At 04:59 PM 12/11/2002 -0300, Fernando Teodoro wrote:
There is no specific way via RADIUS directly to make this happen asHi Matt, and thanks for the tip. "Walled Garden" sounds fine.I followed the link you send me; as far I understood, a captive portal is a kind of gateway with transparent proxy that redirects the client browser; so, when the customer tries any address, it's source is verified from an auth system (if it has already authenticated, he can pass-through an go anywhere). It should work for me, even with no auth - simply sending a default webpage to the client with a cookie. Yet, my problem remains: not all my customers should fall in this system - they will (or will not) fit in this rule according some criteria - and the Radius is my first choice, since everybody's must dial-in and auth in Radius. If I let anyone auth in Radius and force anyone to authenticate in browser to access the web, it will be a great pain for regular customers (90% of the total users); this is the pattern used by free-ISP in Brazil, and it makes this services so boring. Most important, you answered my main question: there's no way to redirect clients homepage with any of Radius features, right? Radius "talks" only with RAS, and not with the end-user. So, any solution will require web-proxy redirecting. No other way?
routing policy it outside the scope of RADIUS.
*HOWEVER* RADIUS can be used to communicate policy routing decisions
to the NAS if the NAS supports it. It's a feature of the NAS, not
of RADIUS.
You can setup Policy Based Routing on Cisco NAS for example, triggered
by a Cisco-VSA attribute you return. You could selectively return
the VSA trigger with Group attributes on your RADIUS server.
So, to answer you question, it does not require a web-proxy system. It
depends on your NAS choice and the capabilties of that NAS.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless! \ Director, Engineering
| @ @ | \ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\------------------------------------------------------
\ Wholesale Internet Services - http://www.megapop.net
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
