Hi:
I have got the idea that I want to set up a hostap on my
FBSD box.
My idea is that I want to allow strangers to associate and
get their
network configuration via dhcp. Any attempt to access the
Internet will
then be redirected to a web page explaining that they have
to register
first.
Once registered, the AP should support (or rather require)
EAP-TLS and
allow access to the Internet.
I know, this sounds very much like VPN. Indeed it is, (and I
might fall
back on this). But the difference is that it is bound to a
particular
wireless network. Users may connect to other networks where
all this is
not required. So for usability I think it is easier if the
wifi
controller takes care of connecting with the correct
certificate.
So, my first question: Is it possible to configure a
Wireless NIC in
hostap mode to support both non-encrypted open association
as well as
EAP-TLS (or some other type of encryption/authentication
scheme)?
Secondly, is it possible to make the firewall (on the the
hostap box)
aware of whether a client uses security and only allow
access if the
wireless connection is encrypted? I use packet filter, and
this is
somewhat like authpf w. ssh that can invoke rules, or it
could be solved
with the traditional VPN. But I would like to use the
EAP-TLS scheme.
Thanks, Erik
_______________________________________________
freebsd-questions freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-que
stions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribefreebsd.org"
|