You could, I'm slowly going off the whole redirect methodology though.
As time goes on, and more and more sites are SSL, and people are using
apps and gaming consoles and everything else, it gets less useful. I
think it still has a place today, but I have a feeling that within a few
years, it's going to be very limited in its usefulness. Probably more
reliable to send people a text message at this point..
On 1/7/2016 9:35 AM, Cassidy B. Larson wrote:
Interesting thought. You could direct them to a special “wrong credentials
pool” that gets wall gardened and directed to a splash page informing them of
such.
On Jan 7, 2016, at 8:13 AM, Simon Westlake <[email protected]> wrote:
You think so? You're saying you think that a user that enters an invalid
username and password should still get access to the network? I guess if you're
giving the credentials to end users, it might make sense, so it's clear to them
that they entered it incorrectly. If you're putting it into your radios
exclusively though, it seems like you might not want to give a user any access
at all if they're just trying random passwords.
On 1/7/2016 7:05 AM, Dennis Burgess wrote:
Typically the pppoe server is at the tower, so it has a local pool to hand out,
if the customer needs a static, that would be assigned via PPPOE as well as a
framed route if they need a specific block. For MT there are a number of
radius attributes, but the simplest is address-group, If all pppoe servers are
configured the same, giving a address group lobs them into anything such as
filters, firewall, redirection etc. the last though is ip pool, so that you
can give them a redirected pool and not use a public IP if they are not auth.
Big thing, they should always auth, just get redirected if not valid. :)
Dennis Burgess, CTO, Link Technologies, Inc.
[email protected] – 314-735-0270 x103 – www.linktechs.net
-----Original Message-----
From: Af [mailto:[email protected]] On Behalf Of Simon Westlake
Sent: Wednesday, January 6, 2016 8:50 PM
To: [email protected]
Subject: [AFMUG] RADIUS
For those of you using RADIUS to manage your customers (whether via PPPoE, or
something else), how are you doing it? Are you using pools, static addresses or
a mixture? Are you using groups to control access/redirect to delinquency pages
etc or other methods? What kind of attributes are you using? What is/are your
NAS? I'm guessing mostly Mikrotik in this group!
I'm working on a bunch of RADIUS stuff right now, and trying to build it to be
as flexible as possible.. any input any of you can give on how you use RADIUS
on your network would be very much appreciated!
--
Simon Westlake
Skype: Simon_Sonar
Email: [email protected]
Phone: (702) 447-1247
---------------------------
Sonar Software Inc
The next generation of ISP billing and OSS https://sonar.software
--
Simon Westlake
Skype: Simon_Sonar
Email: [email protected]
Phone: (702) 447-1247
---------------------------
Sonar Software Inc
The next generation of ISP billing and OSS
https://sonar.software
--
Simon Westlake
Skype: Simon_Sonar
Email: [email protected]
Phone: (702) 447-1247
---------------------------
Sonar Software Inc
The next generation of ISP billing and OSS
https://sonar.software
