Dynamic Clients would only apply to the NAS's (ie the <font face="courier new,monospace">WNR834v2 </font>Access Points) and not the workstations connecting to the APs. As the Workstations / users would just be users.<br>
<br>So either you allow anyone from the internet (or restrict it down to certain IP addresses which the Mobile Provider issues as DHCP addresses) to connect to your FreeRadius server.<br><br>Otherwise perhaps your Mobile provider may offer a "private office" Mobile broadband offering so by specifying a different APN on the router you get put into a certain IP address pool by the Telco and you don't route your FreeRadius AAA over the internet.<br>
<br><div class="gmail_quote">On Fri, Oct 29, 2010 at 11:00 AM, Tyler Nally <span dir="ltr"><<a href="mailto:tnally@technally.com">tnally@technally.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<font face="courier new,monospace">Hello,</font><div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">I'm the IT fellow for a bus company that is about to implement WiFi on a fleet of a couple dozen buses (or so), so that passengers can pull out their laptops, iPhones, iPads, iWhatevers and connect thru the wandering networks from inside the comfort of the bus while traveling to their various destinations.</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">We'll be using a Wireless Broadband device that will provide the broadband signal to a router. The router will be configured to use a Radius server so that as people connect they'll go through the Radius authentication protocols to get their wifi connection to the network. I'm assuming that whenever these power on, they'll be getting a new dynamically assigned IP address. Not to mention that potentially, as the bus roams aruond and as it loses and gains service between the different cell sites, I guess it's possible that each time it loses/gains a cell site, it might even get a new IP address.</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">So, what I want to avoid is having set each router's access password (which would be 1 or 2 at first) each week .. manually. Up to a maximum of 20 or 30 of these .. manually. I figure that I can capture the the users email address (or username) and a password, and make just THAT combination of authentication available WHILE their scheduled route is running.</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">Sooo.. just prior to the dispatch of the bus, I add that list of good authentications to the records of FreeRADIUS server setup. When the route is over, I remove the records (or somehow toggle them off). The idea being that they'll only be allowed one login per user while on the bus. And if they don't check/select that they want wifi access, they won't get access from a previous user/password combination.</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">What I've got working is FreeRADIUS with MySQL. But not with a dynamic client. It's refusing the authentication connection with the client. Do I define 1 dynamic client that maybe 20-30 of these will be using? Or should they be numbered from 01 thru whatever. Either way, they'll all have different IP's as they are traveling down the road.</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">The error message I see in the logs is:</font></div><div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">Thu Oct 28 16:10:26 2010 : Error: Ignoring request to authentication address * port 1812 from unknown client 98.212.198.111 port 2048</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">So.. I know the network is open to get the request, it's just not processing it. I've looked through the WIKI and can't find any specific dynamic client setup parameters/settings. I'm running freeradius v 2.1.8 on a Ubuntu 10.04 machine. With a test connection via a Netgear WNR834v2 that's been reflashed as a DD-WRT mini hotspot to give me the router configuration.</font></div>
<div><font face="courier new,monospace"><br></font></div><div><font face="courier new,monospace">Any help would be appreciated.<br clear="all"></font><br>-- <br><font face="'courier new', monospace">Tyler Nally</font><div>
<font face="'courier new', monospace"><a href="mailto:tnally@technally.com" target="_blank">tnally@technally.com</a></font></div><br>
</div>
<br>-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br></blockquote></div><br>