<font face="courier new,monospace">Hello,</font><div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">I'm the IT fellow for a bus company that is about to implement WiFi on a fleet of a couple dozen buses (or so), so that passengers can pull out their laptops, iPhones, iPads, iWhatevers and connect thru the wandering networks from inside the comfort of the bus while traveling to their various destinations.</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">We'll be using a Wireless Broadband device that will provide the broadband signal to a router. The router will be configured to use a Radius server so that as people connect they'll go through the Radius authentication protocols to get their wifi connection to the network. I'm assuming that whenever these power on, they'll be getting a new dynamically assigned IP address. Not to mention that potentially, as the bus roams aruond and as it loses and gains service between the different cell sites, I guess it's possible that each time it loses/gains a cell site, it might even get a new IP address.</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">So, what I want to avoid is having set each router's access password (which would be 1 or 2 at first) each week .. manually. Up to a maximum of 20 or 30 of these .. manually. I figure that I can capture the the users email address (or username) and a password, and make just THAT combination of authentication available WHILE their scheduled route is running.</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">Sooo.. just prior to the dispatch of the bus, I add that list of good authentications to the records of FreeRADIUS server setup. When the route is over, I remove the records (or somehow toggle them off). The idea being that they'll only be allowed one login per user while on the bus. And if they don't check/select that they want wifi access, they won't get access from a previous user/password combination.</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">What I've got working is FreeRADIUS with MySQL. But not with a dynamic client. It's refusing the authentication connection with the client. Do I define 1 dynamic client that maybe 20-30 of these will be using? Or should they be numbered from 01 thru whatever. Either way, they'll all have different IP's as they are traveling down the road.</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">The error message I see in the logs is:</font></div><div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">Thu Oct 28 16:10:26 2010 : Error: Ignoring request to authentication address * port 1812 from unknown client 98.212.198.111 port 2048</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">So.. I know the network is open to get the request, it's just not processing it. I've looked through the WIKI and can't find any specific dynamic client setup parameters/settings. I'm running freeradius v 2.1.8 on a Ubuntu 10.04 machine. With a test connection via a Netgear WNR834v2 that's been reflashed as a DD-WRT mini hotspot to give me the router configuration.</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">Any help would be appreciated.<br clear="all"></font><br>-- <br><font face="'courier new', monospace">Tyler Nally</font><div>
<font face="'courier new', monospace"><a href="mailto:tnally@technally.com" target="_blank">tnally@technally.com</a></font></div><br>
</div>