Ubuntu 8.04 Hotspot Introduction June 6th, 2010
Note: This howto has been tested and works for Ubuntu 8.04 Hardy Heron server editions for other vesions of ubuntu see WifiDocs/ChillispotHotspot
Chillispot is software which provides authentication and restricted network access to clients. Its primary use is in wireless (WiFi) networks.
For instance, suppose you are managing a wireless network in a hotel: the access points are connected via the wired LAN to a server which works as a gateway, firewall, DNS server, etc. Now you want the same server (either because it’s desirable or because it’s required by your nation’s law) to require authentication from all clients, possibly without messing around with the configuration of the access points. And maybe you even want users to be able to browse some sites (i.e. an internal web server or the hotel web site) without the need to authenticate themselves. Chillispot lets you manage all of this, and some more.
Please take a look at the Chillispot.info web site to see how the software works. In a few words, hillispot creates a virtual private network (192.168.182.0/24, but you can change this default setting) which it uses to dialogate with the clients and to decide who and how to let to see the outside network. Chillispot manages the allocation of dynamic IP addresses to clients, so you don’t need other DHCP tools.
|As of mid 2007, ChilliSpot appears to be dead. The developer Jens Jacobsen had vanished, and the chillispot.org domain lapsed, but chillispot.info is a copy (with ads inserted) of the original site. CoovaChilli has forked from ChilliSpot 1.0 and its development also continues with an active user-base.|
The following software is required for this installation:
- MySQL Read the rest of this entry »
Creating a radius based VPN with support for Windows clients June 6th, 2010
This article discusses setting up up an integrated IPSec/L2TP VPN using Radius and integrating it with Microsoft Windows clients.
Introduction and Planning
The software installed is going to be based on Debian packages as far as it is possible.
If we need to rely on a product not within Debian, then it’s source code will be retrieved and rebuilt.
Also sometimes the Debian packages are available, but have a compilation feature switched off (usually SSL support).
Where necessary that Debian package will need to be recompiled too.
The goal of this article is to set up a Linux based VPN server compatible with MS-Windows IPSec/L2TP clients, where users are authenticated against a RADIUS server.
Each main service in this document should have it’s own IP address assigned to it. That way services can be moved to different hosts in the future.
While the VPN server uses the ppp daemon as part of it’s solution, a separate IP needs to be allocated to that.
It is the point where the VPN tunnels terminate and route into the network.
For this document, the IP addresses assigned to the services follows.
Note that these will need to change based on your real-world rollout.Base Operating System: 10.10.0.216 MySQL Database Server: 10.10.0.217 FreeRADIUS Server: 10.10.0.218 IPSec VPN Server: 10.10.0.219 ppp Device: 10.10.0.220 Read the rest of this entry »
When somebody wants to connect to Internet using my wifi, the first page he can see is the register/login page (whatever page he wants to visit).
After registration/login he is able to connect to Internet.
So let’s see how I did it.
Let’s have one server with two network interfaces – first (eth0) goes to Internet, the second one (eth1) is the wifi for “unknown” clients.
Intermet —eth0-dhcp-Hot Spot Server-eth1-192.168.10.1———((((- ))))———–Client Read the rest of this entry »
This tutorial explains how you can set up a FreeRadius (1.1.7) server with Wifi authentication and accounting in conjunction with MySQL & web management with Daloradius on Ubuntu 8.04 LTS Server Edition This howto should work for a novice. Production deployment is also possible with minor tweaking. But as usual I do not guarantee anything & take no responsibilities if something goes wrong.
(For a basic how-to refer to the doc http://www.howtoforge.com/wifi-authentication-accounting-with-freeradius-on-centos5.)
Following steps are involved:
- Building Ubuntu 8.04 .debs (for eap/ttls support)
- Installing the binary packages
- Configuring the FR with MySQL
- Setting up web management with Daloradius
Step 1- Building Ubuntu 8.04. packages
Note: Those who don’t need openssl/tls/ttls (certificates etc..) just fetch the FR packages from ubuntu repos with apt-get & skip to step 3.
Before building the FreeRadius Ubuntu 8.04 package we have to apt-get some packages, necessary for the build process.
sudo su -
apt-get install debhelper libltdl3-dev libpam0g-dev \
libmysqlclient15-dev build-essential libgdbm-dev \
libldap2-dev libsasl2-dev libiodbc2-dev libkrb5-dev snmp \
autotools-dev dpatch libperl-dev libtool dpkg-dev libpq-dev \
libsnmp-dev libssl-dev Read the rest of this entry »
Here’s a *near* step-by-step guide to setup FreeRADIUS with MySQL backed authentication done on Ubuntu 9.10 (Karmic). Start by installing the necessary deb files:
# apt-get install freeradius freeradius-mysql
Add the following lines to the /etc/freeradius/users file:
abc Cleartext-Password := “123″
Stop freeradius service just in case:
Now test using the radtest client:
# radtest abc 123 localhost 1812 testing123
Sending Access-Request of id 149 to 127.0.0.1 port 1812
User-Name = “abc”
User-Password = “123″
NAS-IP-Address = 184.108.40.206
NAS-Port = 1812
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=149, length=20
Ensure that the response is “Access-Accept”. The following should be displayed at the server console:
rad_recv: Access-Request packet from host 127.0.0.1 port 33425, id=149, length=55 Read the rest of this entry »