2014-12-09 - Re: [GRASE-Hotspot] Grase Hotspot working with DD-WRT routers in remote locations.

Header Data

From: Edward Allen <yb***j@gmail.com>
Message Hash: eaa4bcafef214e629d48c0023daa85f0a3519a58b438ba91ae5f3fbd016f9d7a
Message ID: <CAGUY4fxQncfQnd–gBABaFHucTQ8AJnYgoPoOvvT2NR=XaeuLA@mail.gmail.com>
Reply To: <fdecd37a-fa21-4d62-a6b5-50601889ecb6@grasehotspot.org>
UTC Datetime: 2014-12-09 12:26:46 UTC
Raw Date: Tue, 09 Dec 2014 14:26:46 -0500

Raw message 

Hi Norberto


Let me get this correct.
This modification changes grase to work based off IP addresses instead of
mac addresses right?

If so then technically and theoretically with proper routing then its
possible to use regular AP routers(without chilli/coova) with Grase at
master control in routed/vlan networks that's usually present in school
networks. This as grase would now be seeing all the clients based on their
ip and such be in a position to authenticate them individually.


On Tue, Dec 2, 2014 at 2:38 PM, Norberto Esteves <no***e@gmail.com>
wrote:

> Hi all,
>
> I managed to get this configuration working.
>
> Basically I have the Grase Hotspot installed in a machine (shuttle XPC
> DS6) in the office and one router (D-Link DIR-615) with DD-WRT in my house
> for testing.
> The remote site (D-Link Router) uses the Coova Chilli included with the
> DD-WRT firmware to redirect users to the Grase authentication Portal, after
> that, the username, password, and other attributes are checked with the
> radius server. If the authentication is successful then the user is allowed
> to use the Internet and DD-WRT Coova Chilli takes care of the session even
> if the main site (Grase) goes down. DD-WRT Coova Chilli also sends
> periodical data (every 5 minutes) to Radius server to keep information up
> to date.
>
> So far I had to change a few things in the follwing files:
> hotspot.php, nojsstatus.php, /includes/site.inc.php
>
> I do not use VPN, so, there is a few ports that need forwarding:
> In the main site: Radius (1812, 1813, 1814), UAM (3990) and HTTP (80)
> ports forward to Grase Hotspot machine.
> The remote site only needs port forwarding for COA port 3779 if you are
> going to use the radclient to disconnect users.
>
> Freeradius also needs to allow remote site to connect, to do this you need
> to add remote client to clients.conf, or use nas table.
>
> So far I'am still testing and correcting some "bugs" i found.
>
> The bad new is that this setup don't work with Javascript login, I did
> some tests and I think DD-WRT is not able to use the JSON interface for
> Coova Chilli. So if you want to use DD-WRT, Java script login should be
> disabled.
>
> If anyone is interested in multi-location setup using DD-WRT I can make a
> document and share with the community.
>
> Regards,
>
> Norberto Esteves
>
>
>  --
> This mailing list is for the Grase Hotspot Project http://grasehotspot.org
> ---
> You received this message because you are subscribed to the Google Groups
> "Grase Hotspot" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to gr***e@grasehotspot.org.
> To post to this group, send email to gr***t@grasehotspot.org.
> Visit this group at
> http://groups.google.com/a/grasehotspot.org/group/grase-hotspot/.
> To view this discussion on the web visit
> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/fdecd37a-fa21-4d62-a6b5-50601889ecb6%40grasehotspot.org
> <https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/fdecd37a-fa21-4d62-a6b5-50601889ecb6%40grasehotspot.org?utm_medium=email&utm_source=footer>
> .
>



-- 
---

Edward Allen
Network/System/IT Solutions Provider/Consultant
Voice: 876-891-8982,  876-797-3226
yb***j@gmail.com
Kingston, Jamaica

Thread