ALEPO VNPT

WIFI POC
PROPOSAL

For inquiries, please contact:

Alepo Presales

Copyright © 2018

Alepo
Alepo Wi-Fi POC Document | 2

Contents
Introduction .................................................................................................................................................. 4
Document Purpose ................................................................................................................................... 4
Alepo POC Purpose ................................................................................................................................... 4
Products to Test ........................................................................................................................................ 4
Audience ................................................................................................................................................... 5
POC Schedule ................................................................................................................................................ 6
POC TIMELINE FOR aLEPO SOLUTION IN CLOUD SETUP ........................................................................... 6
POC TIMELINE FOR aLEPO SOLUTION IN VNPT DATACENTRE ................... Error! Bookmark not defined.
POC Assumptions & Equipment List ............................................................................................................. 8
POC Assumptions ...................................................................................................................................... 8
POC Equipment List................................................................................................................................... 9
POC Architecture......................................................................................................................................... 10
POC Architecture for ALEPO SOLUTION Depolyed On Public Cloud ....................................................... 10
POC Architecture for ALEPO SOLUTION Deployed In VNPT Datacentre.... Error! Bookmark not defined.
POC Solution Information ........................................................................................................................... 13
Altai Access Controller ............................................................................................................................ 13
Alepo SMP and AAA ................................................................................................................................ 13
VNPT Ericssion AAA ................................................................................................................................. 13
VNPT Juniper AAA ................................................................................................................................... 14
VNPT SMSC.............................................................................................................................................. 14
PORTAL Based Business Use Case ............................................................................................................... 15
Use Case 1: Free Wi-Fi access AFter watching promotional video ......................................................... 15
Use Case 2: Paid Wi-Fi access via Voucher ............................................................................................. 16
Use Case 3: User registration using Mobile number and OTP ................................................................ 16
Use Case 4: online WiFi Pack purchase via payment gateway .................. Error! Bookmark not defined.
Use Case 5: existing broadband user login on wifi network using broadband credential ..................... 17
Offload Business Use Case .......................................................................................................................... 19

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 3

Use Case 6: 3G and 4G User offload to wifi network.............................................................................. 19

Appendix A .................................................................................................................................................. 23
Sign Off ........................................................................................................................................................ 24
About Alepo ................................................................................................................................................ 25

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 4

Introduction
The objective of this document is to describe the Proof of Concept (POC) architecture & functionalities
for Alepo Wi-Fi solutions. This POC will be performed with WiFi AP and Access Controller.

DOCUMENT PURPOSE
This document outlines the test plan for POC between Alepo and WiFi Access Network.

ALEPO POC PURPOSE

The main purpose of any POC exercise is to establish interoperability between the applications that are
going to be eventually integrate with each other for the project in discussion. A POC is also an opportunity
for our customers to get handson experience on our solution to understand the capability, flexibility and
ease of use. Alepo is therefore very committed and serious abour POC execution. Hence, this document
outlines scope of the POC in terms of key use cases that will be demonstrated with main focus on
interoperability.

A POC exercise has some hard costs involved, like installation of private/public cloud or even on customer
premises, configuration as per POC scope, integration related development (if any identified & approved)
and dedicated testing and co-ordination for POC execution. While Alepo is committed to do all of these,
we also expect the same level of committment from our customers and partners so that we always have
success at the end of the POC exercise.

PRODUCTS TO TEST

Alepo
Product name Wi-Fi Monetization & Offload
Product type Carrier Wi-Fi

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 5

Product version / build number 2.3.4

Altai
Product name Access Point
Product type Indoor
Product version / build number A2c Indoor Dual-band 2x2 802.11ac
Model Number A2-2221-000

Product name Access Point

Product type Outdoor
Product version / build number A3-Ei Dual-band 3x3 802.11ac
Model Number WA3311NAC-E

Product name Access Controller

Product type Cloud Based
Product version / build number AC 200

AUDIENCE

• Alepo Technical Team

• VNPT Technical Team

• Altai Technical Team

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 6

POC Schedule

POC TIMELINE FOR ALEPO SOLUTION IN CLOUD

SETUP

Task Timeline Responsibility

Altai Access Point Material arrival at 11th June ,2018 Altai Team
VNPT Location

Connectivity to Altai Team for AP 12th June,2018 to 13th Altai and VNPT Team
management and configuration June,2018

Altai AP and AC Installation and 14th June,2018 to 18th Altai and VNPT Team
Commissioning on VNPT Premise and June,2018
cloud

Integration of Altai Access Network and 19th June,2018 to 20th Altai and Alepo Team
Alepo WiFi Cloud Platform June,2018

VNPT to setup site to site VPN to allows 10th June ,2018 VNPT Team
access to Alepo cloud platform to VNPT
mobile AAA, broadband AAA and SMSC

Integration of VNPT Network Nodes – 11st June,2018 to 26st VNPT Team and Alepo
Mobile AAA. Broadband AAA and SMSC June,2018
and Alepo WiFi Cloud Platform

WiFi Monetisation Use Case Testing with 27th June,2018 to 2nd Altai, Alepo and VNPT Team
VNPT Team July,2018

WiFi Offload Testing with VNPT Team 3rd July,2018 to 5th Altai, Alepo and VNPT Team
July,2018
POC Acceptance and Sign Off 6th July,2018 Altai, Alepo and VNPT Team

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 7

Note: The exact timeline will be determined only after the material arrive on location and timeline can
vary based upon resource availability along with other factors that will only be known at the time of
actual POC setup installation.

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 8

POC Assumptions & Equipment

List

POC ASSUMPTIONS
1. Altai and Alepo POC System will be supporting 10 Concurrent Users for POC.
2. Single test user able to access internet with 6Mbps internet throughput.
3. Altai AC will be deployed in Altai HK Office will use the limited internet bandwidth for APs
management and provide internet to test users, so the testing will be limited to portal and
offload-based use cases and not for AP performance test.
4. Alepo Solution will be deployed in cloud network for demonstrating functionality as agreed in
the POC proposal.
5. Delivery of SMS to VNPT mobile number will be taken care by VNPT SMSC.
6. Alepo SMP will not be integrate with VNPT Prepaid Billing Platform for online charging, VNPT
Scratch Card for recharge the mobile balance, MY VNPT Application to purchase the pack and
Mobile Number Validation system to validate VNPT mobile number
7. In case VNPT Mobile AAA is not available for POC testing, Alepo will use its HSS and HLR simulator
for offload testing.
8. In case VNPT broadband AAA is not available for POC testing, Alepo will use its AAA for POC test
9. In case VNPT SMSC is not available for POC testing, Alepo will use dummy SMS gateway to show
sending OTP to Indian mobile number.

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 9

POC EQUIPMENT LIST

Altai Equipment to be shipped to Hanoi

Alepo & Altai equipment installed in respective data centers

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 10

POC Architecture
Alepo propose the below options to VNPT for Alepo solution deployment for POC.

POC ARCHITECTURE FOR ALEPO SOLUTION

DEPOLYED AT ALEPO DATA CENTER
Below POC architecture include Alepo and Altai systems deployed on cloud integrate with VNPT systems
over site to site VPN.

Alepo AAA proxy RADIUS authentication requests to VNPT Mobile AAA for authenticating 3G and 4G
offload users

Alepo AAA proxy RADIUS authentication requests to VNPT broadband AAA for authenticating broadband
users

Alepo SMP platform integrates with VNPT SMSC for sending SMS OTP over SMPP protocol.

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 11

Pre-requisites for POC

1. VNPT has to setup the VPN connectivity between Alepo System and VNPT Network Nodes
a. Alepo AAA and VNPT mobile AAA
b. Alepo AAA and VNPT broadband AAA
c. Alepo SMP and VNPT SMSC.
2. VNPT needs to set up side to side VPN for above connectivity
a. Please refer the Appendix A for VPN Form which needs to be filled by VNPT Team for
setting up site to site VPN.
3. Firewall Rules needs to be setup between Alepo nodes and VNPT nodes as per the Firewall Rules
Section given below
4. VNPT must provide connectivity to Altai team for management of Altai AP located in Ha Noi
5. Alepo AAA will proxy radius authentication requests to VNPT mobile AAA server for offload 3G
and 4G mobile users. VNPT Mobile AAA needs to be integrate with VNPT HLR or VNPT HSS for
authenticating and send response to Alepo AAA.
6. Alepo AAA will proxy radius authentication requests to VNPT broadband AAA server for
broadband users. VNPT broadband AAA needs to authenticate broadband users and send
appropriate response to Alepo AAA.

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 12

Firewall Rules for Alepo Solution

Below is the list of firewall rules need to be open between Alepo cloud network and VNPT Core network

Source IP Address Target IP Address Port Type Responsibility

Connectivity between Altai and AP and Altai AC for managing AP configuration and data control
5246
IP of Altai AC IP of Altai AP TCP Altai and VNPT Team
5248
Access Controller Connectivity with Alepo SMP for Portal Redirection and with AAA for Authentication &
Accounting
2000
IP of Altai AC IP of Alepo SMP TCP Alepo and Altai Team
80
1812
1813
Altai AC Public IP IP of Alepo AAA 1645 UDP Altai and Alepo Team
1646
3799
Connectivity between Alepo AAA and VNPT Broadband AAA for broadband user credential validation
IP of VNPT broadband 1812 RADIUS/UDP
IP of Alepo AAA VNPT Team
AAA 1813 proxy
IP of VNPT broadband 1812 RADIUS/UDP
IP of Alepo AAA VNPT Team
AAA 1813 proxy
Connectivity between Alepo AAA and VNPT Mobile AAA for 3G and 4G users SIM details validation with HLR
and HSS respectively
1812 RADIUS/UDP
IP of Alepo AAA IP of VNPT mobile AAA VNPT Team
1813 proxy
1812 RADIUS/UDP
IP of VNPT mobile AAA IP of Alepo AAA VNPT Team
1813 proxy
Connectivity between Alepo SMP and VNPT SMSC to send the OTP SMS to VNPT mobile numbers
IP of Alepo SMP IP of VNPT SMSC 1775* SMPP VNPT Team

* We have mentioned standard SMPP port for Alepo SMP and VNPT SMSC Connectivity, same can be
modify as per VNPT requirement

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 13

POC Solution Information

Note: The below requested details to be shared before start of POC.

ALTAI ACCESS CONTROLLER

Access Controller IP Address TBD

Shared Secret
Public IP
Auth Port
Acct Port

ALEPO SMP AND AAA

Alepo AAA IP Address TBD

Shared Secret
Captive Portal Redirection URL

VNPT ERICSSION AAA

Ericssion AAA IP Address TBD

Shared Secret
Port

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 14

VNPT JUNIPER AAA

Juniper AAA IP Address TBD

Shared Secret
Port

VNPT SMSC

SMSC IP Address TBD

Port
SMPP Account details

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 15

PORTAL Based Business Use Case

USE CASE 1: FREE WI-FI ACCESS AFTER WATCHING

PROMOTIONAL VIDEO
Here the subscriber can avail free Wi-Fi by watching promotional video on the Captive Portal page.
In attempt to access the Wi-Fi network, the device is redirected to a captive portal, wherein the
subscriber watched the promotional video and access Wi-Fi service for stipulated time-period.

Step Test procedure Expected Resulted Actual Result

1. Subscriber powers on his Subscriber is Connected to Wi-Fi

device and connects to network.
POC SSID
2. Subscriber tries to access Subscriber redirected to Alepo captive
internet. portal wherein video will be played for
the subscriber to watch.
3. Subscriber watches the Subscriber gets access to the internet
promotional video and Time Ticker starts for the limited
free Wi-Fi access.

Status and comments

Test case status Relevant captures / comments
Pass/Fail/Conditional pass/Not performed

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 16

USE CASE 2: PAID WI-FI ACCESS VIA VOUCHER

Here the subscriber avails premium Wi-Fi service by purchasing a Wi-Fi voucher.
In attempt to access the Wi-Fi network, the device is redirected to a captive portal, wherein subscriber is
prompted to specify the purchased Wi-Fi voucher details

Step Test procedure Expected Resulted Actual Result

1. Subscriber powers on his Subscriber is Connected to Wi-Fi

device and connects to network.
POC SSID
2. Subscriber tries to access Subscriber redirected to Alepo captive
internet portal wherein the subscriber is
prompted to specify the voucher
details.
3. Subscriber specifies the Captive Portal validates the voucher
voucher details on the details and on successful validation, the
Portal page subscriber is registered in the Alepo
system.
4. Subscriber tries internet Subscriber gets access to the internet.
browsing

Status and comments

Test case status Relevant captures / comments
Pass/Fail/Conditional pass/Not performed

USE CASE 3: USER REGISTRATION USING MOBILE

NUMBER AND OTP
Here the subscriber can register on WiFi network using Mobile Number and OTP validation on the
Captive Portal page.

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 17

The user will be prompt to enter the mobile number to send OTP, Alepo platform will generates the
random OTP and submit the message to VNPT SMSC to deliver OTP to VNPT mobile number.

After entering the OTP on captive portal page, Alepo platform verifies the OTP and create the user in
AAA db and redirect the user to My Account page to display the package list to purchase.

Step Test procedure Expected Resulted Actual Result

1. Subscriber powers on his Subscriber is Connected to Wi-Fi

device and connects to network.
POC SSID
2. Subscriber tries to access Subscriber redirected to Alepo captive
internet. portal wherein user will be ask to enter
the mobile number to send OTP and
register on VNPT WIFI network
3. Subscriber enter the Subscriber get the OTP and enter on
mobile number and send captive portal page.
OTP
4. User redirect to My After validation of OTP, captive portal
Account page to redirect user to My Account Page to
purchase WiFi Pack purchase the pack to access internet

Status and comments

Test case status Relevant captures / comments
Pass/Fail/Conditional pass/Not performed

USE CASE 4: EXISTING BROADBAND USER LOGIN

ON WIFI NETWORK USING BROADBAND
CREDENTIAL
Alepo AAA will proxy the authentication request to VNPT broadband AAA to validate existing broadband
user credentials.

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 18

Here the existing broadband subscriber will login with broadband account user id and password on the
Captive Portal page. Alepo AAA will validate the broadband account username and password with VNPT
broadband AAA and on successful validation user will be allow to internet access.

Step Test procedure Expected Resulted Actual Result

1. Subscriber powers on his Subscriber is Connected to Wi-Fi

device and connects to network.
POC SSID
2. Subscriber tries to access Subscriber redirected to Alepo captive
internet. portal wherein subscriber will be get
the option to login to WiFi network with
existing broadband credential
3. Subscriber choose the On validation of broadband credentials,
existing user option and user allow to access internet
enter the broadband
credential

Status and comments

Test case status Relevant captures / comments
Pass/Fail/Conditional pass/Not performed

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 19

Offload Business Use Case

USE CASE 5: 3G AND 4G USER OFFLOAD TO WIFI

NETWORK

Test Environment Preparation:

1. In the AP configure the Radius server to be used for authentication & a secure SSID using the
WPA2-Enterprise authentication method.
2. VNPT Ericssion AAA should be configured and enabled to process the EAP-Authentication proxy
request from Alepo AAA.
3. Alepo AAA server should be configured with Access Controller IP details and accessible.
4. Alepo AAA should be configured with VNPT Ericssion AAA IP and accessible through Alepo AAA
via RADIUS interface
WiFi Offload Architecture for 3G User are as follows:

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 20

Wi-Fi offload for 3G User - call flow

WiFi Offload Architecture for 4G Users

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 21

Wi-Fi offload for 4G User - call flow is as below:

5. Steps to follow for offload testing:

Step Test procedure Expected Resulted Actual Result

1. Insert 3G or 4G SIM Card in

Android Phone

2. Activate data session

3. Browse to whatismyip.com Write down IP address provided

by 4G network

4. Turn on Wi-Fi on the handset Phone attaches to the secure

offload SSID & is connected to
internet via Wi-Fi
5. Browse to whatismyip.com Check that IP is provided by Wi-Fi
network versus Mobile network

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 22

6. Access Controller send Alepo AAA server is getting

accounting start & further RADIUS accounting packets from
interim accounting data to the the Access Controller
Alepo AAA server

Status and comments

Test case status Relevant captures / comments
Pass/Fail/Conditional pass/Not performed

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 23

Appendix A
Below is the VPN form to be filled up by the VNPT for Site to Site or Site to Client connectivity.

Description Alepo VNPT project

Contact Information Contact Information Contact Information
Primary Primary Primary
Name

Email Address

Desk Phone
Cell Phone
Skype
Secondary
Name

Email Address
Desk Phone
Skype
VPN Gateway Device Information
IP Address
VPN Device Description
VPN Device Location
Encryption domain / Local LAN subnet
VPN Properties
Phase 1
Authentication Method
Encryption Scheme
Diffie-Hellman Group
Encryption Algorithm
Hashing Algorithm
Main or Aggressive Mode
Lifetime (for renegotiation)
Phase 2
Encapsulation (ESP or AH)
Encryption Algorithm
Authentication Algorithm
Perfect Forward Secrecy
Lifetime (for renegotiation)
Lifesize in KB (for renegotiation)

C ONF IDE N TI AL
Alepo Wi-Fi POC Document | 24

Sign Off

The Parties to this POC agree to the terms of the Agreement and this POC and further
represent that this POC is executed by duly authorized representatives as of the dates
below.

AGREED BY:

Vendor: Altai Technologies

Signature:
Name:
Designation:
Date:

Vendor: Alepo Technologies

Signature:
Name:
Designation:
Date:

Customer: VNPT
Signature:
Name:
Designation:
Date:

C ONF IDE N TI AL
 Alepo Wi-Fi POC Document | 25

About Alepo
Alepo makes next-gen data opportunities a reality. Our advanced software solutions and services enable
global communications service providers to accelerate revenue growth, market share, and business
success on next-generation fixed and mobile broadband networks. For over a decade, Alepo has been
the go-to technology partner for “all things data” at leading service providers like Orange, Saudi
Telecom, and Digicel.

As the connected world nears critical mass, Alepo envisions lean communications service providers that
are empowered to –

1 Welcome disruptive technologies with the readiness and agility to seize new opportunities
2 Orchestrate the customer experience amidst a flurry of third party, content, and OTT partners
3 Grow, adapt, and evolve with the assurance of unwavering network performance and speed

Our continual innovation spans advanced policy and charging control, convergent charging and billing,
device management, BSS / OSS, Wi-Fi hotspot monetization, Wi-Fi offload, AAA infrastructure, and
more. Alepo provides expert professional services: systems integration, consulting and design, training
and support, managed services, and more.

Established in 2004, Alepo is a mature technology solutions provider with presence in all regions of the
world and with offices in Argentina, Cameroon, Colombia, France, and India. Alepo USA Corporate
Headquarters is located in Austin, Texas.

For more information, please visit www.alepo.com.

ALEPO GLOBAL OFFICES

North America Office LATAM Regional Office APAC Regional Office Research and Development
Austin, TX, USA Buenos Aires, Argentina Mumbai, India Mumbai, India
sales@alepo.com latam.sales@alepo.com apac.sales@alepo.com Pune, India