Date: Mon, 8 Jan 2018 01:04:22 +0700 From: Victor Sudakov <vas@mpeks.tomsk.su> To: Freddie Cash <fjwcash@gmail.com> Cc: freebsd-net <freebsd-net@freebsd.org> Subject: Re: Fwd: Re: Quasi-enterprise WiFi network Message-ID: <20180107180422.GA46756@admin.sibptus.transneft.ru> In-Reply-To: <CAOjFWZ6kYSTKmPHpQqd%2BywrUNVLcG6JNzwFJYPyt5z1H4HeRUw@mail.gmail.com> References: <CAOjFWZ6kYSTKmPHpQqd%2BywrUNVLcG6JNzwFJYPyt5z1H4HeRUw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Freddie Cash wrote: > > > > I'm trying to setup a quasi-enterprise WiFi network for mobile > > devices. This will be a solution for a public library with the only > > requirement that guest users should get personal credentials for WiFi > > access from a librarian (not a shared PSK for everyone). > > You don't *need* RADIUS for this, although it may make some things easier > in some setups. > > All you need is a separate vlan for the "guest" wireless clients to connect > to, at the default gateway for that vlan to the FreeBSD machine, and use > firewall rules to redirect all "new" devices to a local Apache setup (new > meaning you don't know the MAC address). > > In Apache, you use mod_rewrite rules to change the requested URL to a local > webpage where you display your rules and whatnot, along with the login What you are suggesting is essentially a hand-made captive portal. I would be grateful for your mod_rewrite rules, but this will be a last resort. AFAIK there are implementations of a captive portal in M0n0wall and pfSense. I've also seen howtos like https://www.unixmen.com/freebsd-10-1-x64-wifi-captive-portal/ But if I can, I'd try a pure WiFi solution first, of course if it exists. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180107180422.GA46756>