[Linux4christians] Radius Server
tbutler at ofb.biz
Mon Jun 26 23:28:11 EDT 2006
My church has been doing an expansion project, and I'm planning
laying out wireless access points over the whole building to blanket
it with Wi-Fi. This is good in that we could use access in different
rooms much of the time, but bad in that we don't want people to
freely come in with unfettered web access (surfing x-rated material
in a church just isn't something we want to encourage, ya know?).
Anyway, right now, we are using basic WPA authentication with a
single passkey. This is OK when wireless only covers the church
office -- those of us who should have access do, and those who don't
need it don't have it. The problem is that a lot more people will
enter the "should have" category if we cover the whole building --
Sunday school teachers, committee members, etc. Soon, if we have just
one password, it will be known to far too many people.
So, I decided maybe I ought to look into a Radius solution, so that
we could give each person their own account that could be revoked or
granted as needed. Anyone have any experience in such an
implementation? I'm thinking I'd go with an RHEL server to run it,
but Mac OS X Server is a possibility as well. They'd probably prefer
Windows 2003 Server, but it is bad enough administering Windows
clients, I do not want to administer a Windows server too.
Also, if this could be linked to some kind of total authentication
method that would cover Ethernet too, I'm game. It'd be nice if we
could make it necessary to have a user ID to use the wired Ethernet
jacks around the building too. I'm not familiar with the options in
that direction, though...
Suggestions? Tips? Notes telling me I'm insane?
Timothy R. Butler | "Because philosophy arises from awe, a philosopher
tbutler at ofb.biz | is bound in his way to be a lover of myths and
www.uninet.info | poetic fables. Poets and philosophers are alike in
timothybutler.us | being big with wonder."
-- Thomas Aquinas
More information about the Linux4christians