FreeRadius + MySQL + Multiple Dynamic Clients

Fri Oct 29 00:00:00 CEST 2010

Hello,

I'm the IT fellow for a bus company that is about to implement WiFi on a
fleet of a couple dozen buses (or so), so that passengers can pull out their
laptops, iPhones, iPads, iWhatevers and connect thru the wandering networks
from inside the comfort of the bus while traveling to their various
destinations.

We'll be using a Wireless Broadband device that will provide the broadband
signal to a router.  The router will be configured to use a Radius server so
that as people connect they'll go through the Radius authentication
protocols to get their wifi connection to the network.  I'm assuming that
whenever these power on, they'll be getting a new dynamically assigned IP
address.  Not to mention that potentially, as the bus roams aruond and as it
loses and gains service between the different cell sites, I guess it's
possible that each time it loses/gains a cell site, it might even get a new
IP address.

So, what I want to avoid is having set each router's access password (which
would be 1 or 2 at first) each week .. manually.  Up to a maximum of 20 or
30 of these .. manually.  I figure that I can capture the the users email
address (or username) and a password, and make just THAT combination of
authentication available WHILE their scheduled route is running.

Sooo.. just prior to the dispatch of the bus, I add that list of good
authentications to the records of FreeRADIUS server setup.  When the route
is over, I remove the records (or somehow toggle them off).  The idea being
that they'll only be allowed one login per user while on the bus.  And if
they don't check/select that they want wifi access, they won't get access
from a previous user/password combination.

What I've got working is FreeRADIUS with MySQL.  But not with a dynamic
client.  It's refusing the authentication connection with the client.  Do I
define 1 dynamic client that maybe 20-30 of these will be using?  Or should
they be numbered from 01 thru whatever.  Either way, they'll all have
different IP's as they are traveling down the road.

The error message I see in the logs is:

Thu Oct 28 16:10:26 2010 : Error: Ignoring request to authentication address
* port 1812 from unknown client 98.212.198.111 port 2048

So.. I know the network is open to get the request, it's just not processing
it.  I've looked through the WIKI and can't find any specific dynamic client
setup parameters/settings.  I'm running freeradius v 2.1.8 on a Ubuntu 10.04
machine.  With a test connection via a Netgear WNR834v2 that's been
reflashed as a DD-WRT mini hotspot to give me the router configuration.

Any help would be appreciated.

-- 
Tyler Nally
tnally at technally.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20101028/ae061dc3/attachment.html>