CN110138622A - Wireless local area network management system based on cloud - Google Patents
Wireless local area network management system based on cloud Download PDFInfo
- Publication number
- CN110138622A CN110138622A CN201910480564.2A CN201910480564A CN110138622A CN 110138622 A CN110138622 A CN 110138622A CN 201910480564 A CN201910480564 A CN 201910480564A CN 110138622 A CN110138622 A CN 110138622A
- Authority
- CN
- China
- Prior art keywords
- target access
- service module
- wireless parameter
- sent
- capwap
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/02—Arrangements for optimising operational condition
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/10—Small scale networks; Flat hierarchical networks
- H04W84/12—WLAN [Wireless Local Area Networks]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
This application involves a kind of wireless local area network management system based on cloud, belongs to field of communication technology, which includes: the wireless parameter that Web service module obtains target access;Configuration service module receives the wireless parameter;Data check is carried out to wireless parameter;Wireless parameter is sent to Capwap service module in the data check success to wireless parameter;Capwap service module receives the wireless parameter that configuration service module is sent;Radio configuration is carried out according to wireless parameter and radio configuration result is packaged into the Capwap agreement of standard;Radio configuration result after encapsulation is sent to target access so that target access verifies radio configuration result;Capwap service module receives and the check results of displaying target access point;Can solve the setting AC equipment in computer room causes the management to AP limited, and function is not easy the problem of extending;Realize the extension to the AP quantity and AC function that are managed.
Description
Technical field
The present invention relates to a kind of wireless local area network management system based on cloud, belongs to field of communication technology.
Background technique
In some large-scale occasions, for example, hotel, airport or library need to arrange many access points (Access Point,
AP) to cover region within the jurisdiction.The management of these AP usually passes through access controller (Access Controller, AC) and is collected
Middleization management, such as: network configuration is carried out to AP, performance optimizes, and acquires the information of all user terminals.
Existing AC is usually typically located in computer room, the AP limited amount of administration, and is had a single function, by building environment shadow
It rings big.Such as: if AC itself fail (power-off or crash), which will will lead to entire wireless network, has paralysis risk.It is more serious
If AC device fails can lead to the problem of user data loss.In addition, existing AC equipment can not also undertake more
More functional requirements.
Summary of the invention
The purpose of the present invention is to provide a kind of wireless local area network management system based on cloud, can solve by
AC equipment is arranged in computer room causes the management to AP to be limited, and function is not easy the problem of extending.In order to achieve the above objectives, of the invention
It provides the following technical solutions: the system comprises:
Web service module, for obtaining the wireless parameter of target access;And the wireless parameter is passed through into Common Gateway
Interface CGI is sent to preset configuration service module;
The configuration service module, the wireless parameter sent for receiving the Web service module;To described wireless
Parameter carries out data check;The wireless parameter is sent to Capwap clothes in the data check success to the wireless parameter
Business module;
The Capwap service module, the wireless parameter sent for receiving the configuration service module, according to the nothing
Line parameter carries out radio configuration, and radio configuration result is packaged into the Capwap agreement of standard;By the radio configuration after encapsulation
As a result it is sent to the target access, so that the target access verifies the radio configuration result, and high-ranking officers
It tests result and is sent to the Capwap service module;
The Capwap service module, is also used to receive and show the check results of the target access.
Optionally, the system also includes:
Web authentication module, the access request sent for receiving the target access, the access request be used for for
Family terminal accesses the target access;The user terminal is authenticated according to the access request;Authentication result is sent out
It send to the target access, so that the target access allows the user terminal access internet, alternatively, forbidding described
User terminal access internet.
Optionally, the web authentication module, is used for:
It is serviced by Portal to the user terminal pushing certification page, the certification page according to the access request
For prompting the user terminal to input information to be certified;
The information to be certified is authenticated by Radius service.
Optionally, the web authentication module, is also used to: after the user terminal accesses the target access, passing through
Radius service carries out charge on traffic to the user terminal.
Optionally, it the system also includes Monitor finger daemon, is used for:
Each service processes in the system are monitored;
In presence service process exception, the service processes being abnormal are restored.
Optionally, the system also includes logger modules, are used for:
Record the operational process and operating status of the system.
Optionally, the configuration service module is also used to:
The management data of the system are stored to presetting database;
The management data include following at least one of several:
The relevant information of the target access managed, comprising: the model of the target access, MAC Address, IP
Location, title, geographical location and radio configuration parameters;
The relevant information of the user terminal accessed, comprising: the type of the user terminal, IP address, is recognized MAC Address
Card state, the topological relation with the target access;
Statistical information, comprising: online user number, certification number of users and/or traffic statistics value;
The own configuration information of the system, comprising: registered account and password and/or the radio configuration mould created
Block.
The beneficial effects of the present invention are: the wireless parameter of target access is obtained by Web service module;And it will be wireless
Parameter is sent to preset configuration service module by common gateway interface CGI;It configures service module and receives the transmission of Web service module
Wireless parameter;Data check is carried out to wireless parameter;Wireless parameter is sent in the data check success to wireless parameter
To Capwap service module;Capwap service module receive configuration service module send wireless parameter, according to wireless parameter into
Row radio configuration, and radio configuration result is packaged into the Capwap agreement of standard;Radio configuration result after encapsulation is sent
To target access, so that target access verifies radio configuration result, and check results are sent to Capwap clothes
Business module;Capwap service module receives and the check results of displaying target access point;It can solve by being arranged in computer room
It is limited that AC equipment leads to the management to AP, and function is not easy the problem of extending;Due to that can be managed in cloud platform to AP,
Parameter by configuring different cloud platforms can be extended the AP quantity managed, also may be implemented to carry out the function of AC
Extension.
In addition, being set due to without additional configuration AC equipment it is therefore not necessary to purchase the hardware such as a large amount of servers, disk array
It is standby, it can simplify system structure.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention,
And can be implemented in accordance with the contents of the specification, the following is a detailed description of the preferred embodiments of the present invention and the accompanying drawings.
Detailed description of the invention
Fig. 1 is the structural representation for the wireless local area network management system based on cloud that the application one embodiment provides
Figure.
Specific embodiment
With reference to the accompanying drawings and examples, specific embodiments of the present invention will be described in further detail.Implement below
Example is not intended to limit the scope of the invention for illustrating the present invention.
Firstly, to this application involves several nouns be introduced.
Thin AP: the wireless aps product that itself cannot be separately configured or use, this product are only a wlan system
A part, be responsible for management installation and operation.
The agreement run between AC and thin AP is generally control and configuration protocol (the Control And of wireless access point
Provisioning of Wireless Access Points, CAPWAP) agreement.
CAPWAP agreement: defining how to be managed wireless access point, business configuration, including the main contents include:
AP is to the automatic discovery of AC and state machine operation, the maintenance of AP and AC;
AC is managed AP, business configuration issues;
STA data encapsulation CAPWAP tunnel is forwarded.
Fig. 1 is the structural representation for the wireless local area network management system based on cloud that the application one embodiment provides
Figure, the system is in cloud platform, which to can be existing large-scale cloud platform;Go out alternatively, being also possible to subsequent development
Cloud platform.As shown in Figure 1, the system includes at least: Web service module 110, configuration service module 120 and Capwap service
Module 130.
Web service module 110, for obtaining the wireless parameter of target access;And wireless parameter is passed through into Common Gateway
Interface (Common Gateway Interface, CGI) is sent to preset configuration service module.
Wherein, the specification of external program when CGI is Web server operation, the program write by CGI can be with expansion service device
Function.
Optionally, Web service module 110 is webpage spooler, can use stable Apapch2.4 framework,
Default uses 80,443 ports, if user has special port requirements, which can also be other ports by system.
Optionally, Web service module 110 provides Web page for target access to configure the wireless ginseng of target access
Number, after user inputs wireless parameter in Web page, Web service module 110 receives the wireless parameter in the Web page.
Service module 120 is configured, for receiving the wireless parameter of the transmission of Web service module 110;Wireless parameter is counted
According to verification;Wireless parameter is sent to Capwap service module in the data check success to wireless parameter.
Wherein, configuration service module 120 can be the service module based on Config running paper, at this point, configuration service
Module 120 is referred to as Config service module.
It optionally, can be by target access and wireless when configuration service module 120 carries out data check to wireless parameter
The corresponding relationship of parameter is stored to presetting database 140.Configuration service module 120 to wireless parameter carry out data check not at
When function, the wrong page can be pushed to target access by Web service module 110, to prompt the input of user radio parameter wrong
Accidentally.
Wherein, data check includes whether verification local system supports the wireless parameter.
Capwap service module 130, the wireless parameter sent for receiving configuration service module 120, according to the wireless ginseng
Number carries out radio configuration, and radio configuration result is packaged into the Capwap agreement of standard;By the radio configuration result after encapsulation
It is sent to target access, so that target access verifies radio configuration result, and check results are sent to
Capwap service module 130.
Capwap service module 130 is also used to receive the check results of simultaneously displaying target access point.
Wireless local area network management system based on cloud further include: web authentication module 150.
Web authentication module 150 is used for: receiving the access request that target access is sent, which is used for for user
Terminal accesses target access;User terminal is authenticated according to access request;Authentication result is sent to target access,
So that target access allows user terminal access internet, alternatively, forbidding user terminal access internet.
Optionally, when passing through to user end certification, authentication result indicates that target access allows user terminal access
Internet;To user terminal it is unverified by when, authentication result instruction target access forbid user terminal access internet.
Wherein, to user end certification process include: verify user terminal input authentication secret whether with local preservation
Key agreement.Wherein, authentication secret can be user setting, generate at random alternatively, being also possible to web authentication module 150
's.Certainly, user end certification process is also possible to: the user fingerprints of verifying user terminal input whether with the mould that locally saves
Plate fingerprint is consistent, and the present embodiment does not limit the verification process of user terminal.
Optionally, the access request that target access is sent is that user terminal is not detected in the target access to have passed through
It is sent when certification.
Optionally, web authentication module 150, is used for: whole to user by entrance Portal service 151 according to access request
Pushing certification page is held, the certification page is for prompting user terminal to input information to be certified;Pass through remote customer dialing authentication
System (Remote Authentication Dial In User Service, Radius) service 152 treat authentication information into
Row certification.
Wherein, Portal service 151 is the service based on Portal technical operation, so that unauthenticated user is forced when surfing the Internet
User logs on to particular station, and user can be with free access service therein.
Radius service 152 be based on Radius agreement operation service, Radius agreement include: plain old telephone online,
ADSL online, partial wideband online, IP phone, Virtual Private Dialup Network business (the Virtual Private based on dial user
Dialup Networks, VPDN), the business such as mobile phone pre-payment.
Optionally, web authentication module 150, is also used to: after user terminal accesses target access, being taken by Radius
Business carries out charge on traffic to user terminal.
Optionally, the wireless local area network management system based on cloud further includes Monitor finger daemon 160, is used for: right
Each service processes in system are monitored;In presence service process exception, the service processes being abnormal are restored.
Wherein, service processes include but is not limited to: Web service module 110, configuration service module 120, Capwap service mould
The service processes of the calling such as block 130, Capwap service module 140 and web authentication module 150.
Optionally, the wireless local area network management system based on cloud further includes logger module 170, is used for: record
The operational process and operating status of system.In this way, when system occurs abnormal, maintenance personnel can in time according to operational process and
Operating status determines system exception, to safeguard to system.
Optionally, configuration service module 120 is also used to: the management data of system are stored to presetting database 140.
Wherein, management data include following at least one of several:
1, the relevant information of the target access managed, comprising: the model of target access, MAC Address, IP address,
Title, geographical location and radio configuration parameters;
2, the relevant information of the user terminal accessed, comprising: the type of user terminal, MAC Address, IP address, certification
State, the topological relation with target access;
3, statistical information, comprising: online user number, certification number of users and/or traffic statistics value;
4, the own configuration information of system, comprising: registered account and password and/or the radio configuration mould created
Block.
Optionally, handle to system in parallel different user access request and parallel management AP.Total Thread Count is solid
Fixed, schematically, the number of threads that system is called is 16 to improve the access request of processing user and the efficiency of management AP.
In conclusion the wireless local area network management system provided in this embodiment based on cloud, passes through Web service module
Obtain the wireless parameter of target access;And wireless parameter is sent to preset configuration by common gateway interface CGI and services mould
Block;It configures service module and receives the wireless parameter that Web service module is sent;Data check is carried out to wireless parameter;To wireless
Wireless parameter is sent to Capwap service module when the data check success of parameter;Capwap service module receives configuration service
The wireless parameter that module is sent carries out radio configuration according to wireless parameter, and radio configuration result is packaged into standard
Capwap agreement;Radio configuration result after encapsulation is sent to target access, so that target access is to radio configuration knot
Fruit is verified, and check results are sent to Capwap service module;Capwap service module receives and displaying target access
The check results of point;Can solve causes the management to AP limited by the way that AC equipment is arranged in computer room, and function is not easy to extend
The problem of;Due to can be managed in cloud platform to AP, the parameter by configuring different cloud platforms can be to being managed
AP quantity is extended, and also may be implemented to be extended the function of AC.
In addition, being set due to without additional configuration AC equipment it is therefore not necessary to purchase the hardware such as a large amount of servers, disk array
It is standby, it can simplify system structure.
Each technical characteristic of embodiment described above can be combined arbitrarily, for simplicity of description, not to above-mentioned reality
It applies all possible combination of each technical characteristic in example to be all described, as long as however, the combination of these technical characteristics is not deposited
In contradiction, all should be considered as described in this specification.
The embodiments described above only express several embodiments of the present invention, and the description thereof is more specific and detailed, but simultaneously
It cannot therefore be construed as limiting the scope of the patent.It should be pointed out that coming for those of ordinary skill in the art
It says, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to protection of the invention
Range.Therefore, the scope of protection of the patent of the invention shall be subject to the appended claims.
Claims (7)
1. a kind of wireless local area network management system based on cloud, which is characterized in that be used in cloud platform, the system packet
It includes:
Web service module, for obtaining the wireless parameter of target access;And the wireless parameter is passed through into common gateway interface
CGI is sent to preset configuration service module;
The configuration service module, the wireless parameter sent for receiving the Web service module;To the wireless parameter
Carry out data check;The wireless parameter is sent to Capwap service mould in the data check success to the wireless parameter
Block;
The Capwap service module, the wireless parameter sent for receiving the configuration service module, according to the wireless ginseng
Number carries out radio configuration, and radio configuration result is packaged into the Capwap agreement of standard;By the radio configuration result after encapsulation
It is sent to the target access, so that the target access verifies the radio configuration result, and verification is tied
Fruit is sent to the Capwap service module;
The Capwap service module, is also used to receive and show the check results of the target access.
2. system according to claim 1, which is characterized in that the system also includes:
Web authentication module, the access request sent for receiving the target access, the access request were used for for user's end
It terminates into the target access;The user terminal is authenticated according to the access request;Authentication result is sent to
The target access, so that the target access allows the user terminal access internet, alternatively, forbidding the user
Terminal access internet.
3. system according to claim 2, which is characterized in that the web authentication module is used for:
It is serviced by Portal to the user terminal pushing certification page according to the access request, the certification page is used for
The user terminal is prompted to input information to be certified;
The information to be certified is authenticated by Radius service.
4. system according to claim 2, which is characterized in that the web authentication module is also used to: whole in the user
After terminating the target access, charge on traffic is carried out to the user terminal by Radius service.
5. system according to any one of claims 1 to 4, which is characterized in that the system also includes Monitor guard into
Journey is used for:
Each service processes in the system are monitored;
In presence service process exception, the service processes being abnormal are restored.
6. system according to any one of claims 1 to 4, which is characterized in that the system also includes logger modules, use
In:
Record the operational process and operating status of the system.
7. system according to any one of claims 1 to 4, which is characterized in that the configuration service module is also used to:
The management data of the system are stored to presetting database;
The management data include following at least one of several:
The relevant information of the target access managed, comprising: model, MAC Address, IP address, the name of the target access
Title, geographical location and radio configuration parameters;
The relevant information of the user terminal accessed, comprising: the type of the user terminal, MAC Address, IP address, certification shape
State, the topological relation with the target access;
Statistical information, comprising: online user number, certification number of users and/or traffic statistics value;
The own configuration information of the system, comprising: registered account and password and/or the radio configuration module created.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910480564.2A CN110138622B (en) | 2019-06-04 | 2019-06-04 | Wireless local area network management system based on cloud technology |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910480564.2A CN110138622B (en) | 2019-06-04 | 2019-06-04 | Wireless local area network management system based on cloud technology |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110138622A true CN110138622A (en) | 2019-08-16 |
CN110138622B CN110138622B (en) | 2022-05-27 |
Family
ID=67579991
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910480564.2A Active CN110138622B (en) | 2019-06-04 | 2019-06-04 | Wireless local area network management system based on cloud technology |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110138622B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114222321A (en) * | 2021-12-31 | 2022-03-22 | 山东有人物联网股份有限公司 | Access control system and method of wireless network |
CN115562738A (en) * | 2022-11-14 | 2023-01-03 | 苏州浪潮智能科技有限公司 | Port configuration method, component and hard disk expansion device |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080072047A1 (en) * | 2006-09-20 | 2008-03-20 | Futurewei Technologies, Inc. | Method and system for capwap intra-domain authentication using 802.11r |
CN101247295A (en) * | 2007-02-13 | 2008-08-20 | 华为技术有限公司 | Method and device for acquiring access controller information in wireless local area network |
CN101695168A (en) * | 2009-10-16 | 2010-04-14 | 苏州汉明科技有限公司 | Measurement method of transmission performance between wireless access controller and wireless access point |
CN102291750A (en) * | 2011-09-20 | 2011-12-21 | 华为技术有限公司 | Checking method and device for network configuration parameters |
CN103369529A (en) * | 2013-07-09 | 2013-10-23 | 福建星网锐捷网络有限公司 | Identity authentication method, access point (AP) and access controller (AC) |
CN104125662A (en) * | 2014-08-11 | 2014-10-29 | 醴陵恒茂电子科技有限公司 | Wireless access point centralized management device and method |
CN106162639A (en) * | 2015-11-25 | 2016-11-23 | 北京邮电大学 | SDN wireless network management platform based on Floodlight and authentication method |
-
2019
- 2019-06-04 CN CN201910480564.2A patent/CN110138622B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080072047A1 (en) * | 2006-09-20 | 2008-03-20 | Futurewei Technologies, Inc. | Method and system for capwap intra-domain authentication using 802.11r |
CN101247295A (en) * | 2007-02-13 | 2008-08-20 | 华为技术有限公司 | Method and device for acquiring access controller information in wireless local area network |
CN101695168A (en) * | 2009-10-16 | 2010-04-14 | 苏州汉明科技有限公司 | Measurement method of transmission performance between wireless access controller and wireless access point |
CN102291750A (en) * | 2011-09-20 | 2011-12-21 | 华为技术有限公司 | Checking method and device for network configuration parameters |
CN103369529A (en) * | 2013-07-09 | 2013-10-23 | 福建星网锐捷网络有限公司 | Identity authentication method, access point (AP) and access controller (AC) |
CN104125662A (en) * | 2014-08-11 | 2014-10-29 | 醴陵恒茂电子科技有限公司 | Wireless access point centralized management device and method |
CN106162639A (en) * | 2015-11-25 | 2016-11-23 | 北京邮电大学 | SDN wireless network management platform based on Floodlight and authentication method |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114222321A (en) * | 2021-12-31 | 2022-03-22 | 山东有人物联网股份有限公司 | Access control system and method of wireless network |
CN114222321B (en) * | 2021-12-31 | 2024-01-12 | 山东有人物联网股份有限公司 | Access control system and method for wireless network |
CN115562738A (en) * | 2022-11-14 | 2023-01-03 | 苏州浪潮智能科技有限公司 | Port configuration method, component and hard disk expansion device |
CN115562738B (en) * | 2022-11-14 | 2023-03-10 | 苏州浪潮智能科技有限公司 | Port configuration method, component and hard disk expansion device |
Also Published As
Publication number | Publication date |
---|---|
CN110138622B (en) | 2022-05-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9125055B1 (en) | Systems and methods for authenticating users accessing unsecured WiFi access points | |
CN109286932A (en) | Networking authentication method, apparatus and system | |
CN101730105A (en) | Method and device for controlling user quantity connected to operational processor (AP) | |
EP3906652A1 (en) | Protecting a telecommunications network using network components as blockchain nodes | |
CN103716795A (en) | Wireless network safe access method, apparatus and system | |
CN108900484B (en) | Access right information generation method and device | |
CN103957566A (en) | Bandwidth control method and bandwidth control equipment | |
CN104581875B (en) | Femto cell cut-in method and system | |
CN113206814B (en) | Network event processing method and device and readable storage medium | |
CN102857388A (en) | Cloud detection safety management auditing system | |
CN106792684B (en) | Multi-protection wireless network safety protection system and protection method | |
CN103916853A (en) | Control method for access node in wireless local-area network and communication system | |
CN110401951B (en) | Method, device and system for authenticating terminal in wireless local area network | |
CN110138622A (en) | Wireless local area network management system based on cloud | |
CN113194476B (en) | Equipment activation and authentication binding method | |
CN103905236A (en) | Terminal positioning method, system and device | |
CN111614686A (en) | Key management method, controller and system | |
CN107659935A (en) | A kind of authentication method, certificate server, network management system and Verification System | |
CN114697963A (en) | Terminal identity authentication method and device, computer equipment and storage medium | |
CN106657154A (en) | Wireless access method and system, WiFi platform and operator number taking platform | |
CN103475491A (en) | Remote maintenance system which is logged in to safely without code and achieving method | |
CN105871851B (en) | Based on SaaS identity identifying method | |
WO2020188988A1 (en) | Control device, wireless communication system, control method, and recording medium in which program is recorded | |
CN105376074B (en) | The startup of client computer, timing control method and system in a kind of LAN | |
CN109756899B (en) | Network connection method, device, computer equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |