On Wed, 2 Jul 2008 17:51:39 +0100, "Toby" <postmaster@127.0.0.1>
wrote:
>We have 6 sites, all connected together with various leased lines and VPN
>links.
>
>The IP addressing is like this
>
>Site 1 - 192.168.201.0
>Site 2 - 192.168.202.0
>Site 3 - 192.168.203.0
>etc...
>All offices can talk IP to one another.
>
>I would like to have a single centralised wireless network system, so I can
>restrict on Mac address, and update encryption keys in one place. Is this
>possible?
Yes. That's what a RADIUS server does. It provides authorization
(login/passwd) and authentication services. It also provides a
unique, use once, WPA key for each session to both the connected
access point and the client. No need for a shared WPA-PSK key. Since
it can use an LDAP or SQL server for authentication, you can also use
it to distribute server and network rights. See huge list of
attributes at:
<http://freeradius.org/rfc/attributes.html>
which should give you a clue as to what can be done. Note that it can
setup and break down a VPN tunnel for you. There's no need to
restrict by MAC address as the login/password is more effective and
unlike a MAC address, cannot be spoofed.
Search Google for details on how to setup a RADIUS server with your
unspecified hardware.
<http://en.wikipedia.org/wiki/RADIUS>
--
Jeff Liebermann
(E-Mail Removed)
150 Felker St #D
http://www.LearnByDestroying.com
Santa Cruz CA 95060
http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
Similar Threads
Linear Mode
