Colleagues, I'm trying to setup a quasi-enterprise WiFi network for mobile devices. This will be a solution for a public library with the only requirement that guest users should get personal credentials for WiFi access from a librarian (not a shared PSK for everyone).
The library has a FreeBSD router with FreeRADIUS3, and several TP-Link APs which support "Enterprise WiFi" and can be RADIUS clients. The point is I don't want to require customers to install X.509 certificates on their mobile devices, the network setup should be simple and transparent for the customer. I don't care if some Evil Hacker impersonates my quasi-enterprise network and collects all the passwords, so I really need no certificates to authenticate the network to customers. The only condition is that each customer has a personal login/password which expires daily (any RADIUS server can expire accounts, I'm sure FreeRADIUS is no exception). I would also consider a variant with FreeBSD+hostapd as AP (instead of the TP-Link routers) if it's more feasible. Could you please point me in the right direction. Maybe I'm totally wrong and I should use a different approach altogether? -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859 _______________________________________________ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
