[ previous ] [ next ] [ threads ]
 From:  Uwe <k8user at web dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Q: X509 certs / captive portal
 Date:  Wed, 6 Jul 2005 17:24:33 +0200
Hi there,

first of all many thanks to the m0n0 developers and contributors.
Half an our after i have installed m0n0, my zyxel zywall2 was disconnected. 
With some basic knowledge the whole thing comes up very quick.

I have set up the latest beta on an 200MHz Pentium machine (IBM 
Thikstation/Netvista) with two 3Com 3C905 NICs. I have applied some more 
tagged VLANS on my LAN interface to get more interfaces (and networks) wich 
are deciphered by my switch. All this works absolutely flawless. Even 
bandwidth management is very easy to use. Just start the setup wizard to see 
how it works. So far this is more than my zywall2 ever did for me.

But zywall2 has a very important feature: A generator for self signed X.509 
certificates, that is missing on m0n0 completely. Since IPSec is in my 
opinion the most compatible and flexible solution for building secured 
networks there is a need for that application. As far as I can see, this 
would be an PHP application for openssl. Since there is no other convenient 
way to generate certificates than using the openssl command line tools i 
thinks it is a must for m0n0.

Second thing I like to annotate is, that the function of the captive portal is 
not really good documented :) maybe someone can give me a hint for a good 
starting point.