| View previous topic :: View next topic |
| Author |
Message |
balky
Joined: 07 Aug 2013
Posts: 6
|
 Posted: Wed Aug 07, 2013 2:41 pm
Post subject: WPA2 in enterprise mode for public hotspot access |
|
|
I have been looking for possible ways to get this done...
We want to set up hot spots for public usage, and want to guarantee privacy to connecting clients using WPA2 in enterprise mode...
I have downloaded and installed the trial version but it looks like some important features like creating multiple IDs for example is disabled when you enable radius authentication
Is there a way to implement WPA2 using the ODBC authentication option?
Any other suggestions on how to go about this is definitely welcome.
Thanks |
|
| Back to top |
|
 |
alan
Forum facilitator
Joined: 26 Sep 2003
Posts: 4435
|
Posted: Wed Aug 07, 2013 3:18 pm
Post subject: |
|
|
Please note that WPA2's RADIUS is not exactly related to FirstSpot RADIUS Authentication Mode.
Refer to http://patronsoft.com/forum/viewtopic.php?p=9746#9746 for more discussion on this topic.
_________________
~ Patronsoft Limited ~ |
|
| Back to top |
|
|
balky
Joined: 07 Aug 2013
Posts: 6
|
Posted: Wed Aug 07, 2013 4:18 pm
Post subject: |
|
|
Hi, yes I do understand that.
I am just looking for a way to encrypt user data between the endpoint and access point.
I have been testing freeradius with EAP-TLS and it seems to work well enough.
The setup uses WPA2 in enterprise mode based on security certificate. This means that once the certificate is installed on the connecting endpoint, the user will not have to introduce any username / password to get on the network, but will only have to use the patronsoft username / password to access to internet.
The only challenge is getting the client certificate to the client machine.
Since patronsoft used a captive login, will be possible for set something that redirects the user to a site to download / install the certificate first?
Better still, the certificate can reside on the same web server used by the patronsoft captive portal.
Is this possible?
Thanks |
|
| Back to top |
|
|
alan
Forum facilitator
Joined: 26 Sep 2003
Posts: 4435
|
Posted: Wed Aug 07, 2013 4:27 pm
Post subject: |
|
|
You can customize the FirstSpot login page to include a link to install the cert. The cert can be put in either:
1) somewhere in the Internet. In that case, just put the site in the Exception Free Website list
or
2) the FirstSpot server itself. We call that "local content". There should be a local content example link in the FirstSpot login page. You can simply use that as an example and put your content there.
_________________
~ Patronsoft Limited ~ |
|
| Back to top |
|
|
balky
Joined: 07 Aug 2013
Posts: 6
|
Posted: Wed Aug 07, 2013 5:30 pm
Post subject: |
|
|
That is excellent news...
I will test tomorrow and get back to you...
Thanks |
|
| Back to top |
|
|
balky
Joined: 07 Aug 2013
Posts: 6
|
Posted: Sun Aug 11, 2013 6:45 am
Post subject: |
|
|
I am not sure how to make this work...
I can't find any instructions on how to create local content, I really want this to reside on the FirstSpot server itself.
Thanks for your assistance. |
|
| Back to top |
|
|
alan
Forum facilitator
Joined: 26 Sep 2003
Posts: 4435
|
Posted: Mon Aug 12, 2013 6:02 am
Post subject: |
|
|
You can edit the file local_content_eg.html under FirstSpot\authserv directory.
The web link from client side is http://firstspot.org:5788/local_content_eg.html . There is actually a web link for this from the FirstSpot login page.
_________________
~ Patronsoft Limited ~ |
|
| Back to top |
|
|
|
Search
Profile
Log in
Register
