Does anyone know of a wireless AP that enforces some sort of login for access
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
|||||||||||||||||||
|
Posted by Default User on July 28, 2008, 9:17 am
Please log in for more thread options I have a customer with a wireless cafe and they would like customers who use it to have to login with a password of the day before using it. I've seen some wireless services where you first internet request returns a logon page. Does anyone know of a AP that does this? Thanks, Alan | |||||||||||||||||||
|
Posted by Jeff Liebermann on July 28, 2008, 11:44 am
Please log in for more thread options Login or approval dialog? It's called "splash page" or "http redirect". Also see "captive portal" and "nocatsplash". I think you will do better if you search Google for "How to setup a wi-fi hotspot" which returns a substantial number of devices, services, configurations, options, headaches, limitations, and clues. It's fairly simple to do, but does require a bit of planning and configuration. My personal preference is DD-WRT firmware running either WifiDog or Chilispot hotspot software. Both require an external RADIUS server for logins and passwords. Chilispot has a small built in "local user manager", but I've never used it. From the FAQ section on hotspots: <http://wireless.navas.us/wiki/Wi-Fi_How_To#Setup_a_hotspot>
-- Jeff Liebermann jeffl@cruzio.com 150 Felker St #D http://www.LearnByDestroying.com Santa Cruz CA 95060 http://802.11junk.com Skype: JeffLiebermann AE6KS 831-336-2558 | |||||||||||||||||||
|
Posted by msg on July 28, 2008, 12:15 pm
Please log in for more thread options Jeff Liebermann wrote:
> On Mon, 28 Jul 2008 08:17:12 -0500, "Default User"
> > >>I have a customer with a wireless cafe and they would like customers who use
>>it to have to login with a password of the day before using it. I've seen >>some wireless services where you first internet request returns a logon >>page. Does anyone know of a AP that does this? >
> > Login or approval dialog? It's called "splash page" or "http > redirect". Also see "captive portal" and "nocatsplash". I think you > will do better if you search Google for "How to setup a wi-fi hotspot" > which returns a substantial number of devices, services, > configurations, options, headaches, limitations, and clues. It's > fairly simple to do, but does require a bit of planning and > configuration. > > My personal preference is DD-WRT firmware running either WifiDog or > Chilispot hotspot software. Both require an external RADIUS server > for logins and passwords. Chilispot has a small built in "local user > manager", but I've never used it. I would also suggest offering MAC-based auth. for certain customers who use older handhelds that aren't friendly to browser-based authentication schemes; the shop manager can manually manage such customer access from an admin interface. WiFi access admin at one local university does just that for such devices and for wireless printers, etc. Michael | |||||||||||||||||||
|
Posted by Jeff Liebermann on July 28, 2008, 3:21 pm
Please log in for more thread options
>I would also suggest offering MAC-based auth. for certain customers
>who use older handhelds that aren't friendly to browser-based >authentication schemes; the shop manager can manually manage such >customer access from an admin interface. WiFi access admin at one >local university does just that for such devices and for wireless >printers, etc. > >Michael Shop manager? She's qualified to run a coffee shop, but is clueless as far as wireless and computers are concerned. It's like that at most of my coffee shop customers. The few that do have a computer literate person on the staff, don't want that person wasting their time tweaking the system, or dealing with customer issues. Unfortunately, what happens is that the customer gets told to talk to the admin (that's me). I get a call on my cell phone asking how to deal with a connection problem. I have yet to see any manner of "older handheld" issues. As for MAC authentication, I have to expire the MAC address table at least once per hour at shops frequented by the local software developers and students. There's some kind of "privacy" scheme that rotates phony MAC addresses when the laptop is idle. The result is that MAC address table rapidly fills up, kicks off legitimate users, and ruins my day. The hackers running some kind of virtual machine are also a thrill. Some of these VM's apparently also virtualizes the MAC address and replace it with a phony address. I've seen one laptop grab about 8 MAC addresses, one for each VM on the laptop. The surest sign of success is abuse and pollution. MAC addresses are certainly successful. There's only one kind of authentication that I really trust. X.509 certificates issued by a known certificate authority. I use those on USB dongles at medical offices for HIPAA security. Works well, except when someone forgets their dongle. However, that's overkill for a coffee shop. Now, I have a coffee shop question. Duz anyone have an easy way to log off users after 60 minutes and prevent them from faking a MAC address and logging back in? Note that I said "easy" which means I don't want to setup a NAC security infrastructure or similar monstrosity. -- Jeff Liebermann jeffl@cruzio.com 150 Felker St #D http://www.LearnByDestroying.com Santa Cruz CA 95060 http://802.11junk.com Skype: JeffLiebermann AE6KS 831-336-2558 | |||||||||||||||||||
|
Posted by Peter Pan on July 29, 2008, 12:20 am
Please log in for more thread options Jeff Liebermann wrote:
>
> Now, I have a coffee shop question. Duz anyone have an easy way to > log off users after 60 minutes and prevent them from faking a MAC > address and logging back in? Note that I said "easy" which means I > don't want to setup a NAC security infrastructure or similar > monstrosity. I got annoyed with handholding users and problems... Consider closing your biz and test/pre-retiring.....Enjoy life while you are still young, and plan B (walmart greeter) If you are still alive, when you get old.... That's my plan and I'm sticking to it! :) | |||||||||||||||||||
>it to have to login with a password of the day before using it. I've seen
>some wireless services where you first internet request returns a logon
>page. Does anyone know of a AP that does this?