Providing routing after password authentication

Hi there,

Has anyone tried the following, if so please could you let me know how you
managed it or point me in the right direction of some more information.

I have a wireless network (A) which is separated from two other networks (B
& C) by a Trustix box which routes the traffic. At present when a new user
(Client) wants to access the one of the other networks I need to enter their
MAC address onto four wireless access points (WAPs) then set up the
encryption on their machines. IP addresses are given out by a DHCP server.

What I would like to be able to do is enable any client to access the
wireless network then use the router to filter the traffic to allow only
registered MAC address through. I effect only needing to enter the MAC
addresses once. Once the MAC addresses are entered I would then like some
kind of password authentication which the user must enter before the routing
is allowed.

So the questions are:

1. Can I filter traffic to stop non-registered MAC addresses from being
routed?
2. Is there a way to get DHCP to set the proxy settings of a Windows / Mac
client?
3. Can I get the router to only allow traffic from a client that has been
password authenticated?

It strikes me that this must be how Cyber Cafes Operate. The only difference
is that I don't want any client side software because our users bring their
own machines. Searching Google is throwing up loads of commercial software
that is really expensive and requires a client side component.

Thank you in advance for any help

Tim





Tim Owen