Multiple Locations and configuring 2 different methods of Access

Alan DeKok aland at nitros9.org
Wed Apr 19 21:10:52 CEST 2006


James <list-freeradius at qujo.com> wrote:
> no one gets authenticated twice, a nice looking HTML form is the only 
> thing the web portal is. that's it. nothing more. the authentication is 
> only done once by the gateway.

  That's not quite what you said at first, but OK...

> we are sterring away from the original question here. if there is a way 
> to setup RADIUS to somehow send a message or configuration attribute to 
> the gateway to allow any clients connected to the gateway to access the 
> internet without extra authentication aside from simply connecting to 
> the gateway itself?

  The short answer is to read the documentation for the gateway
software.  If it says that the gateway can do this, AND it can be
configured through RADIUS, then it SHOULD say which RADIUS attribute,
and what value to use.

> now lets keep in mind that there are multiple locations here and
> therefor are multiple gateways, all I want to know is of there is a
> way to allow just some of the gateways, not all, to give access
> without username/password authentication.

  Now you're disagreeing with yourself again.  This confuses the
issue, and makes it difficult for anyone to solve the problem, because
you keep changing the story about what the problem is.

  a) people ALWAYS use RADIUS to authenticate before they get on the net.
  b) people ALWAYS get a pretty web portal before they access the net
  c) people SOMEHOW get past the web portal to get real net access

  You want to change (b) so that SOME people get a web portal, sometimes.

  The paragraph I quoted above says you want to change requirement (a).

  Which is it?  I don't think you're clear on what you're trying to
do.  Or, you're not describing it in a consistent and clear way.

  Alan DeKok.




More information about the Freeradius-Users mailing list