"WPA keys" that expires after use

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Sun Jul 29 17:46:00 CEST 2007


Hi,

> The idea is, that the router does the authentication via radius server, which stores predefined "WPA keys". When user uses one of them to access the network, the "WPA key" is activated. After specified period of time, radius server automatically deactivates the WPA key and disconnects user.

err, if the WPA key only becomes active AFTER they've reached the RADIUS server - then HOW are they to connect
to the wireless in the first place - as the WPA key is required for the layer 2 link to come alive(!)

AAA would be able to give you this 'very low level' type of authentication. what you COULD do
with AAA is to use SSL certs....eg EAP-PEAP/EAP-TLS with WPA-enterprise. and then once the
cert has been used, expire it.  alternatively use WPA as you are currently doing but enforce
another control method to get online - such as a SOCKS5 proxy.

alan



More information about the Freeradius-Users mailing list