EAP-TTLS + PAP with external script
d_maccari
d_maccari at hotmail.com
Fri May 16 01:33:05 CEST 2008
> So why do you bother with radius and EAP for authentication when you are
> not going to use them? Use captive portal and run that php script from
> the login page. If you need accounting use radius for that.
I need to insert a wpa/wpa2 enterprise wlan, which do need eap and radius,
side by side a prexisting unencrypted wlan wich authenticate with a captive
portal.
That's why that php script.
It's basically the same used by the captive portal to authenticate the
unencrypted wlan users with the externale server.
Maybe i can port it in perl or even c/c++ to make it a real module and gain
more control over its behaviuor and better performance but for now is just
something more than a "proof of concept" ;)
If all goes as it should i can even convince the external holder of the user
database to setup a radius server where to proxy requests but this is a
future project.
The accounting is not made with radius too since it need to be "hardware
independant" and unfortunatly not all access points used support radius
accounting even if they do support wpa/wpa2 enterprise.
I know, it's a wierd configuration but i have to deal with it :(
Thanx
Dario Maccari
More information about the Freeradius-Users
mailing list