[ previous ] [ next ] [ threads ]
 
 From:  A dot L dot M dot Buxey at lboro dot ac dot uk
 To:  Brian Watters <brwatters at abs dash internet dot com>
 Cc:  kirk at perrysupply dot net, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Captive Portal HOWTO
 Date:  Fri, 14 Jan 2005 09:14:04 +0000
Hi,

> Sure have .. It really does not speak to Radius or a portal that works with
> same, Its aimed more at a public free Hotspot. There has to be more detail
> out there on HOWTO.  Thanks for the heads up though.


well, you follow those instructions, but then use RADIUS to authenticate. just simply
have a working RADIUS server and then point m0n0wall to it for the authentication.
m0n0wall happily send the username/userID and password to the RADIUS server

however, if you are going this route I would THOROUGHLY recommend that you use the
latest beta versions - which support  https://  for the login redirect page
(protecting your ID's and passwords) and also dont enable the entered values to
be saved on the browsing PC - see my email to this list late last year about the 
HTML <form> flags you need to pull this off.

Personally, we use FreeRADIUS on a Linux box as the RADIUS back end....you could
be more 7EE7E and put the OpenWRT54G Linux firmware onto a Linksys WRT54G and then
actually have one of your access points also running as your RADIUS authenticator
twistedly perverse but 100% neat ;-)
 
dont forget, the RADIUS server can quite happily be on the LAN side of the equation
too. no need to do any special holes for WAN to it - as its only the m0n0wall
box that does the RADIUS stuff. (make sure the required ports are open! 1812/1813/1814 in UDP

alan