Rental Home Wireless Networks? 57
Tangential asks: "I'm looking for advice. I have a rental home at the beach that I've equipped with Cable Modem and WiFi. After trying to use it with WEP for a summer I gave that up (life is far too short for me to talk every renter thru configuring their notebook). I would like a bit of control over who uses my system. I've blocked outbound port 25 (since my ISP doesn't), but what I'd really like to do is run something like hotels do, where you enter a password and activate your MAC address for a certain amount of time, Then I could just tell the renter the password and manage that remotely. I run OSS in my Linksys WRT-54G router at home (from Sveasoft) and I like being able to use a low cost router for such a function. I'd like to know what systems other folks have encountered that do this using OSS and mass market equipment."
PUBLICip (Score:5, Informative)
Check out the features [publicip.net] and see if that's what you're looking for. It's free!
PublicIP (Score:2, Informative)
D-Link Airspot Line of Wireless Routers. (Score:3, Informative)
DSA-5100http://www.dlink.com/products/?sec
Product Features: Creates Multiple Public Networks with Five Different
Authentication Policies
Supports up to 400 Concurrent Online Users
Advanced User Management with Traffic Monitoring and Policy Enforcement Product Description:
D-Link®, the industry leader in innovative networking solutions, introduces another breakthrough in the Airspot family of service gateway products. As the need for on-demand Internet connectivity continues to grow, the D-Link Airspot DSA-5100 Public/Private Hot Spot Gateway provides large establishments a solid solution for adding multiple public access networks while still maintaining the integrity of an existing private network. The DSA-5100 Hot Spot Gateway is a business-class service gateway designed to segment public and private network infrastructures. By adding a managed switch to the integrated public port, network administrators can deploy several public networks over a large-scale establishment such as a university campus or resort. Through the private port on the DSA-5100, the backend private network such as the campus operation centers or central office, can remain completely separate and secure.
To optimize and maintain network up time and performance, the DSA-5100 Hot Spot Gateway has two built-in WAN ports that support link fail-over in order to provide Internet connection redundancy. In the case that the first ISP's connection fails, the second link (if configured and conencted to a second ISP) will take over to ensure that Hot Spot customers with maintain uninterrrupted Internet access. The DSA-5100 supports virtually all WAN connection types including static, dynamic, and PPPoE Client.
The DSA-5100 Hot Spot Gateway also offers several advanced features to help manage and support up to 400 public users online at any time. Additional user management controls include bandwidth control, network policy enforcement, customizable user timer, login/logout web-page, online traffic monitoring, and URL redirection.
To ensure authorized network access, the DSA-5100 supports multiple authentication methods such as POP3, RADIUS, LDAP, internal user database, and external Web (HTTP or HTTPS) authentication. With support for 802.1q VLAN tagging, different authentication policies can be used per administrator-assigned VLAN networks for maximum security. In addition, VLAN tagging helps to segment and prioritize incoming traffic. For the private network, the integrated DHCP server and firewall with Denial of Service (DoS) Protection safeguards the network from malicious attacks and hackers.
Network administrators can manage the DSA-5100 Hot Spot Gateway and all of its features via the Web-based, CLI, SSH, or SNMP v2 management interfaces. With a wide array of convenient management utilities, the D-Link Airspot DSA-5100 Public/Private Service Gateway is an efficient and powerful hotspot solution.
What's the problem? (Score:5, Informative)
If you still think you need to have usernames and passwords try nocat [nocat.net]. It handles authentication but I usually use it for a splash page for access points I build from old laptops [osvoip.net].
Good luck.
MOD Parent UP (Score:1, Informative)
OpenBSD pf (Score:4, Informative)
http://www.openbsd.org/faq/pf/authpf.html [openbsd.org]
Authpf(8) is a user shell for authenticating gateways. An authenticating gateway is just like a regular network gateway (a.k.a. a router) except that users must first authenticate themselves to the gateway before it will allow traffic to pass through it. When a user's shell is set to
Re:D-Link Airspot Line of Wireless Routers. (Score:4, Informative)
NoCatAuth NoCatSplash (Score:5, Informative)
http://nocat.net/ [nocat.net]
But since nobody did, I posted it myself.
ChilliSpot or NoCat with NoCatSplash (Score:3, Informative)
Another option (already mentioned) that would work with the is to run NoCat
http://nocat.net/ [nocat.net] on a "server" along with NoCatSplash on the WRT54 (see http://nocat.net/~rob/wrt54g/ [nocat.net] ).
Take a look at http://www.slcwireless.com/ [slcwireless.com] to see how they are providing free wireless to location in Salt Lake City, Utah.
Good luck!
m0n0wall (Score:2, Informative)
The captive proxy support would be especially useful for you - from the web interface, you can remotely add/delete/change the usernames and passwords for the captive proxy.
Yes - there are other captive proxy projects out there (NoCatAuth etc.). I evaluated several of them, but ended up sticking with m0n0wall due to the ease of implementation and the foolproof architecture it has.