ethernet Port of C5 • Terminology • Ethernet Port is disabled for data traffic till RADIUS authentication is successful Device connecting to Ethernet port of C5 Supplicant C5 IEEE 802.1X Authenticator A5 Authenticator Proxy RADIUS Server Authentication Server Configured in Wireless->SSID->Edit 802.1x port authentication AAA Radius
  • 22. VLANs
  • 23. Subscriber network Untagged or untagged Unique VLAN tag per C5 data packet InternetRouter A5 C5 802.1Q VLAN Trunk VLAN per C5 • Enables VLAN tagging per C5 for upstream device client isolation and identification (802.1Q) • Supports VLAN double tagging for QinQ • Support for separate C5 management VLAN • Secures management VLAN from subscriber access
  • 24. VLANS tagging is enabled when using Fixed/CPE SSID Mode. Independent from the Management VLAN. Trunk mode (pass through) is used to transport existing VLANs. • Per CPE VLAN • Adds a VLAN tag per client assigned manually or via RADIUS • Default VLAN tag is used when no per C5 VLAN configured. Useful as the a provisioning VLAN until a subscriber VLAN is set. • Multiple C5/clients can use the same VLAN. • SSID VLAN • Adds the same VLAN tag for all C5/clients connected to an SSID • QinQ Support • Utilize both CPE VLAN and SSID VLAN for stacked or double tagged VLANs. • C-VLAN – VLANs from the customer network are allowed to pass-through • CPE VLAN (CPE S-VLAN) is first tag, SSID VLAN (S-VLAN) is the second tag. Understanding Data VLANs
  • 25. Enabling VLANs SSID and CPE VLANs are enabled in the Wireless->SSID page • The SSID VLAN will add the same VLAN tag to all C5 client. • Enabling CPE Data VLAN will add a tag per C5 • The Default CPE Data VLAN tag will be assigned if no manual or RADIUS VLAN tag is specified. Useful as a provisioning or remediation VLAN.
  • 26. Assigning per C5 VLANs Per C5 VLAN assignments are managed in the Client->Settings tab or via Radius • Manually assign VLANs to each C5 • C5s can have the same VLAN, but client isolation will prevent traffic from flowing directly between C5/C5.
  • 27. Configuring TPID • Provider Bridging customization for Q-in-Q • Custom TPID for CPE (C-VLAN) and SSID (S-VLAN) • Leave these values to default for normal single and double tagging VLAN use.
  • 28. ¡ New persistent fallback IP address of 169.254.200.20. ¡ In addition to the C5 default IP of 192.168.1.20, this non-routable IP address is always reachable regardless of a manual or DHCP assigned IP address to C5. ¡ It is recommended to this new persistent IP address when using auto-provisioning to prevent loss of connectivity to the C5. ¡ Most laptop DHCP clients will default to an IP address this subnet, making connectivity to an un configured C5 extremely easy. Fallback IP Address
  • 30. Android iOS* • Supports 2.4 Auto-Provisioning • Automated C5 firmware updates • Guided install process • Auto or Manual unlock/configure mode • Audible Aim and connect G2 POE Required for the installer Battery Pack Recommended Installation Streamlining Install App v1.3 *Avail Dec ‘17