[ previous ] [ next ] [ threads ]
 
 From:  "Frans J King" <frans dot king at f333 dot net>
 To:  <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall-dev] DHCP Server request
 Date:  Mon, 7 Mar 2005 14:02:28 -0000 
----- Original Message ----- 
From: "Chris Dickens" <chris at object dash zone dot net>
To: <m0n0wall dash dev at lists dot m0n0 dot ch>
Sent: Monday, March 07, 2005 1:00 PM
Subject: RE: [m0n0wall-dev] DHCP Server request


> Well, that's just dumb and I didn't think anyone would even bother with 
> the
> captive portal if they didn't intend to also auth with RADIUS.  Afterall,
> it's pretty useless then to give someone carte blanche access just by
> clicking one button?
>
> They should just set up a RADIUS server and get over it.  I'm basing my
> response on your assertion that Jesse is competent enough to handle
> administering such a service.
>
> --Chris
>
> -----Original Message-----
> From: Quark IT - Hilton Travis [mailto:hilton at quarkit dot com dot au]
> Sent: Monday, March 07, 2005 5:08 AM
> To: m0n0wall dash dev at lists dot m0n0 dot ch
> Subject: RE: [m0n0wall-dev] DHCP Server request
>
>
> Hi Chris,
>
> No, he knows the difference between external and internal access and the
> nternet and the network.  Believe me.
>
> What he's asking is for a simple auth against something other than a 
> RADIUS
> server since one doesn't exist on the network in question.  Jesse seems to
> not understand this question either.  Its quite clear/simple, actually.
>
> --
>
> Regards,
>
> Hilton Travis                          Phone: +61 (0)7 3344 3889
> (Brisbane, Australia)                  Phone: +61 (0)419 792 394
> Manager, Quark IT                      http://www.quarkit.com.au
>         Quark AudioVisual             http://www.quarkav.net
>
> http://www.threatcode.com/ <-- its now time to shame poor coders
> into writing code that is acceptable for use on today's networks
>
> War doesn't determine who is right.  War determines who is left.
>
> This document and any attachments are for the intended recipient
>  only.  It may contain confidential, privileged or copyright
>     material which must not be disclosed or distributed.
>
>> -----Original Message-----
>> From: Chris Dickens [mailto:chris at object dash zone dot net]
>> Sent: Thursday, 24 February 2005 02:45
>>
>> He's probably thinking "Internet" is the same as "Network".
>> I'm not aware of a way to solve his problem if this is what
>> he's thinking since disabling their network rights would
>> simultaneously remove access to the captive portal
>> preventing them from starting the process to begin with. :)
>>
>> --Chris
>>
>> -----Original Message-----
>> From: Jesse Guardiani [mailto:jesse at wingnet dot net]
>> Sent: Wednesday, February 23, 2005 11:38 AM
>>
>>
>> On Tuesday 22 February 2005 2:54 pm, Quark IT - Hilton Travis wrote:
>> > Hi Jesse,
>> >
>> > DAMN I hate the reply to the poster not to the list, considering it
>> > was the LIST that I received the email from in the first place.  :(
>> >
>> > > -----Original Message-----
>> > > From: Jesse Guardiani [mailto:jesse at wingnet dot net]
>> > > Sent: Tuesday, 22 February 2005 00:36
>> > >
>> > > On Monday 21 February 2005 2:52 am, Quark IT - Hilton
>> Travis wrote:
>> > > > Hi All,
>> > > >
>> > > > OK.  So I have now configured Captive Portal for the users on
>> > > > that network.  Works fine as far as captive portal issues go -
>> > > > all blocked until they agree, and I can configure certain users
>> > > > to bypass the captive portal.
>> > > > Nice.
>> > > >
>> > > > Unfortunately, this doesn't address my first concern -
>> > > the ability to block certain (or all unspecified) MAC addresses
>> > > from gaining access to the Internet.
>> > >
>> > > Actually, it should. That's what the captive portal does. I don't
>> > > understand what you mean here.
>> >
>> > Nope, it doesn't.  What this achieves is having that user get a
>> > "Captive Portal" web page that they then have to agree to
>> to continue
>> > on to the Internet.  It doesn't disable their Internet access.
>>
>> I have no idea what you're talking about. The whole purpose of Captive
>> Portal is to restrict internet access. They either auth with username
>> and password via the web page, or you add their MAC and/or IP
>> address in the
>> pass-through. This is how it works on my network.
>>
>> Does anyone else know what he's talking about?
>>
>> --
>> Jesse Guardiani, Systems Administrator
>> WingNET Internet Services,
>> P.O. Box 2605 // Cleveland, TN 37320-2605
>> 423-559-LINK (v)  423-559-5145 (f)
>> http://www.wingnet.net
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch
>
>

It doesn't sound dumb at all. He would still being doing authentication but
the account info would be stored locally rather than on a separate radius
server. It's a lot like the pptp server - you have the choice of using
radius, or you can setup accounts on the m0n0 box itself.