3rd party Authentication

I am creating a hotspot for my friend's coffee shoppe, and he is going to
charge a daily rate for access (like a buck or 2). He wants to limit access
so that you cant just pay today and come back the next day or week and get
on. I dont want to be changing weps everyday, and dont want him in the box
attempting it. Is there any kind of authentication solution where he can
just change the passwords or access without going thru all of that?

In article <(E-Mail Removed) m>,
Medima <(E-Mail Removed)> wrote:
:I am creating a hotspot for my friend's coffee shoppe, and he is going to
:charge a daily rate for access (like a buck or 2). He wants to limit access
:so that you cant just pay today and come back the next day or week and get
n. I dont want to be changing weps everyday, and dont want him in the box
:attempting it. Is there any kind of authentication solution where he can
:just change the passwords or access without going thru all of that?

Yes, you can use RADIUS authentication with some devices. The cheaper
devices don't support it directly.

If you were only planning to use WEP for your security, you may wish
to consider using an IPSec (VPN) security layer. Any particular
"64 bit" WEP key can be broken by monitoring about 5 Gb of traffic.
"128 bit" WEP is subject to the same attack, but it takes more monitoring.
(I'm not clear on how much more -- I think it's 64 times more.)
--
Inevitably, someone will flame me about this .signature.

In article <(E-Mail Removed) m>,
(E-Mail Removed) says...
> I am creating a hotspot for my friend's coffee shoppe, and he is going to
> charge a daily rate for access (like a buck or 2). He wants to limit access
> so that you cant just pay today and come back the next day or week and get
> on. I dont want to be changing weps everyday, and dont want him in the box
> attempting it. Is there any kind of authentication solution where he can
> just change the passwords or access without going thru all of that?

This is starting to become one of the top FAQ...

There are several solutions, none of which (IMHO) are particularly
attractive, for reasons of price, functionality, or stability. YMMV.

The slickest solution I've seen is the Handlink WSG-5000 hot-spot-in-a-
box solution. It is marketed by a number of importers and distributors.
In the U.S., the primary distributor is Zyxel.
The WSG-5000 features a captive portal gateway, wherein the user's first
attempt to browse any web page is redirected to a login page. User
enters the right login and password and gets access to the network. The
cool part about the WSG-5000 is the little thermal printer that comes
with it. It has one button on it. Press the button and it creates and
account and prints out a ticket with all the info the user needs. The
downside is that it is a bit pricey at something like $695 retail. It is
available for less if you shop around.
Much more detail is available here:
http://www.handlink.com.tw/eng/produ...oducts_hotspot
_wsg5000.htm

Handlink's WSG-4000 has a similar captive portal, but requires an
outboard Radius server for authentication. In your proposed application,
a typical solution is the creation of a number of one-time use accounts
with random user ID's and passwords. These are then printed to scratch-
off tickets and given out or sold as the venue operator sees fit.

D-link's DSA-3100 public/private gateway offers the captive portal and
AAA services in one box. It does not have any wireless gear though;
you'd have to add a simple AP to it.

Sputnik's Central Control server is a promising approach as well. You
buy an AP that is flashed with their proprietary gateway firmware. The
AP then talks to the Central Control server for the AAA services. More
info at http://www.sputnik.com.
While you can buy the gear now, the server software is still very much
in the developmental stage.

Lastly, if you are inclined to roll-your-own solutions, NoCatAuth or
NoCatSplash are open source solutions that could certainly do what you
want.

Very good info here.. Here is my question though. Say, i open coffee
shop #1 and use the products mentioned. What if i open coffee shop #2.
Will the user who registered with username/password at coffee shop #1
be able to use his same account at my coffee shop #2. It seems to me
that the products mentioned only apply to one location but i could be
wrong. Thanks guys.

Neb Revod <(E-Mail Removed)> wrote in message news:<(E-Mail Removed) y.net>...
> In article <(E-Mail Removed) m>,
> (E-Mail Removed) says...
> > I am creating a hotspot for my friend's coffee shoppe, and he is going to
> > charge a daily rate for access (like a buck or 2). He wants to limit access
> > so that you cant just pay today and come back the next day or week and get
> > on. I dont want to be changing weps everyday, and dont want him in the box
> > attempting it. Is there any kind of authentication solution where he can
> > just change the passwords or access without going thru all of that?
>
> This is starting to become one of the top FAQ...
>
> There are several solutions, none of which (IMHO) are particularly
> attractive, for reasons of price, functionality, or stability. YMMV.
>
> The slickest solution I've seen is the Handlink WSG-5000 hot-spot-in-a-
> box solution. It is marketed by a number of importers and distributors.
> In the U.S., the primary distributor is Zyxel.
> The WSG-5000 features a captive portal gateway, wherein the user's first
> attempt to browse any web page is redirected to a login page. User
> enters the right login and password and gets access to the network. The
> cool part about the WSG-5000 is the little thermal printer that comes
> with it. It has one button on it. Press the button and it creates and
> account and prints out a ticket with all the info the user needs. The
> downside is that it is a bit pricey at something like $695 retail. It is
> available for less if you shop around.
> Much more detail is available here:
> http://www.handlink.com.tw/eng/produ...oducts_hotspot
> _wsg5000.htm
>
> Handlink's WSG-4000 has a similar captive portal, but requires an
> outboard Radius server for authentication. In your proposed application,
> a typical solution is the creation of a number of one-time use accounts
> with random user ID's and passwords. These are then printed to scratch-
> off tickets and given out or sold as the venue operator sees fit.
>
> D-link's DSA-3100 public/private gateway offers the captive portal and
> AAA services in one box. It does not have any wireless gear though;
> you'd have to add a simple AP to it.
>
> Sputnik's Central Control server is a promising approach as well. You
> buy an AP that is flashed with their proprietary gateway firmware. The
> AP then talks to the Central Control server for the AAA services. More
> info at http://www.sputnik.com.
> While you can buy the gear now, the server software is still very much
> in the developmental stage.
>
> Lastly, if you are inclined to roll-your-own solutions, NoCatAuth or
> NoCatSplash are open source solutions that could certainly do what you
> want.

In article <(E-Mail Removed) >,
(E-Mail Removed) says...
> Very good info here.. Here is my question though. Say, i open coffee
> shop #1 and use the products mentioned. What if i open coffee shop #2.
> Will the user who registered with username/password at coffee shop #1
> be able to use his same account at my coffee shop #2. It seems to me
> that the products mentioned only apply to one location but i could be
> wrong. Thanks guys.

On the contrary, all of those products have the capability (or
requirement) to utilize an outboard, e.g. centralized, AAA service; a
RADIUS server, for example. That server would be accessible from the
gateways at both shops, and would store the user account info for both
sites.

Hey everyone,
Check out this cool Hotspot solution from Ebay. It is for $450.00. Is
this a good deal? It can do accounting stuff where people login and
are tracked for minutes usage and roaming. Sounds like something that
i need since i'm a hotel manager. I got quotes from Wayport and Boingo
being outrageously expensive, especially Wayport(9k-10k). It is on
Ebay right now.

http://cgi.ebay.com/ws/eBayISAPI.dll...tem=3053018527

Jawn <(E-Mail Removed)> wrote in message news:<(E-Mail Removed) y.net>...
> In article <(E-Mail Removed) >,
> (E-Mail Removed) says...
> > Very good info here.. Here is my question though. Say, i open coffee
> > shop #1 and use the products mentioned. What if i open coffee shop #2.
> > Will the user who registered with username/password at coffee shop #1
> > be able to use his same account at my coffee shop #2. It seems to me
> > that the products mentioned only apply to one location but i could be
> > wrong. Thanks guys.
>
> On the contrary, all of those products have the capability (or
> requirement) to utilize an outboard, e.g. centralized, AAA service; a
> RADIUS server, for example. That server would be accessible from the
> gateways at both shops, and would store the user account info for both
> sites.

For a complete, self-contained solution, try http://www.InstantHotspot.com
Very slick...


(E-Mail Removed) (Peter Chang) wrote in message news:<(E-Mail Removed). com>...
> Hey everyone,
> Check out this cool Hotspot solution from Ebay. It is for $450.00. Is
> this a good deal? It can do accounting stuff where people login and
> are tracked for minutes usage and roaming. Sounds like something that
> i need since i'm a hotel manager. I got quotes from Wayport and Boingo
> being outrageously expensive, especially Wayport(9k-10k). It is on
> Ebay right now.
>
> http://cgi.ebay.com/ws/eBayISAPI.dll...tem=3053018527
>
> Jawn <(E-Mail Removed)> wrote in message news:<(E-Mail Removed) y.net>...
> > In article <(E-Mail Removed) >,
> > (E-Mail Removed) says...
> > > Very good info here.. Here is my question though. Say, i open coffee
> > > shop #1 and use the products mentioned. What if i open coffee shop #2.
> > > Will the user who registered with username/password at coffee shop #1
> > > be able to use his same account at my coffee shop #2. It seems to me
> > > that the products mentioned only apply to one location but i could be
> > > wrong. Thanks guys.
> >
> > On the contrary, all of those products have the capability (or
> > requirement) to utilize an outboard, e.g. centralized, AAA service; a
> > RADIUS server, for example. That server would be accessible from the
> > gateways at both shops, and would store the user account info for both
> > sites.