Date: Sat, 18 Feb 2006 01:30:27 +0000 From: "Siraj 'Sid' Rakhada" <virtualsid@gmail.com> To: "Odhiambo Washington" <wash@wananchi.com>, freebsd-isp@freebsd.org Subject: Re: walled garden concept Message-ID: <d20e2c140602171730j6519b93ex@mail.gmail.com> In-Reply-To: <20060217200318.GC10377@ns2.wananchi.com> References: <20060217162927.GA23261@ns2.wananchi.com> <d20e2c140602170907w11ff00dag@mail.gmail.com> <20060217200318.GC10377@ns2.wananchi.com>
index | next in thread | previous in thread | raw e-mail
On 17/02/06, Odhiambo Washington <wash@wananchi.com> wrote:
> I am foreseeing a situation where I have a new 'customer' or one whose
> service expired. I want these two to be able to dialin to my NASes for
> free, but only get access to site1, site2 or site3. Everything else is
> blocked, until they dialin with the name they are paying for. I will
> give them a common userid/passwd pair for this purpose.
This is exactly the kind of thing I've done a long time ago ('98 or
so)! It was basically so that people could sign up via a signup CD-ROM
:-)
> Your instructions (or Read This F Manual) to do this are welcome.
I hope the following links will point you onto the right track:
This is the kind of system that I used:
http://puck.nether.net/pipermail/cisco-bba/2004-May/000247.html
Cisco's own docs for that system:
http://www.cisco.com/warp/public/480/radius_ACL1.html
I've not done the style described in the url below, but it seems a
similar solution, but with more work on the RADIUS server end:
http://puck.nether.net/pipermail/cisco-bba/2004-May/000247.html
Oh, one tip I will give - don't forget to allow DNS traffic through ;-)
This isn't really a FreeBSD issue as such, so I've tried to keep it
brief as I'm not sure if it's on topic or not.
Hope it helps,
Sid
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d20e2c140602171730j6519b93ex>