Fwd: Re: Quasi-enterprise WiFi network
Victor Sudakov
vas at mpeks.tomsk.su
Sun Jan 7 18:04:32 UTC 2018
Freddie Cash wrote:
> >
> > I'm trying to setup a quasi-enterprise WiFi network for mobile
> > devices. This will be a solution for a public library with the only
> > requirement that guest users should get personal credentials for WiFi
> > access from a librarian (not a shared PSK for everyone).
>
> You don't *need* RADIUS for this, although it may make some things easier
> in some setups.
>
> All you need is a separate vlan for the "guest" wireless clients to connect
> to, at the default gateway for that vlan to the FreeBSD machine, and use
> firewall rules to redirect all "new" devices to a local Apache setup (new
> meaning you don't know the MAC address).
>
> In Apache, you use mod_rewrite rules to change the requested URL to a local
> webpage where you display your rules and whatnot, along with the login
What you are suggesting is essentially a hand-made captive portal. I
would be grateful for your mod_rewrite rules, but this will be a last
resort. AFAIK there are implementations of a captive portal in
M0n0wall and pfSense. I've also seen howtos like https://www.unixmen.com/freebsd-10-1-x64-wifi-captive-portal/
But if I can, I'd try a pure WiFi solution first, of course if it
exists.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
AS43859
More information about the freebsd-net
mailing list