FreeRadius + Mysql + MAC address authentication + linksys WRT54GS

Carlos Sobrinho epilog at netvisao.pt
Thu Jun 30 01:35:28 CEST 2005


Hi there, I'm sorry if this questions was already answered but I searched all 
day today and didn't come up with anything usefull for this situation.

This is what I need.

There will be:

* 20 hotspots with a Linksys AP and a modified firmware (OpenWRT) and maybe 
chilispot.
* Freeradius server
* apache2 webserver
* free-HS (SSID)

The objective is to have some free hotspots on a certain area and the user, as 
soon as he chooses free-HS network, will be redirected to a register page. 
Maybe using a proxy trick or a php redirect.

This page will ask simple questions like age, how did he found this but never 
username and password.

The authentication will be made by MAC address but I could only find some 
examples regarding AP's MAC address in the users file.

My problem is to have this auth made by the mysql database.

If he disconnects and connects again his mac address will be in the data-base, 
and radius will find it and authorize and the internet will be normal, No 
proxy, no redirect. 

Maybe a 15m timeout of no activity...

So basically what we need is a way for radius to check for this MAC address in 
the mysql db.

I have a working freeradius+mysql server and I can do a radtest with a 
user's/password and the shared pass and all was ok.

rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=163, length=20

My problems:

* We don't have any certificate store to sign our certificate,
* We don't want people to install certificates

Another questions. What type of protocols should we use?
EAP, PEAP, CHAP, MSCHAP, EAP/TLS, WEP ?

The most simple for the window's users to access.



Thank you in advance for the help
With best regards

Carlos Sobrinho

-- 
#############################################################################
# These PRESERVES should be FORCE-FED to PENTAGON OFFICIALS!!               #
#############################################################################
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20050630/360c34f5/attachment.pgp>


More information about the Freeradius-Users mailing list