Authentication of customers

Splynx supports different ways of customers' central authentication within the network of Internet providers. It always depends on the topology of the ISP and the technology that the ISP decides to use. Access technologies are widely used and their advantages and disadvantages are described below:

  • PPPoE - easy to maintain and implement. Customer sets up username and password on the CPE device, and all networking settings received by the CPE comes from the PPPoE NAS (Network Access Server). It also provides encryption if needed and accounting for getting usage statistics. It had issues with MTU in past, but in the last few years these issues were fixed by main vendors.

  • IPoE (or DHCP) - DHCP is based on the MAC address of the client. It can also be linked to a port of the switch where the customer is connected (DHCP option 82). Several vendors do not provide accounting capabilities (Mikrotik routers).

  • Wireless Authentication - when ISPs have a wireless network, they need to maintain access of CPE devices to their Access Points. For this purpose several wireless authentication methods are used, such as a password inside TDMA protocols or wireless access-lists.

  • Hotspot - customers have to enter their usernames and passwords on a webpage before using the Internet. Many hotspot networks allow free limited access and then charge customers for additional usage or advanced plans.

  • Static IP addressing - some ISPs do not have central management of authentication and setup static IP addresses to CPE devices. With the Mikrotik RouterOS platform, Splynx can manage even customers who has static IP's in Vlan per customer scenario or plain IPv4 connection. Also, Splynx can grab statistics from Mikrotik routers for such customers.

Below are manuals for different types of user authentication in Splynx ISP Framework: