[ previous ] [ next ] [ threads ]
 From:  Jake S - Postmaster <jake at agatestreet dot com>
 To:  David Cook <david at dave dash cook dot co dot uk>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] TomsNetworking.com - Follow-up Article, WRAP & Captive Portal
 Date:  Sun, 22 Aug 2004 16:45:46 -0700
David Cook wrote:

>Dear All,
>I am in the process of planning a follow-up to the recent 'm0n0wall v1.0
>and Soekris net4501' article on TomsNetworking.com. The second article
>will cover the PC Engines WRAP and using the Captive Portal in m0n0wall
>v1.1 to provide a Public Wireless Hotspot. It is scheduled to appear on
>TomsNetworking.com around 20 September.
>I am interested in people's real-world experiences of using the v1.1
>beta Captive Portal. Whether you have been using it to provide free
>community internet access (along the lines of http://socalfreenet.org,
>http://www.nycwireless.net and http://www.arwain.net), in the
>work-place, at home and everything in-between, I would be grateful to
>hear from you. 
>Please post your experiences to the mailing list as a reply to this
>message, or if you prefer you can contact me direct at
>david at dave dash cook dot co dot uk.
>Best wishes
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
I currently have deployed three of the captive portals in different 
configurations.  They are:

First, (using radius authentication off of Cisco ACS) at my companies 
corporate office with a custom login page.  I can't remember the last 
time I plugged my laptop into traditional Ethernet.
Second, Internet cafe with just an AUP that the users need to agree to 
before logging in (no auth).
Third, A similar Internet cafe deployment but using radius 
authentication off of a free radius server.

As far as the firewalling goes its works every time.  I have noticed odd 
behavior though when using the logout button feature with Mozilla 
firefox, IE seems to be fine.

What I like is that you can build a wireless DMZ using completely 
different types of APs and it doesn't make a difference because the m0n0 
wall is doing all of the authentication and firewalling.  So really 
those APs become nothing more then dumb bridges.

 From a feature request standpoint I believe its bad business to send 
login credentials via HTTP so an SSL based login page would be great.

Thats about it from the west coast.


Thank you,
Jake Seitz - Founder
Agatestreet.com - Cleaning Inboxes one domain at a time!
Visit us on the web at http://www.agatestreet.com