I have about 30 OpenWRT AP's deployed. 5 different subnets with only 1
packetfence server that is accessible from every subnet. All working pretty
well with packetfence. Not sure about an external setup, but I would
imagine it would work as long as your firewall setup is good. Another
option could be to setup OpenVPN on each router so that they are on the LAN.
Packetfence has it's own captive portal built in, so I'm not sure what the
point of CoovaChilli would be.
One thing that I'm struggling with for OpenWRT is that the hostapd file
that packetfence provides does not allow for multiple SSIDs. So if you are
looking to manage multiple SSIDs with OpenWRT, you should look else where.
On Tue, Apr 11, 2017 at 8:41 AM, Minh Ha <[email protected]> wrote:
> hello there,
>
> I apologise if this has been asked before, but I couldn’t find the
> documentation / answer for what I’m trying to build.
>
> I’m building a hotspot system to be deployed on to buses, with the
> following requirements:
>
> * Each bus will be deployed with a 3G capable OpenWRT router.
> * The users will be presented with a T&C when connecting to the AP for the
> first time. Accepting T&C is sufficient, no other authentication method is
> required.
> * Bandwidth is restricted per user.
> * Maximum lease is 1.5h per session
> * MAC address stats for logging of delinquent users. The user could be
> temporarily banned.
> * Data capping is optional but nice to have.
> * Content-Filtering: for pr0n etc.
> * Some websites could be accessed without accepting T&C: e.g: regional
> council website.
>
> * The router can be remotely managed. I think I will be looking at Ansible
> for this purpose.
>
> I imagine the system will consist of:
>
> * CoovaChilli for SSID & DHCP
> * OpenDNS to block indecent sites.
> * PacketFence hosted externally on VPS
>
> In this scenario, the requests from each router must go through WAN to the
> external PacketFence router to be authenticated.
> However, as far as I understand the documentation suggests that the
> PocketFence server must be hosted in the same LAN with the router, and the
> requests must be authenticated first before it could reach the WAN side
> https://packetfence.org/doc/PacketFence_CoovaChilli_Quick_
> Integration_Guide.html#_step_0_get_packetfence_zero_effort_
> nac_zen_latest_image
>
> Is PacketFence suitable for what I’m trying to build?
> If it is not, does anyone have a suggestion of an open-source software
> solution that I could use. Please note, using a SAAS like hotspotsystems,
> cucumber tony is not feasible.
>
> Kind regards,
> Minh
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
--
Chris Abel
Systems and Network Administrator
Wildwood Programs
2995 Curry Road Extension
Schenectady, NY 12303
518-836-2341
--
IMPORTANT NOTICE: This message and any attachments are solely for the
intended recipient and may contain confidential information, which is, or
may be, legally privileged or otherwise protected by law from further
disclosure. If you are not the intended recipient, any disclosure, copying,
use, or distribution of the information included in this email and any
attachments is prohibited. If you have received this communication in
error, please notify the sender by reply email and immediately and
permanently delete this email and any attachments.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users