My boss just asked me to look for a solution to our wireless network access problem for our public wireless internet access. Our current setup sucks, and I have had little to no good fortune from Google to find something decent (not even sure what the heck I would enter for a search term).
First off, we already have hardware in place; we just need something along the lines of the following description, as software to install on one of the servers, or as prepackaged hardware we can plug the wireless hardware into, or however it can be accomplished.
At the college I work for, we have wireless access that is open to everyone (theoretically; in reality, it's bugged nastily) as long as they register with their email address. What we want is a system that will authenticate wireless users against LDAP (Active Directory) so that students can use their normal user accounts that they use on our computers in our labs.
I know that quite a few of you work in the computer field as well. I know little to nothing about wireless network solutions and am having a terrible time finding anything. Does anyone know of any decent products for this, any companies I could Google, or anything else that could be beneficial (even just pointing me to other people who might be able to help)?
Thanks in advance to anyone that can help me get un-turned-around.
Aaron
ID:182359
 Aug 6 2008, 11:24 am (Edited on Aug 6 2008, 11:38 am)
|
|
|
Aug 6 2008, 11:27 am
|
|
Miran M
 |
Personally I recommend linksys or cisco, I have never had problems with either.
|
We already have wireless hardware in place. I probably wasn't clear enough on that, sorry.
We just want software we can throw on a server or some hardware with what we need built in, something that will allow us to authenticate users against Active Directory as they try to log on to the wireless access from their laptops, so they have to use their username and password. Right now, when you try to go to any web page or use the internet wirelessly here, a web page pops up asking you to enter a username and password, or to register for new credentials using your email address. This isn't optimal, and the software we are using barely works anyway. Thanks for your suggestion. | |
I assume that currently you are routing all the wireless traffic through a Squid Proxy, that does your current authentication? If so, that's unfortunate and I'm sure is something you'd rather avoid.
You could deploy RADIUS linked to your LDAP and get the WLAN hardware to forward authentication toward the RADIUS, using something like WPA/WPA2 Enterprise Mode authentication. Unlike regular home WLAN stuff, this should rely on a username/password combo from the client, authenticated against the RADIUS user database (LDAP in this case). If your College provides a VPN service, chances are you already have RADIUS somewhere to authenticate the PPTP requests VPN uses. To my knowledge, most Operating Systems support WPA/WPA2 Enterprise Mode authentication. At this point your user is a part of the network and normal WLAN routing should apply, it can be as transparent as you want it to be. This basically fulfills your LDAP authentication requirement. As for the software itself, if you aren't already using RADIUS then I suppose FreeRADIUS will do you okay, it has decent LDAP support. | |
Since my college mandates that everyone have a laptop, they have a pretty huge wireless network setup. Unfortunately, since I've only been on the campus one time and only for one full day, I don't know much about it. All I know is that they use Cisco VPN software for authentication. Perhaps looking into VPNs and such will at least lead you in the right direction.
Also, did you ever get that anti static wrist wrap? | |