On Sun 05 Aug 2007, Fred Zinsli wrote: > Hello everyone > > I am very new to freeradius and security type environments and I am > feeling somewhat out of my depth at the moment. > > My current situation is that I have a chillispot WIFI setup. A diagram > of the current network can be seen at > http://www.shooter.co.nz/network.pdf > > The problem I have with this setup is that unscrupulous people are > connecting to the unprotected APs without authenticating and playing > games between themselves therefore bogging down our network with their > traffic. > > So what I am wanting to do is dispose of the chillispot server and > authenticate the users directly from the APs (WAP54G) using WPA- > Enterprise.
Putting chillispot on each individual AP is also a possibility.. > WPA-Enterprise on the WAP54G is radius authentication with > a WPA shared key between the AP and the radius server. > > I have got the APs talking to the radius server, but it seems the radius > server is using the credentials from the PC to authenticate the users. Thats what it is designed to do. > Here is what I would like to do. When a user attempts to connect to the > AP, the user is presented with a login screen (much like chillispot), > the user logs on and they are connected to the AP and can use the > network as expected. If a user cannot authenticate the attempt is > logged and the connection attempt to the AP is dropped. If you want a web based login screen use chillispot or something similar. If you want to use a PC based supplicant, then WPA is the correct solution.. -- Peter Nixon http://peternixon.net/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
