Does anyone know of a wireless AP that enforces some sort of login for access

Hi,

I have a customer with a wireless cafe and they would like customers who use
it to have to login with a password of the day before using it. I've seen
some wireless services where you first internet request returns a logon
page. Does anyone know of a AP that does this?

Thanks,

Alan

On Mon, 28 Jul 2008 08:17:12 -0500, "Default User"
<nospam38925@forme.com> wrote:

>I have a customer with a wireless cafe and they would like customers who use
>it to have to login with a password of the day before using it. I've seen
>some wireless services where you first internet request returns a logon
>page. Does anyone know of a AP that does this?

Login or approval dialog? It's called "splash page" or "http
redirect". Also see "captive portal" and "nocatsplash". I think you
will do better if you search Google for "How to setup a wi-fi hotspot"
which returns a substantial number of devices, services,
configurations, options, headaches, limitations, and clues. It's
fairly simple to do, but does require a bit of planning and
configuration.

My personal preference is DD-WRT firmware running either WifiDog or
Chilispot hotspot software. Both require an external RADIUS server
for logins and passwords. Chilispot has a small built in "local user
manager", but I've never used it.

From the FAQ section on hotspots:
<http://wireless.navas.us/wiki/Wi-Fi_How_To#Setup_a_hotspot>


--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Jeff Liebermann wrote:

> On Mon, 28 Jul 2008 08:17:12 -0500, "Default User"
> <nospam38925@forme.com> wrote:
>
>
>>I have a customer with a wireless cafe and they would like customers who use
>>it to have to login with a password of the day before using it. I've seen
>>some wireless services where you first internet request returns a logon
>>page. Does anyone know of a AP that does this?
>
>
> Login or approval dialog? It's called "splash page" or "http
> redirect". Also see "captive portal" and "nocatsplash". I think you
> will do better if you search Google for "How to setup a wi-fi hotspot"
> which returns a substantial number of devices, services,
> configurations, options, headaches, limitations, and clues. It's
> fairly simple to do, but does require a bit of planning and
> configuration.
>
> My personal preference is DD-WRT firmware running either WifiDog or
> Chilispot hotspot software. Both require an external RADIUS server
> for logins and passwords. Chilispot has a small built in "local user
> manager", but I've never used it.

I would also suggest offering MAC-based auth. for certain customers
who use older handhelds that aren't friendly to browser-based
authentication schemes; the shop manager can manually manage such
customer access from an admin interface. WiFi access admin at one
local university does just that for such devices and for wireless
printers, etc.

Michael

On Mon, 28 Jul 2008 11:15:05 -0500, msg <msg@_cybertheque.org_> wrote:

>I would also suggest offering MAC-based auth. for certain customers
>who use older handhelds that aren't friendly to browser-based
>authentication schemes; the shop manager can manually manage such
>customer access from an admin interface. WiFi access admin at one
>local university does just that for such devices and for wireless
>printers, etc.
>
>Michael

Shop manager? She's qualified to run a coffee shop, but is clueless
as far as wireless and computers are concerned. It's like that at
most of my coffee shop customers. The few that do have a computer
literate person on the staff, don't want that person wasting their
time tweaking the system, or dealing with customer issues.
Unfortunately, what happens is that the customer gets told to talk to
the admin (that's me). I get a call on my cell phone asking how to
deal with a connection problem. I have yet to see any manner of
"older handheld" issues.

As for MAC authentication, I have to expire the MAC address table at
least once per hour at shops frequented by the local software
developers and students. There's some kind of "privacy" scheme that
rotates phony MAC addresses when the laptop is idle. The result is
that MAC address table rapidly fills up, kicks off legitimate users,
and ruins my day.

The hackers running some kind of virtual machine are also a thrill.
Some of these VM's apparently also virtualizes the MAC address and
replace it with a phony address. I've seen one laptop grab about 8
MAC addresses, one for each VM on the laptop.

The surest sign of success is abuse and pollution. MAC addresses are
certainly successful.

There's only one kind of authentication that I really trust. X.509
certificates issued by a known certificate authority. I use those on
USB dongles at medical offices for HIPAA security. Works well, except
when someone forgets their dongle. However, that's overkill for a
coffee shop.

Now, I have a coffee shop question. Duz anyone have an easy way to
log off users after 60 minutes and prevent them from faking a MAC
address and logging back in? Note that I said "easy" which means I
don't want to setup a NAC security infrastructure or similar
monstrosity.

--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Jeff Liebermann wrote:
>
> Now, I have a coffee shop question. Duz anyone have an easy way to
> log off users after 60 minutes and prevent them from faking a MAC
> address and logging back in? Note that I said "easy" which means I
> don't want to setup a NAC security infrastructure or similar
> monstrosity.

I got annoyed with handholding users and problems... Consider closing your
biz and test/pre-retiring.....Enjoy life while you are still young, and plan
B (walmart greeter) If you are still alive, when you get old.... That's my
plan and I'm sticking to it! :)

On Mon, 28 Jul 2008 08:17:12 -0500, "Default User"
<nospam38925@forme.com> wrote:

>Hi,
>
>I have a customer with a wireless cafe and they would like customers who use
>it to have to login with a password of the day before using it. I've seen
>some wireless services where you first internet request returns a logon
>page. Does anyone know of a AP that does this?
>
>Thanks,
>
>Alan
>

Have a look at ZONECD

http://www.publicip.net/zonecd/how.php

On Tue, 29 Jul 2008 00:20:42 -0400, "Peter Pan"
<PeterPanNOSPAM@MarcAlanNOSPAM.info> wrote:

>I got annoyed with handholding users and problems... Consider closing your
>biz and test/pre-retiring.....Enjoy life while you are still young, and plan
>B (walmart greeter) If you are still alive, when you get old.... That's my
>plan and I'm sticking to it! :)

My family has a tradition of dropping dead on the job. I seem to be
following the pattern. We don't get old. My father was running his
lingerie factory up to age 76 and nobody mentioned his age (and lived
to tell about it).

Retirement is not in the plans, but on-the-job retirement and picking
my customers carefully, seems possible. It's also dubious because any
retirement plans inevitably involve various government programs that
show every indication falling apart. I'm 60.7 years old. I have
enough cash saved that I could retire today, and loaf for about 8
years, but not enough to make it through to my expected lifespan. The
only real downside is that I haven't been able to take time off for a
real vacation for many years.

Drivel: Yesterday was spent going up and down stairs and on top of a
12 ft ladder. Network wiring in a converted Victorian office
building. Nice to have the CAT5 running on the OUTSIDE of the
building. Ended the day cleaning a Dell Inspiron 6000 that took a
swim in the bay. Nice to know I can still put in a 12 hour day and
survive.


--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Jeff Liebermann wrote:

>
> Retirement is not in the plans, but on-the-job retirement and picking
> my customers carefully, seems possible. It's also dubious because any
> retirement plans inevitably involve various government programs that
> show every indication falling apart.

This must occur almost everywhere. I have 18 "working days" left until I
retire from the daily grind and I have spent the last 5 months chasing
various organisations for a variety of documentation that is apparently
needed to ensure I am paid what is owed in my retirement and I won't
know how successful I have been until the payments become due as the
feedback from said organisations is abysmal. Still, chasing any failures
will keep me out of mischief for a couple of months.

On Jul 29, 12:43*pm, LR <l...@privacy.net> wrote:
> Jeff Liebermann wrote:
>
> > Retirement is not in the plans, but on-the-job retirement and picking
> > my customers carefully, seems possible. It's also dubious because any
> > retirement plans inevitably involve various government programs that
> > show every indication falling apart.
>
> This must occur almost everywhere. I have 18 "working days" left until I
> * retire from the daily grind and I have spent the last 5 months chasing
> various organisations for a variety of documentation that is apparently
> needed to ensure I am paid what is owed in my retirement and I won't
> know how successful I have been until the payments become due as the
> feedback from said organisations is abysmal. Still, chasing any failures
> will keep me out of mischief for a couple of months.

Sounds like you work for the gov.

Jimmie

How about DNS Redirector?

www.dnsredirector.com