What I have done is rather than using 802.1x authentication, I use MAC authentication. This way all I have to do is ensure the mac of the radio cards is in the users table. When the card comes into range of an access point, the AP sends the mac as if it were a user name. If the mac checks out, then the radio is allowed full access. Otherwise, it will associate with the AP, but will be blocked from moving any data.
> Hi everyone! > I'm new here. I live in an apartment complex and some neighbors and I > are in the process of setting up a RADIUS server so that we can spread > wifi throughout our building. > I am currently running Fedora Core 3 on a Compaq Proliant 1600 (pretty > old server) with RAID mirroring on 2 scsi harddrives. > > I just installed FreeRadius version 1.0.2 (latest version, downloaded > from www.freeradius.org yesterday) and I ran it in debug mode with a > test account. > Everything checks out fine when I run "radtest" > > I am now trying to take this server to the next level and try and get > it working so that we can use it for wifi authentication. > I've been googling around and have found some solutions, including > using EAP authentication (laptops connected wirelessly to access > points).. but it seems like all of these solutions need additional > software to be running on the laptop. > > What I am trying to do is have get full-fledged wireless > authentication, on any laptop, just by being in the vicinity of the > access points. We haven't bought our access points yet, but figure we > need something that allows 802.1x authentication (currently looking at > some US Robotics models). Does anybody here have any ideas/pointers on > how I can set this up? > > As an example, the local public libraries offer free wifi where I live. > You just simply stroll in, open your laptop, and start up your web > browser. A captive portal redirects your browser to a login screen with > some info/links (walled garden?).. and if you login with a correct > library card # and password, you are granted full access to the > internet. > > This is basically what I am trying to do. I know of captive portal > software, but it seems like they're very costly and you require an > additional computer between the access point and the RADIUS server.. I > would like everything to be comprised of just roaming laptops, access > points, and my central linux server. Any ideas?? > > Thanks for reading! > > Cheers, > Yu-Jia > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
