Date: Sat, 21 Apr 2007 21:02:28 +0200 From: =?UTF-8?B?UGV0ZXIgQW5rZXJzdMOlbA==?= <peter@pean.org> To: Angelin Lalev <lalev@uni-svishtov.bg> Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD machine instead of wireless hotspot device Message-ID: <462A5FC4.5060803@pean.org> In-Reply-To: <d66ef2c4fa1a9acc4987ab98dd95a770@uni-svishtov.bg> References: <d66ef2c4fa1a9acc4987ab98dd95a770@uni-svishtov.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
Angelin Lalev wrote: > I have wireless hotspot device (Handlink WG-601) which I need to replace with FreeBSD machine. > The device has following functionality I need to replicate: > > 1. It has dhcp server (that's easy) > 2. It makes NAT between it's "internal" interfaces and "wan" interface (easy too, but look at 3). > 3. It actually responds on every ARP request coming on it's internal interfaces. That allows it to act > as router for machines that instead of using dhcp are configured with wrong static IP addresses. > 4. It can use RADIUS for authentication of the users. > Actually, non-authenticated users are given IP address (no WPA, TKIP, etc) and when they first > try to load a web page are redirected to authentication web-page. Then their username and password > are checked against RADIUS database and only then they are allowed to connect to the outer network. > > Two more things: > > 1. It was part of a larger wireless hotspot service, sponsored from the government and implemented by outer organization, so buying another with my organization's money is out of the question. > 2. I'm aware of the issues with security but again I cannot modify the policy there. > > I'll be very thankful for any ideas. I've done something very similar to this with FreeBSD (nanobsd). Check out http://www.pean.org/authpf_on_FreeBSD.html and http://www.pean.org/NanoBSD.html Hope it will be of any help.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?462A5FC4.5060803>