FreeBSD machine instead of wireless hotspot device
Peter Ankerstål
peter at pean.org
Sat Apr 21 19:02:31 UTC 2007
Angelin Lalev wrote:
> I have wireless hotspot device (Handlink WG-601) which I need to replace with FreeBSD machine.
> The device has following functionality I need to replicate:
>
> 1. It has dhcp server (that's easy)
> 2. It makes NAT between it's "internal" interfaces and "wan" interface (easy too, but look at 3).
> 3. It actually responds on every ARP request coming on it's internal interfaces. That allows it to act
> as router for machines that instead of using dhcp are configured with wrong static IP addresses.
> 4. It can use RADIUS for authentication of the users.
> Actually, non-authenticated users are given IP address (no WPA, TKIP, etc) and when they first
> try to load a web page are redirected to authentication web-page. Then their username and password
> are checked against RADIUS database and only then they are allowed to connect to the outer network.
>
> Two more things:
>
> 1. It was part of a larger wireless hotspot service, sponsored from the government and implemented by outer organization, so buying another with my organization's money is out of the question.
> 2. I'm aware of the issues with security but again I cannot modify the policy there.
>
> I'll be very thankful for any ideas.
I've done something very similar to this with FreeBSD (nanobsd).
Check out http://www.pean.org/authpf_on_FreeBSD.html and
http://www.pean.org/NanoBSD.html
Hope it will be of any help.
More information about the freebsd-questions
mailing list