mikrotik hotspot 2.0 (ieee 802.11u) - mum jakarta 2016

MikroTikHotspot 2.0 / IEEE 802.11u

Rofiq FauziJakarta, Oct 13, 2016

1

ID-NETWORKERS | www.trainingmikrotik.com

ABOUT ROFIQ FAUZI


CONSULTANT

CERTIFIED TRAINER

http://www.mikrotik.com/consultants/asia/indonesia

• MTCNA, MTC(all)E• More than 10 year in Telco and Internet Industries• Consultant & MikroTik Certified Trainer at ID-Networkers• Deliver consultant service and training in Asia Pacific (Malaysia,

Philippine, India, Thailand, Nepal and Cambodia)• Co founder IDNFoundation.org

http://www.mikrotik.com/training/partners/asia/indonesia

2

ABOUT id-networkers


Website

Email

http://www.idn.id

[email protected]

3

MTCINE BOOTCAMP

ABOUT idNfoundation.org


4

• NGO as Yayasan IDN – Kemenkumham No. AHU – 0025185.AH .01.04 tahun 2016

• Program• Sekolah IT gratis SD s/d SMP (Super Human Project) –

first time• Pesantren Networking (program pelatihan gratis lulusan

SMK 1 tahun) angkatan ke-4• Pelatihan gratis untuk guru-guru SMK TKJ – since 2014• SMK Madinatul Quran – since 2014

SUPER HUMAN PROJECT


5

EATPRAY

CODING

SUPER HUMAN PROJECT


6

EATPRAY

CODING

SUPER HUMAN PROJECT


7

EATPRAY

CODING

SUPER HUMAN PROJECT


8

LEARNENGLISH

EATPRAY

CODING

SUPER HUMAN PROJECT


9

PLAYINGJ

TOPIC BACKGROUND

10

TECHNOLOGY TREND


Source:ericsson.com

Which one you want to be?

JUST WATCHER

PLAYERor

11


12

Internet Expected Everywhere

Internet Expected Everywhere


13


14

-

1,000

2,000

3,000

4,000

5,000

6,000

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

Mill

ions

of d

evic

es in

use

Smartphones

Tablets

Laptops

Desktops

Source : ruckuswireless.com

MARKET OF WIFI DEVICES

Why can't connecting to a Wi-Fi network be as easy as connecting to a cellular network?

15


16

• Also called hotspot 2.0 (HS2.0)• 802.11u is an amendment to the IEEE 802.11

standard to add features that improveinterworking with external networks

• 802.11u enables cellular-like roaming amongwireless networks

802.11u summary

HS2.0


17

TODAY TOMORROW

• Connecting to a Wi-Fi hotspot is completely manual

• Login process tedious, error prone• No consistent roaming between networks• Many steps to gain Internet access• Carriers lose opportunity for their roaming

polices to affect network selection

• Device and network negotiate capabilities• Device auto selects Wi-Fi network• Users do nothing• Policies pushed to phone• New revenue source for carriers• Carriers gain opportunity for their roaming

polices to affect network selection

Source: John Lombardi, ruckuswireless.com

NEXT GENERATION of wifi


18

Organization Initiative Details

IEEE 802.11u 802.11u amendment to 802.11 standard publishedin February 2011

Wi-Fi Alliance Hotspot 2.0Technical program and specification that definestechnical requirements for PasspointTM

interoperability certificationWireless Broadband Alliance

Next Generation Hotspot

End-to-end roaming trials establish commoncommercial framework for interoperability acrossnetworks and devices

Who doing what?

HS2.0


19

Legacy DeviceManual Setup1. Power-on or unlock the phone2. Select Wi-Fi network3. Go to Web-auth4. Browse webpage and enter right credential,

usually ID/PWD5. Choose roaming plan6. Start Internet

Source: John Lombardi, ruckuswireless.com

802.11uAutomatic Setup1. Power-on or unlock the phone2. Handset automatically validates network and

initiates connection

Yes! Here it is:Realm: provider.comEAP Method = EAP-SIM

Can you tell me your network info?

Before I associate?

HOW IT WORK


20

Venue Owner UserProvider

RoamingAgreement

Pay as usage

Leasing fee

HOW IT WORK

Hotspot 2.0 Components


21

Local AAAOSU,CA Server

Hotspot 2.0Access Point

Remote AAA Servers, HLR/HSS, Subscriber

Mgmt Systems, and OSU Servers

RoomingHubs

Wi-Fi Operator

Credential and eap method in Hotspot 2.0


22

Source: http://www.hotspot2experience.com/

Credential EAP Method

Username / Password EAP-TTLS + MS-CHAPv2

Certificate EAP-TLS

(u)SIM EAP-SIM, AKA

*EAP : Extensible Authentication Protocol

802.11u Devices


23

List of all eligible NGH Hotspot 2.0 devicesü Samsung with Android version 4.2.2, 4.3 or 4.4, 5.0+

• Galaxy S6 & S7 Edge/Edge+• Galaxy S4, S5, S6• Galaxy Note 3, 4, 5• Galaxy Note 10.1, Pro 12.2• Galaxy Tab Pro 8.4, 10.1• Galaxy Mega 5.8/6.3

ü Apple iOS devices with version 7, 8 or 9• iPhone 6, 6S, 6 Plus, 6S Plus• iPhone 5, 5c and 5s• iPad 4th generation• iPad Mini, all versions• iPad Air and Pro, all versions Source: http://www.hotspot2experience.com/

Does mikrotik support hotspot 2.0 technology?

24

Technology Trend


25

https://www.google.com/trends/explore#q=mikrotik

Perc

enta

ge

Date

0

20

40

60

80

100

120

2004

-01

2004

-05

2004

-09

2005

-01

2005

-05

2005

-09

2006

-01

2006

-05

2006

-09

2007

-01

2007

-05

2007

-09

2008

-01

2008

-05

2008

-09

2009

-01

2009

-05

2009

-09

2010

-01

2010

-05

2010

-09

2011

-01

2011

-05

2011

-09

2012

-01

2012

-05

2012

-09

2013

-01

2013

-05

2013

-09

2014

-01

2014

-05

2014

-09

2015

-01

2015

-05

2015

-09

2016

-01

2016

-05

2016

-09

0

20

40

60

80

100

120

2004

-01

2004

-06

2004

-11

2005

-04

2005

-09

2006

-02

2006

-07

2006

-12

2007

-05

2007

-10

2008

-03

2008

-08

2009

-01

2009

-06

2009

-11

2010

-04

2010

-09

2011

-02

2011

-07

2011

-12

2012

-05

2012

-10

2013

-03

2013

-08

2014

-01

2014

-06

2014

-11

2015

-04

2015

-09

2016

-02

2016

-07

Technology Trend


26

https://www.google.com/trends/explore#q=*****

Perc

enta

ge

Date

LAB DEMO

27

Lab Topology


28

802.11SSID “hotspot-2.0”

802.11uSSID “World WiFi Day Hotspot 2.0 Profile”

InternetSingle AP

Lab Scenario


29

• With regard to the limited of time and devices,In this lab we will only test some feature /function of hotspot 2.0 in MikroTik RouterOS

• We will prove that with hotspot 2.0 we canconnect with 2 different technology look like 2different SSID in single wireless interface

• We will only use eap-tls credential type usingwireless profile pre-installed in user device.

MikroTik Configuration


ü The hidden menu of wireless interworking-profile

ü Accessible only from command-lineü There is no clue in any mikrotik documentation (wiki, forum, tiktube,

mum presentation, etc)ü Thanks to Uldis for the little bit clue

30



31

Try to solve the puzzle



ü Set interface wlan as AP with no security profile./interface wirelessset 0 mode=ap-bridge ssid=hotspot-2.0

ü Create wlan interworking profile (the hidden menu)/interface wireless interworking-profilesadd name=prof1 domain-names=odyssys.net operator-names=“World WiFi Day Hotspot 2.0 Profile”

ü Assign interworking profile to wlan/interface wirelessset 0 interworking-profile=prof1

32

Gadget (iPHONE) Configuration


ü Go to https://osu.odyssys.net and download and install Passpoint Hotspot 2.0 profile

33

MAC OSX Configuration


ü Go to https://osu.odyssys.net and download and install Passpoint Hotspot 2.0 profile

34

IPHONE SELECT SSID


35

802.

11

802.

11u

MAC OSX SELECT SSID


36

802.

11

802.

11u

Unsupported device SELECT SSID


37

802.

11

802.

11u

CONCLUSION

38

CONCLUTIONS


üHotspot 2.0 improve user experience whenconnecting to Wi-Fi networks.

üHotspot 2.0 promise to make connecting to Wi-Fiservices as easy, seamless and secure astoday's 3G cellular experience

üWe hope that MikroTik will develop and supporthotspot 2.0 technology.

39

“If you cannot survive in the tired of learning, then you will be suffering by the pain of stupidity” (Imam Syafi’i)

THANK YOUFOR YOUR TIME

If you have any other questions or would like me to clarify anything else, please, let me know. I am always glad to help in any way I can

Jakarta & Semarang, [email protected]+62 [email protected]/ropix

ADDRESS:

WEBSITE:

EMAIL:TELEPHONE:

id.linkedin.com/in/ropix/rofiq.fauzi

CONTACT


40

mikrotik hotspot 2.0 (ieee 802.11u) - mum jakarta 2016

Engineering