Douglass was having trouble posting on this forum today (I don't think he has permission yet to post - can someone correct his?) so I am helping him, but this is his question:
I am about to start a project here at YWAM Nashville to spread wifi access our campus. One of the requirements that have been set for this project is that students cannot access the Internet during class times or after a certain time at night. So I'm thinking of setting up a captive portal that can be used to specify groups of people and give them varying access time permissions on the Internet. Does anyone here have some recommendations of what software to try? Thanks for your help.
--
Douglass Clem
Website: crashsystems.googlepages.com
Comments
thanks
Thanks for posting this for me Kevin.
re: Captive Portal?
Hi.
I haven't looked too much into it but I guess it was recommended here before. Check it out and see if that is a possible solution for you: www.meraki.com
They have hardware for outdoor available which might be handy as well.
I don't know if that is really what you are looking for but I guess it's worth checking it out.
Greetings from the MatriX,
neo
captive portal
Hello,
You may also be interested in: www.coova.org
There, you will find may of the tools you'll need for a robust captive portal solution without locking you into any specific service provider.
cheers,
wlan
Captive Portal
I am guessing you want secure login and specific access times...
Another thing to look at is a freeware router software/firmware called DD-WRT. A German guy began developing the open source software improvements to Linksys wireless routers and now they (a whole community of open source "hackers") have expanded support to a number of different manufacturers. Asus, Buffalo, Belkin, Routerboard etc
DD-WRT has radio scheduling -so you can switch off the entire wireless section of a given router as specified timeblocks, and also supprts Wifi-dog, Chillispot and other open source login packages.
DD-WRT
and DD-WRT Wiki
I like some of the new features in the latest DD-WRT and having a virtual SSID was handy providing selected access on a simple setup at the UofN Workshop in Thailand where we restricted access during main sessions (first turned off wireless radio then found certain 'big cheeses' needed to get in and part time WEP was such a hassle---- another subject for another time!)
Blessings from up north!
Mike
PFSense
I have read that you can use PFSense for this. www.pfsense.org Essentially you set up your wireless network and PFSense becomes the gateway onto your internet connection.
I have thought about doing this from a separate angle... you could use pfsense and only grant access beyond your wireless network through VPN. This would allow you to run your wireless network open, but this would give you user level of authentication and security beyond the standard wireless WEP/WPA keys.
more details
Thanks to everyone who has posted so far. I'm thinking of not going the AP firmware route, simply because I'm going to have a number of APs at various places, and I don't want to manage settings on each one. What I'm thinking of is taking an old box and loading Linux on it, plus my captive portal software of choice. That way I can plug in new APs and replace old ones, and since all the traffic is routed through the Linux box everything will go through the portal. I already have my network gateway running Debian Etch, and could just put the portal on that, but I figured it would probably be best not to put too many functions into one machine. Its looking like my choice for software might be nocatauth. The problem is that their site gives absolutely no details on it capabilities. Oh well, I guess I'll just have to fire up VMware and test it out to see. Does anyone here have any experience with nocat?
Douglass
crashsystems.googlepages.com
DD-WRT
After spending some time doing more research, I now have both some decisions and an equal number of new questions. I really like what I have read concerning DD-WRT, but unfortunately the documentation is rather sparse. I won't be going with a captive portal solution where every user has their own login, because that would be far too tedious. What I would like to do is set up APs with DD-WRT and have two SSIDs, one for staff and another for students, like what Mike has previously mentioned. For this to work, I would need to be able to set up separate WPA keys for each SSID, and have the one that students access have time based restrictions set on it. Has anyone here done anything like that?
crashsystems
DD-WRT
Hmmm
That is interesting.
I have not played with the latest betas (not wanting to break a working system...)
but did manage to test multiple SSID at the workshop in Thailand. That was great - especially the 'hidden' SSID working kind of in the shadow of the advertised one.
I am not sure if radio scheduling is per SSID or for the entire box.
That will be the test. Check the forums at the dd-wrt site. The guys there are usually VERY fast in responding.
Blessings
Mike
More DD-WRT stuff
So here is a little update on my WiFi saga. I purchased five shiny new WRT54G routers, and just flashed DD-WRT onto one this morning. The previous commenter said might be the case, radio scheduling is for the entire device, and not for individual ESSIDs. However, I found that when one makes a new VAP (Virtual Access Point), a new interface is created. So I'm thinking that what I'll do is a cron script that looks something like,
30 22 * * * ifconfig vap1 down
30 08 * * * ifconfig vap1 up
where vap1 stands for the VAP's interface name. Does anyone have any comments regarding this approach?