walled garden concept
Siraj 'Sid' Rakhada
virtualsid at gmail.com
Fri Feb 17 17:30:29 PST 2006
On 17/02/06, Odhiambo Washington <wash at wananchi.com> wrote:
> I am foreseeing a situation where I have a new 'customer' or one whose
> service expired. I want these two to be able to dialin to my NASes for
> free, but only get access to site1, site2 or site3. Everything else is
> blocked, until they dialin with the name they are paying for. I will
> give them a common userid/passwd pair for this purpose.
This is exactly the kind of thing I've done a long time ago ('98 or
so)! It was basically so that people could sign up via a signup CD-ROM
:-)
> Your instructions (or Read This F Manual) to do this are welcome.
I hope the following links will point you onto the right track:
This is the kind of system that I used:
http://puck.nether.net/pipermail/cisco-bba/2004-May/000247.html
Cisco's own docs for that system:
http://www.cisco.com/warp/public/480/radius_ACL1.html
I've not done the style described in the url below, but it seems a
similar solution, but with more work on the RADIUS server end:
http://puck.nether.net/pipermail/cisco-bba/2004-May/000247.html
Oh, one tip I will give - don't forget to allow DNS traffic through ;-)
This isn't really a FreeBSD issue as such, so I've tried to keep it
brief as I'm not sure if it's on topic or not.
Hope it helps,
Sid
More information about the freebsd-isp
mailing list