Multiple Locations and configuring 2 different methods of Access

Laker Netman laker_netman at yahoo.com
Wed Apr 19 23:28:03 CEST 2006


You may be wanting something more like a captive
portal for some of your gateways.  Try googling
"captive portal".  I use chillispot myself;
http://www.chillispot.org

I have two wireless networks.  One is secured with
EAP-PEAP and auths users against our Active Directory
via RADIUS (ntlm_auth) for employees.  The other is
open, but has no direct connection to our main LAN. A
captive portal server (chillispot in my case) routes
between the public wireless and private wired network
to provide only Internet access to the public users
(guests, vendors, customers, etc) by explicitly
routing all of their traffic out the T1 hanging off
our private router.

Hope that helps.

Laker

--- James <list-freeradius at qujo.com> wrote:

> 
> >> we are sterring away from the original question
> here. if there is a way 
> >> to setup RADIUS to somehow send a message or
> configuration attribute to 
> >> the gateway to allow any clients connected to the
> gateway to access the 
> >> internet without extra authentication aside from
> simply connecting to 
> >> the gateway itself?
> >>     
> >
> >   The short answer is to read the documentation
> for the gateway
> > software.  If it says that the gateway can do
> this, AND it can be
> > configured through RADIUS, then it SHOULD say
> which RADIUS attribute,
> > and what value to use.
> >
> >   
> That's exactly the part that I cannot find an answer
> to Alan, that's why 
> I posted here to see if anyone has anything related
> to this. That's all 
> the help I will be needing from you , Thank you for
> your time.
> 
> >> now lets keep in mind that there are multiple
> locations here and
> >> therefor are multiple gateways, all I want to
> know is of there is a
> >> way to allow just some of the gateways, not all,
> to give access
> >> without username/password authentication.
> >>     
> >
> >   Now you're disagreeing with yourself again. 
> This confuses the
> > issue, and makes it difficult for anyone to solve
> the problem, because
> > you keep changing the story about what the problem
> is.
> >
> >   a) people ALWAYS use RADIUS to authenticate
> before they get on the net.
> >   b) people ALWAYS get a pretty web portal before
> they access the net
> >   c) people SOMEHOW get past the web portal to get
> real net access
> >
> >   You want to change (b) so that SOME people get a
> web portal, sometimes.
> >
> >   The paragraph I quoted above says you want to
> change requirement (a).
> >
> >   Which is it?  I don't think you're clear on what
> you're trying to
> > do.  Or, you're not describing it in a consistent
> and clear way.
> >   
> 
> 
> I do admit, I could not make it clear enough for you
> to understand, but 
> no worries, I gave it a shot anyways. Once again, I
> do thank you for 
> your time Alan. If there is someone else besides
> Alan out there who is 
> trying to achieve the same thing, I would love to
> hear from them. Thank 
> you all and thank you Alan.
> 
> 
> James
> > - 
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 



More information about the Freeradius-Users mailing list