CN110138622A - Wireless local area network management system based on cloud - Google Patents

Wireless local area network management system based on cloud Download PDF

Info

Publication number
CN110138622A
CN110138622A CN201910480564.2A CN201910480564A CN110138622A CN 110138622 A CN110138622 A CN 110138622A CN 201910480564 A CN201910480564 A CN 201910480564A CN 110138622 A CN110138622 A CN 110138622A
Authority
CN
China
Prior art keywords
target access
service module
wireless parameter
sent
capwap
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910480564.2A
Other languages
Chinese (zh)
Other versions
CN110138622B (en
Inventor
范昌儒
郝小俊
周永贵
叶丁
杨磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Chuangtong Electronic Ltd By Share Ltd
Original Assignee
Jiangsu Chuangtong Electronic Ltd By Share Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Chuangtong Electronic Ltd By Share Ltd filed Critical Jiangsu Chuangtong Electronic Ltd By Share Ltd
Priority to CN201910480564.2A priority Critical patent/CN110138622B/en
Publication of CN110138622A publication Critical patent/CN110138622A/en
Application granted granted Critical
Publication of CN110138622B publication Critical patent/CN110138622B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/02Arrangements for optimising operational condition
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

This application involves a kind of wireless local area network management system based on cloud, belongs to field of communication technology, which includes: the wireless parameter that Web service module obtains target access;Configuration service module receives the wireless parameter;Data check is carried out to wireless parameter;Wireless parameter is sent to Capwap service module in the data check success to wireless parameter;Capwap service module receives the wireless parameter that configuration service module is sent;Radio configuration is carried out according to wireless parameter and radio configuration result is packaged into the Capwap agreement of standard;Radio configuration result after encapsulation is sent to target access so that target access verifies radio configuration result;Capwap service module receives and the check results of displaying target access point;Can solve the setting AC equipment in computer room causes the management to AP limited, and function is not easy the problem of extending;Realize the extension to the AP quantity and AC function that are managed.

Description

Wireless local area network management system based on cloud
Technical field
The present invention relates to a kind of wireless local area network management system based on cloud, belongs to field of communication technology.
Background technique
In some large-scale occasions, for example, hotel, airport or library need to arrange many access points (Access Point, AP) to cover region within the jurisdiction.The management of these AP usually passes through access controller (Access Controller, AC) and is collected Middleization management, such as: network configuration is carried out to AP, performance optimizes, and acquires the information of all user terminals.
Existing AC is usually typically located in computer room, the AP limited amount of administration, and is had a single function, by building environment shadow It rings big.Such as: if AC itself fail (power-off or crash), which will will lead to entire wireless network, has paralysis risk.It is more serious If AC device fails can lead to the problem of user data loss.In addition, existing AC equipment can not also undertake more More functional requirements.
Summary of the invention
The purpose of the present invention is to provide a kind of wireless local area network management system based on cloud, can solve by AC equipment is arranged in computer room causes the management to AP to be limited, and function is not easy the problem of extending.In order to achieve the above objectives, of the invention It provides the following technical solutions: the system comprises:
Web service module, for obtaining the wireless parameter of target access;And the wireless parameter is passed through into Common Gateway Interface CGI is sent to preset configuration service module;
The configuration service module, the wireless parameter sent for receiving the Web service module;To described wireless Parameter carries out data check;The wireless parameter is sent to Capwap clothes in the data check success to the wireless parameter Business module;
The Capwap service module, the wireless parameter sent for receiving the configuration service module, according to the nothing Line parameter carries out radio configuration, and radio configuration result is packaged into the Capwap agreement of standard;By the radio configuration after encapsulation As a result it is sent to the target access, so that the target access verifies the radio configuration result, and high-ranking officers It tests result and is sent to the Capwap service module;
The Capwap service module, is also used to receive and show the check results of the target access.
Optionally, the system also includes:
Web authentication module, the access request sent for receiving the target access, the access request be used for for Family terminal accesses the target access;The user terminal is authenticated according to the access request;Authentication result is sent out It send to the target access, so that the target access allows the user terminal access internet, alternatively, forbidding described User terminal access internet.
Optionally, the web authentication module, is used for:
It is serviced by Portal to the user terminal pushing certification page, the certification page according to the access request For prompting the user terminal to input information to be certified;
The information to be certified is authenticated by Radius service.
Optionally, the web authentication module, is also used to: after the user terminal accesses the target access, passing through Radius service carries out charge on traffic to the user terminal.
Optionally, it the system also includes Monitor finger daemon, is used for:
Each service processes in the system are monitored;
In presence service process exception, the service processes being abnormal are restored.
Optionally, the system also includes logger modules, are used for:
Record the operational process and operating status of the system.
Optionally, the configuration service module is also used to:
The management data of the system are stored to presetting database;
The management data include following at least one of several:
The relevant information of the target access managed, comprising: the model of the target access, MAC Address, IP Location, title, geographical location and radio configuration parameters;
The relevant information of the user terminal accessed, comprising: the type of the user terminal, IP address, is recognized MAC Address Card state, the topological relation with the target access;
Statistical information, comprising: online user number, certification number of users and/or traffic statistics value;
The own configuration information of the system, comprising: registered account and password and/or the radio configuration mould created Block.
The beneficial effects of the present invention are: the wireless parameter of target access is obtained by Web service module;And it will be wireless Parameter is sent to preset configuration service module by common gateway interface CGI;It configures service module and receives the transmission of Web service module Wireless parameter;Data check is carried out to wireless parameter;Wireless parameter is sent in the data check success to wireless parameter To Capwap service module;Capwap service module receive configuration service module send wireless parameter, according to wireless parameter into Row radio configuration, and radio configuration result is packaged into the Capwap agreement of standard;Radio configuration result after encapsulation is sent To target access, so that target access verifies radio configuration result, and check results are sent to Capwap clothes Business module;Capwap service module receives and the check results of displaying target access point;It can solve by being arranged in computer room It is limited that AC equipment leads to the management to AP, and function is not easy the problem of extending;Due to that can be managed in cloud platform to AP, Parameter by configuring different cloud platforms can be extended the AP quantity managed, also may be implemented to carry out the function of AC Extension.
In addition, being set due to without additional configuration AC equipment it is therefore not necessary to purchase the hardware such as a large amount of servers, disk array It is standby, it can simplify system structure.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention, And can be implemented in accordance with the contents of the specification, the following is a detailed description of the preferred embodiments of the present invention and the accompanying drawings.
Detailed description of the invention
Fig. 1 is the structural representation for the wireless local area network management system based on cloud that the application one embodiment provides Figure.
Specific embodiment
With reference to the accompanying drawings and examples, specific embodiments of the present invention will be described in further detail.Implement below Example is not intended to limit the scope of the invention for illustrating the present invention.
Firstly, to this application involves several nouns be introduced.
Thin AP: the wireless aps product that itself cannot be separately configured or use, this product are only a wlan system A part, be responsible for management installation and operation.
The agreement run between AC and thin AP is generally control and configuration protocol (the Control And of wireless access point Provisioning of Wireless Access Points, CAPWAP) agreement.
CAPWAP agreement: defining how to be managed wireless access point, business configuration, including the main contents include:
AP is to the automatic discovery of AC and state machine operation, the maintenance of AP and AC;
AC is managed AP, business configuration issues;
STA data encapsulation CAPWAP tunnel is forwarded.
Fig. 1 is the structural representation for the wireless local area network management system based on cloud that the application one embodiment provides Figure, the system is in cloud platform, which to can be existing large-scale cloud platform;Go out alternatively, being also possible to subsequent development Cloud platform.As shown in Figure 1, the system includes at least: Web service module 110, configuration service module 120 and Capwap service Module 130.
Web service module 110, for obtaining the wireless parameter of target access;And wireless parameter is passed through into Common Gateway Interface (Common Gateway Interface, CGI) is sent to preset configuration service module.
Wherein, the specification of external program when CGI is Web server operation, the program write by CGI can be with expansion service device Function.
Optionally, Web service module 110 is webpage spooler, can use stable Apapch2.4 framework, Default uses 80,443 ports, if user has special port requirements, which can also be other ports by system.
Optionally, Web service module 110 provides Web page for target access to configure the wireless ginseng of target access Number, after user inputs wireless parameter in Web page, Web service module 110 receives the wireless parameter in the Web page.
Service module 120 is configured, for receiving the wireless parameter of the transmission of Web service module 110;Wireless parameter is counted According to verification;Wireless parameter is sent to Capwap service module in the data check success to wireless parameter.
Wherein, configuration service module 120 can be the service module based on Config running paper, at this point, configuration service Module 120 is referred to as Config service module.
It optionally, can be by target access and wireless when configuration service module 120 carries out data check to wireless parameter The corresponding relationship of parameter is stored to presetting database 140.Configuration service module 120 to wireless parameter carry out data check not at When function, the wrong page can be pushed to target access by Web service module 110, to prompt the input of user radio parameter wrong Accidentally.
Wherein, data check includes whether verification local system supports the wireless parameter.
Capwap service module 130, the wireless parameter sent for receiving configuration service module 120, according to the wireless ginseng Number carries out radio configuration, and radio configuration result is packaged into the Capwap agreement of standard;By the radio configuration result after encapsulation It is sent to target access, so that target access verifies radio configuration result, and check results are sent to Capwap service module 130.
Capwap service module 130 is also used to receive the check results of simultaneously displaying target access point.
Wireless local area network management system based on cloud further include: web authentication module 150.
Web authentication module 150 is used for: receiving the access request that target access is sent, which is used for for user Terminal accesses target access;User terminal is authenticated according to access request;Authentication result is sent to target access, So that target access allows user terminal access internet, alternatively, forbidding user terminal access internet.
Optionally, when passing through to user end certification, authentication result indicates that target access allows user terminal access Internet;To user terminal it is unverified by when, authentication result instruction target access forbid user terminal access internet.
Wherein, to user end certification process include: verify user terminal input authentication secret whether with local preservation Key agreement.Wherein, authentication secret can be user setting, generate at random alternatively, being also possible to web authentication module 150 's.Certainly, user end certification process is also possible to: the user fingerprints of verifying user terminal input whether with the mould that locally saves Plate fingerprint is consistent, and the present embodiment does not limit the verification process of user terminal.
Optionally, the access request that target access is sent is that user terminal is not detected in the target access to have passed through It is sent when certification.
Optionally, web authentication module 150, is used for: whole to user by entrance Portal service 151 according to access request Pushing certification page is held, the certification page is for prompting user terminal to input information to be certified;Pass through remote customer dialing authentication System (Remote Authentication Dial In User Service, Radius) service 152 treat authentication information into Row certification.
Wherein, Portal service 151 is the service based on Portal technical operation, so that unauthenticated user is forced when surfing the Internet User logs on to particular station, and user can be with free access service therein.
Radius service 152 be based on Radius agreement operation service, Radius agreement include: plain old telephone online, ADSL online, partial wideband online, IP phone, Virtual Private Dialup Network business (the Virtual Private based on dial user Dialup Networks, VPDN), the business such as mobile phone pre-payment.
Optionally, web authentication module 150, is also used to: after user terminal accesses target access, being taken by Radius Business carries out charge on traffic to user terminal.
Optionally, the wireless local area network management system based on cloud further includes Monitor finger daemon 160, is used for: right Each service processes in system are monitored;In presence service process exception, the service processes being abnormal are restored.
Wherein, service processes include but is not limited to: Web service module 110, configuration service module 120, Capwap service mould The service processes of the calling such as block 130, Capwap service module 140 and web authentication module 150.
Optionally, the wireless local area network management system based on cloud further includes logger module 170, is used for: record The operational process and operating status of system.In this way, when system occurs abnormal, maintenance personnel can in time according to operational process and Operating status determines system exception, to safeguard to system.
Optionally, configuration service module 120 is also used to: the management data of system are stored to presetting database 140.
Wherein, management data include following at least one of several:
1, the relevant information of the target access managed, comprising: the model of target access, MAC Address, IP address, Title, geographical location and radio configuration parameters;
2, the relevant information of the user terminal accessed, comprising: the type of user terminal, MAC Address, IP address, certification State, the topological relation with target access;
3, statistical information, comprising: online user number, certification number of users and/or traffic statistics value;
4, the own configuration information of system, comprising: registered account and password and/or the radio configuration mould created Block.
Optionally, handle to system in parallel different user access request and parallel management AP.Total Thread Count is solid Fixed, schematically, the number of threads that system is called is 16 to improve the access request of processing user and the efficiency of management AP.
In conclusion the wireless local area network management system provided in this embodiment based on cloud, passes through Web service module Obtain the wireless parameter of target access;And wireless parameter is sent to preset configuration by common gateway interface CGI and services mould Block;It configures service module and receives the wireless parameter that Web service module is sent;Data check is carried out to wireless parameter;To wireless Wireless parameter is sent to Capwap service module when the data check success of parameter;Capwap service module receives configuration service The wireless parameter that module is sent carries out radio configuration according to wireless parameter, and radio configuration result is packaged into standard Capwap agreement;Radio configuration result after encapsulation is sent to target access, so that target access is to radio configuration knot Fruit is verified, and check results are sent to Capwap service module;Capwap service module receives and displaying target access The check results of point;Can solve causes the management to AP limited by the way that AC equipment is arranged in computer room, and function is not easy to extend The problem of;Due to can be managed in cloud platform to AP, the parameter by configuring different cloud platforms can be to being managed AP quantity is extended, and also may be implemented to be extended the function of AC.
In addition, being set due to without additional configuration AC equipment it is therefore not necessary to purchase the hardware such as a large amount of servers, disk array It is standby, it can simplify system structure.
Each technical characteristic of embodiment described above can be combined arbitrarily, for simplicity of description, not to above-mentioned reality It applies all possible combination of each technical characteristic in example to be all described, as long as however, the combination of these technical characteristics is not deposited In contradiction, all should be considered as described in this specification.
The embodiments described above only express several embodiments of the present invention, and the description thereof is more specific and detailed, but simultaneously It cannot therefore be construed as limiting the scope of the patent.It should be pointed out that coming for those of ordinary skill in the art It says, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to protection of the invention Range.Therefore, the scope of protection of the patent of the invention shall be subject to the appended claims.

Claims (7)

1. a kind of wireless local area network management system based on cloud, which is characterized in that be used in cloud platform, the system packet It includes:
Web service module, for obtaining the wireless parameter of target access;And the wireless parameter is passed through into common gateway interface CGI is sent to preset configuration service module;
The configuration service module, the wireless parameter sent for receiving the Web service module;To the wireless parameter Carry out data check;The wireless parameter is sent to Capwap service mould in the data check success to the wireless parameter Block;
The Capwap service module, the wireless parameter sent for receiving the configuration service module, according to the wireless ginseng Number carries out radio configuration, and radio configuration result is packaged into the Capwap agreement of standard;By the radio configuration result after encapsulation It is sent to the target access, so that the target access verifies the radio configuration result, and verification is tied Fruit is sent to the Capwap service module;
The Capwap service module, is also used to receive and show the check results of the target access.
2. system according to claim 1, which is characterized in that the system also includes:
Web authentication module, the access request sent for receiving the target access, the access request were used for for user's end It terminates into the target access;The user terminal is authenticated according to the access request;Authentication result is sent to The target access, so that the target access allows the user terminal access internet, alternatively, forbidding the user Terminal access internet.
3. system according to claim 2, which is characterized in that the web authentication module is used for:
It is serviced by Portal to the user terminal pushing certification page according to the access request, the certification page is used for The user terminal is prompted to input information to be certified;
The information to be certified is authenticated by Radius service.
4. system according to claim 2, which is characterized in that the web authentication module is also used to: whole in the user After terminating the target access, charge on traffic is carried out to the user terminal by Radius service.
5. system according to any one of claims 1 to 4, which is characterized in that the system also includes Monitor guard into Journey is used for:
Each service processes in the system are monitored;
In presence service process exception, the service processes being abnormal are restored.
6. system according to any one of claims 1 to 4, which is characterized in that the system also includes logger modules, use In:
Record the operational process and operating status of the system.
7. system according to any one of claims 1 to 4, which is characterized in that the configuration service module is also used to:
The management data of the system are stored to presetting database;
The management data include following at least one of several:
The relevant information of the target access managed, comprising: model, MAC Address, IP address, the name of the target access Title, geographical location and radio configuration parameters;
The relevant information of the user terminal accessed, comprising: the type of the user terminal, MAC Address, IP address, certification shape State, the topological relation with the target access;
Statistical information, comprising: online user number, certification number of users and/or traffic statistics value;
The own configuration information of the system, comprising: registered account and password and/or the radio configuration module created.
CN201910480564.2A 2019-06-04 2019-06-04 Wireless local area network management system based on cloud technology Active CN110138622B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910480564.2A CN110138622B (en) 2019-06-04 2019-06-04 Wireless local area network management system based on cloud technology

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910480564.2A CN110138622B (en) 2019-06-04 2019-06-04 Wireless local area network management system based on cloud technology

Publications (2)

Publication Number Publication Date
CN110138622A true CN110138622A (en) 2019-08-16
CN110138622B CN110138622B (en) 2022-05-27

Family

ID=67579991

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910480564.2A Active CN110138622B (en) 2019-06-04 2019-06-04 Wireless local area network management system based on cloud technology

Country Status (1)

Country Link
CN (1) CN110138622B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114222321A (en) * 2021-12-31 2022-03-22 山东有人物联网股份有限公司 Access control system and method of wireless network
CN115562738A (en) * 2022-11-14 2023-01-03 苏州浪潮智能科技有限公司 Port configuration method, component and hard disk expansion device

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080072047A1 (en) * 2006-09-20 2008-03-20 Futurewei Technologies, Inc. Method and system for capwap intra-domain authentication using 802.11r
CN101247295A (en) * 2007-02-13 2008-08-20 华为技术有限公司 Method and device for acquiring access controller information in wireless local area network
CN101695168A (en) * 2009-10-16 2010-04-14 苏州汉明科技有限公司 Measurement method of transmission performance between wireless access controller and wireless access point
CN102291750A (en) * 2011-09-20 2011-12-21 华为技术有限公司 Checking method and device for network configuration parameters
CN103369529A (en) * 2013-07-09 2013-10-23 福建星网锐捷网络有限公司 Identity authentication method, access point (AP) and access controller (AC)
CN104125662A (en) * 2014-08-11 2014-10-29 醴陵恒茂电子科技有限公司 Wireless access point centralized management device and method
CN106162639A (en) * 2015-11-25 2016-11-23 北京邮电大学 SDN wireless network management platform based on Floodlight and authentication method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080072047A1 (en) * 2006-09-20 2008-03-20 Futurewei Technologies, Inc. Method and system for capwap intra-domain authentication using 802.11r
CN101247295A (en) * 2007-02-13 2008-08-20 华为技术有限公司 Method and device for acquiring access controller information in wireless local area network
CN101695168A (en) * 2009-10-16 2010-04-14 苏州汉明科技有限公司 Measurement method of transmission performance between wireless access controller and wireless access point
CN102291750A (en) * 2011-09-20 2011-12-21 华为技术有限公司 Checking method and device for network configuration parameters
CN103369529A (en) * 2013-07-09 2013-10-23 福建星网锐捷网络有限公司 Identity authentication method, access point (AP) and access controller (AC)
CN104125662A (en) * 2014-08-11 2014-10-29 醴陵恒茂电子科技有限公司 Wireless access point centralized management device and method
CN106162639A (en) * 2015-11-25 2016-11-23 北京邮电大学 SDN wireless network management platform based on Floodlight and authentication method

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114222321A (en) * 2021-12-31 2022-03-22 山东有人物联网股份有限公司 Access control system and method of wireless network
CN114222321B (en) * 2021-12-31 2024-01-12 山东有人物联网股份有限公司 Access control system and method for wireless network
CN115562738A (en) * 2022-11-14 2023-01-03 苏州浪潮智能科技有限公司 Port configuration method, component and hard disk expansion device
CN115562738B (en) * 2022-11-14 2023-03-10 苏州浪潮智能科技有限公司 Port configuration method, component and hard disk expansion device

Also Published As

Publication number Publication date
CN110138622B (en) 2022-05-27

Similar Documents

Publication Publication Date Title
US9125055B1 (en) Systems and methods for authenticating users accessing unsecured WiFi access points
CN109286932A (en) Networking authentication method, apparatus and system
CN101730105A (en) Method and device for controlling user quantity connected to operational processor (AP)
EP3906652A1 (en) Protecting a telecommunications network using network components as blockchain nodes
CN103716795A (en) Wireless network safe access method, apparatus and system
CN108900484B (en) Access right information generation method and device
CN103957566A (en) Bandwidth control method and bandwidth control equipment
CN104581875B (en) Femto cell cut-in method and system
CN113206814B (en) Network event processing method and device and readable storage medium
CN102857388A (en) Cloud detection safety management auditing system
CN106792684B (en) Multi-protection wireless network safety protection system and protection method
CN103916853A (en) Control method for access node in wireless local-area network and communication system
CN110401951B (en) Method, device and system for authenticating terminal in wireless local area network
CN110138622A (en) Wireless local area network management system based on cloud
CN113194476B (en) Equipment activation and authentication binding method
CN103905236A (en) Terminal positioning method, system and device
CN111614686A (en) Key management method, controller and system
CN107659935A (en) A kind of authentication method, certificate server, network management system and Verification System
CN114697963A (en) Terminal identity authentication method and device, computer equipment and storage medium
CN106657154A (en) Wireless access method and system, WiFi platform and operator number taking platform
CN103475491A (en) Remote maintenance system which is logged in to safely without code and achieving method
CN105871851B (en) Based on SaaS identity identifying method
WO2020188988A1 (en) Control device, wireless communication system, control method, and recording medium in which program is recorded
CN105376074B (en) The startup of client computer, timing control method and system in a kind of LAN
CN109756899B (en) Network connection method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant