[ previous ] [ next ] [ threads ]
 
 From:  Dinesh Nair <dinesh at alphaque dot com>
 To:  Manuel Kasper <mk at neon1 dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch, <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Beta 1.1b9
 Date:  Sun, 23 May 2004 19:43:09 +0800 (MYT)
On Sun, 23 May 2004, Manuel Kasper wrote:

> The captive portal just got better: we now have RADIUS authentication
> support, thanks again to Dinesh Nair! By specifying a RADIUS server,

and with thanx to jason grimm for providing a radius server to test
against.

> port and shared secret, as well as adding two input fields
> (user/pass) to your captive portal page, you can have your users

the input fields should be named auth_user and auth_pass. if the radius
server auth is enabled and if either of these two fields dont exist, then
radius authentication will always fail. this could be used to implement
simple mac filtering (though non-foolproof) behind the captive portal.

in addition to this, the captive portal allowed ip functionality now
allows specification of IPs on both sides of the captive portal.
specifying From IPs would mean that clients with this IP address would
bypass the captive portal authentication, while specifying To IPs would
mean that all unauthenticated clients would be able to access these IPs
from behind the captive portal.

Regards,                           /\_/\   "All dogs go to heaven."
dinesh at alphaque dot com                (0 0)    http://www.alphaque.com/
+==========================----oOO--(_)--OOo----==========================+
| for a in past present future; do                                        |
|   for b in clients employers associates relatives neighbours pets; do   |
|   echo "The opinions here in no way reflect the opinions of my $a $b."  |
| done; done                                                              |
+=========================================================================+