Hello everyone I am very new to freeradius and security type environments and I am feeling somewhat out of my depth at the moment.
My current situation is that I have a chillispot WIFI setup. A diagram of the current network can be seen at http://www.shooter.co.nz/network.pdf The problem I have with this setup is that unscrupulous people are connecting to the unprotected APs without authenticating and playing games between themselves therefore bogging down our network with their traffic. So what I am wanting to do is dispose of the chillispot server and authenticate the users directly from the APs (WAP54G) using WPA- Enterprise. WPA-Enterprise on the WAP54G is radius authentication with a WPA shared key between the AP and the radius server. I have got the APs talking to the radius server, but it seems the radius server is using the credentials from the PC to authenticate the users. Here is what I would like to do. When a user attempts to connect to the AP, the user is presented with a login screen (much like chillispot), the user logs on and they are connected to the AP and can use the network as expected. If a user cannot authenticate the attempt is logged and the connection attempt to the AP is dropped. This way a user cannot just blindly connect to our network and use bandwidth. Is that type of configuration possible? and if so where would I find information on how it is done? Many thanks in advance for you patience and comments. Regards Fred - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
