mikrotik hotspot 2.0 (ieee 802.11u) - mum jakarta 2016

MikroTikHotspot 2.0 / IEEE 802.11u

Rofiq FauziJakarta, Oct 13, 2016

1

ID-NETWORKERS | www.trainingmikrotik.com

ABOUT ROFIQ FAUZI

ID-NETWORKERS | www.trainingmikrotik.com

CONSULTANT

CERTIFIED TRAINER

http://www.mikrotik.com/consultants/asia/indonesia

• MTCNA, MTC(all)E• More than 10 year in Telco and Internet Industries• Consultant & MikroTik Certified Trainer at ID-Networkers• Deliver consultant service and training in Asia Pacific (Malaysia,

Philippine, India, Thailand, Nepal and Cambodia)• Co founder IDNFoundation.org

http://www.mikrotik.com/training/partners/asia/indonesia

2

ABOUT id-networkers

ID-NETWORKERS | www.trainingmikrotik.com

Website

Email

http://www.idn.id

info@idn.id

3

MTCINE BOOTCAMP

ABOUT idNfoundation.org

ID-NETWORKERS | www.trainingmikrotik.com

4

• NGO as Yayasan IDN – Kemenkumham No. AHU – 0025185.AH .01.04 tahun 2016

• Program• Sekolah IT gratis SD s/d SMP (Super Human Project) –

first time• Pesantren Networking (program pelatihan gratis lulusan

SMK 1 tahun) angkatan ke-4• Pelatihan gratis untuk guru-guru SMK TKJ – since 2014• SMK Madinatul Quran – since 2014

SUPER HUMAN PROJECT

ID-NETWORKERS | www.trainingmikrotik.com

5

EATPRAY

CODING

SUPER HUMAN PROJECT

ID-NETWORKERS | www.trainingmikrotik.com

6

EATPRAY

CODING

SUPER HUMAN PROJECT

ID-NETWORKERS | www.trainingmikrotik.com

7

EATPRAY

CODING

SUPER HUMAN PROJECT

ID-NETWORKERS | www.trainingmikrotik.com

8

LEARNENGLISH

EATPRAY

CODING

SUPER HUMAN PROJECT

ID-NETWORKERS | www.trainingmikrotik.com

9

PLAYINGJ

TOPIC BACKGROUND

10

TECHNOLOGY TREND

ID-NETWORKERS | www.trainingmikrotik.com

Source:ericsson.com

Which one you want to be?

JUST WATCHER

PLAYERor

11

ID-NETWORKERS | www.trainingmikrotik.com

12

Internet Expected Everywhere

Internet Expected Everywhere

ID-NETWORKERS | www.trainingmikrotik.com

13

ID-NETWORKERS | www.trainingmikrotik.com

14

-

1,000

2,000

3,000

4,000

5,000

6,000

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

Mill

ions

of d

evic

es in

use

Smartphones

Tablets

Laptops

Desktops

Source : ruckuswireless.com

MARKET OF WIFI DEVICES

Why can't connecting to a Wi-Fi network be as easy as connecting to a cellular network?

15

ID-NETWORKERS | www.trainingmikrotik.com

16

• Also called hotspot 2.0 (HS2.0)• 802.11u is an amendment to the IEEE 802.11

standard to add features that improveinterworking with external networks

• 802.11u enables cellular-like roaming amongwireless networks

802.11u summary

HS2.0

ID-NETWORKERS | www.trainingmikrotik.com

17

TODAY TOMORROW

• Connecting to a Wi-Fi hotspot is completely manual

• Login process tedious, error prone• No consistent roaming between networks• Many steps to gain Internet access• Carriers lose opportunity for their roaming

polices to affect network selection

• Device and network negotiate capabilities• Device auto selects Wi-Fi network• Users do nothing• Policies pushed to phone• New revenue source for carriers• Carriers gain opportunity for their roaming

polices to affect network selection

Source: John Lombardi, ruckuswireless.com

NEXT GENERATION of wifi

ID-NETWORKERS | www.trainingmikrotik.com

18

Organization Initiative Details

IEEE 802.11u 802.11u amendment to 802.11 standard publishedin February 2011

Wi-Fi Alliance Hotspot 2.0Technical program and specification that definestechnical requirements for PasspointTM

interoperability certificationWireless Broadband Alliance

Next Generation Hotspot

End-to-end roaming trials establish commoncommercial framework for interoperability acrossnetworks and devices

Who doing what?

HS2.0

ID-NETWORKERS | www.trainingmikrotik.com

19

Legacy DeviceManual Setup1. Power-on or unlock the phone2. Select Wi-Fi network3. Go to Web-auth4. Browse webpage and enter right credential,

usually ID/PWD5. Choose roaming plan6. Start Internet

Source: John Lombardi, ruckuswireless.com

802.11uAutomatic Setup1. Power-on or unlock the phone2. Handset automatically validates network and

initiates connection

Yes! Here it is:Realm: provider.comEAP Method = EAP-SIM

Can you tell me your network info?

Before I associate?

HOW IT WORK

ID-NETWORKERS | www.trainingmikrotik.com

20

Venue Owner UserProvider

RoamingAgreement

Pay as usage

Leasing fee

HOW IT WORK

Hotspot 2.0 Components

ID-NETWORKERS | www.trainingmikrotik.com

21

Local AAAOSU,CA Server

Hotspot 2.0Access Point

Remote AAA Servers, HLR/HSS, Subscriber

Mgmt Systems, and OSU Servers

RoomingHubs

Wi-Fi Operator

Credential and eap method in Hotspot 2.0

ID-NETWORKERS | www.trainingmikrotik.com

22

Source: http://www.hotspot2experience.com/

Credential EAP Method

Username / Password EAP-TTLS + MS-CHAPv2

Certificate EAP-TLS

(u)SIM EAP-SIM, AKA

*EAP : Extensible Authentication Protocol

802.11u Devices

ID-NETWORKERS | www.trainingmikrotik.com

23

List of all eligible NGH Hotspot 2.0 devicesü Samsung with Android version 4.2.2, 4.3 or 4.4, 5.0+

• Galaxy S6 & S7 Edge/Edge+• Galaxy S4, S5, S6• Galaxy Note 3, 4, 5• Galaxy Note 10.1, Pro 12.2• Galaxy Tab Pro 8.4, 10.1• Galaxy Mega 5.8/6.3

ü Apple iOS devices with version 7, 8 or 9• iPhone 6, 6S, 6 Plus, 6S Plus• iPhone 5, 5c and 5s• iPad 4th generation• iPad Mini, all versions• iPad Air and Pro, all versions Source: http://www.hotspot2experience.com/

Does mikrotik support hotspot 2.0 technology?

24

Technology Trend

ID-NETWORKERS | www.trainingmikrotik.com

25

https://www.google.com/trends/explore#q=mikrotik

Perc

enta

ge

Date

0

20

40

60

80

100

120

2004

-01

2004

-05

2004

-09

2005

-01

2005

-05

2005

-09

2006

-01

2006

-05

2006

-09

2007

-01

2007

-05

2007

-09

2008

-01

2008

-05

2008

-09

2009

-01

2009

-05

2009

-09

2010

-01

2010

-05

2010

-09

2011

-01

2011

-05

2011

-09

2012

-01

2012

-05

2012

-09

2013

-01

2013

-05

2013

-09

2014

-01

2014

-05

2014

-09

2015

-01

2015

-05

2015

-09

2016

-01

2016

-05

2016

-09

0

20

40

60

80

100

120

2004

-01

2004

-06

2004

-11

2005

-04

2005

-09

2006

-02

2006

-07

2006

-12

2007

-05

2007

-10

2008

-03

2008

-08

2009

-01

2009

-06

2009

-11

2010

-04

2010

-09

2011

-02

2011

-07

2011

-12

2012

-05

2012

-10

2013

-03

2013

-08

2014

-01

2014

-06

2014

-11

2015

-04

2015

-09

2016

-02

2016

-07

Technology Trend

ID-NETWORKERS | www.trainingmikrotik.com

26

https://www.google.com/trends/explore#q=*****

Perc

enta

ge

Date

LAB DEMO

27

Lab Topology

ID-NETWORKERS | www.trainingmikrotik.com

28

802.11SSID “hotspot-2.0”

802.11uSSID “World WiFi Day Hotspot 2.0 Profile”

InternetSingle AP

Lab Scenario

ID-NETWORKERS | www.trainingmikrotik.com

29

• With regard to the limited of time and devices,In this lab we will only test some feature /function of hotspot 2.0 in MikroTik RouterOS

• We will prove that with hotspot 2.0 we canconnect with 2 different technology look like 2different SSID in single wireless interface

• We will only use eap-tls credential type usingwireless profile pre-installed in user device.

MikroTik Configuration

ID-NETWORKERS | www.trainingmikrotik.com

ü The hidden menu of wireless interworking-profile

ü Accessible only from command-lineü There is no clue in any mikrotik documentation (wiki, forum, tiktube,

mum presentation, etc)ü Thanks to Uldis for the little bit clue

30

MikroTik Configuration

ID-NETWORKERS | www.trainingmikrotik.com

31

Try to solve the puzzle

MikroTik Configuration

ID-NETWORKERS | www.trainingmikrotik.com

ü Set interface wlan as AP with no security profile./interface wirelessset 0 mode=ap-bridge ssid=hotspot-2.0

ü Create wlan interworking profile (the hidden menu)/interface wireless interworking-profilesadd name=prof1 domain-names=odyssys.net operator-names=“World WiFi Day Hotspot 2.0 Profile”

ü Assign interworking profile to wlan/interface wirelessset 0 interworking-profile=prof1

32

Gadget (iPHONE) Configuration

ID-NETWORKERS | www.trainingmikrotik.com

ü Go to https://osu.odyssys.net and download and install Passpoint Hotspot 2.0 profile

33

MAC OSX Configuration

ID-NETWORKERS | www.trainingmikrotik.com

ü Go to https://osu.odyssys.net and download and install Passpoint Hotspot 2.0 profile

34

IPHONE SELECT SSID

ID-NETWORKERS | www.trainingmikrotik.com

35

802.

11

802.

11u

MAC OSX SELECT SSID

ID-NETWORKERS | www.trainingmikrotik.com

36

802.

11

802.

11u

Unsupported device SELECT SSID

ID-NETWORKERS | www.trainingmikrotik.com

37

802.

11

802.

11u

CONCLUSION

38

CONCLUTIONS

ID-NETWORKERS | www.trainingmikrotik.com

üHotspot 2.0 improve user experience whenconnecting to Wi-Fi networks.

üHotspot 2.0 promise to make connecting to Wi-Fiservices as easy, seamless and secure astoday's 3G cellular experience

üWe hope that MikroTik will develop and supporthotspot 2.0 technology.

39

“If you cannot survive in the tired of learning, then you will be suffering by the pain of stupidity” (Imam Syafi’i)

THANK YOUFOR YOUR TIME

If you have any other questions or would like me to clarify anything else, please, let me know. I am always glad to help in any way I can

Jakarta & Semarang, Indonesiawww.trainingmikrotik.comrofiq@idn.id+62 8156583545@mymikrotikwww.facebook.com/ropix

ADDRESS:

WEBSITE:

EMAIL:TELEPHONE:

id.linkedin.com/in/ropix/rofiq.fauzi

CONTACT

ID-NETWORKERS | www.trainingmikrotik.com

40