http://www.smartbridges.com/new/support/articles.php?id=11
Pertaining to the above "typical WISP scenario", I am trying to figure out how to simplify my network down to the least amount of hardware as possible. BTW...I don't use DHCP at all (except inside the client location behind my supplied SOHO router). I want to use JUST 2 machines. Maybe I could use 2 NIC's in each and assign each to different networks?? My T-1 router has a built-in 12 port switch. Currently, my wireless network goes off of one of the ports, my CONFIG PC goes off another. I want to start using an external RADIUS server to do 2 things. 1. External MAC authentication for associating sB clients with the aPPo's. 2. PPPoE authorization for client using the supplied SOHO router (built-in PPPoE). Here are my questions: 1. Would a single RADIUS server box be capable of doing both of above (taking into consideration the 2 different IP networks)? If so, how? I still havent bought/built this box either (any suggestions--Mikrotik?). As shown in the Typical WISP scenario, the CONFIG PC is using the same network IP as the wireless sB devices. I am creating bandwidth HTML pages on this PC for each client using MRTG and polling the wireless devices (on the CONFIG PC). I guess I could do the MRTG thing from the other box? 2. I want to allow my clients to login to a local webpage and see THEIR bandwidth page only (authenticated with ASP). How could a client access these HTML pages if they are on different networks (client = 10.10.10.x network and my CONFIG PC = 11.168.0.x network)? Please don't forget that I am trying to limit my hardware for this. I don't want to add DNS or DHCP or Web servers. Requirements: 1. Use 2 separate networks (i.e. 10.10.10.x and 11.168.0.x) to separate WIRELESS from WIRED. 2. Implement RADIUS for authenticating the wireless devices 3. Implement PPPoE for authenticating the wired clients 4. Allow clients access to HTML bandwidth web pages (only from inside my network-not on PUBLIC IP). 5. Most importantly, keep security in mind when allowing access to these PC's (i.e. HTML pages). I hope this isn't as hard as it seems to me. I am having a heck of a time figuring out how to tackle this one. I really appreciate any advice!! Sully ----------ANNOUNCEMENT---------- Don't forget to register for WISPCON IV http://www.wispcon.info/us/wispcon-iv/wispcon-iv.htm The PART-15.ORG smartBridges Discussion List To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe smartBridges <yournickname> To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe smartBridges) Archives: http://archives.part-15.org
