[CS-FSLUG] Radius Server

Timothy Butler tbutler at ofb.biz
Mon Jun 26 22:28:11 CDT 2006

	My church has been doing an expansion project, and I'm planning  
laying out wireless access points over the whole building to blanket  
it with Wi-Fi. This is good in that we could use access in different  
rooms much of the time, but bad in that we don't want people to  
freely come in with unfettered web access (surfing x-rated material  
in a church just isn't something we want to encourage, ya know?).

	Anyway, right now, we are using basic WPA authentication with a  
single passkey. This is OK when wireless only covers the church  
office -- those of us who should have access do, and those who don't  
need it don't have it. The problem is that a lot more people will  
enter the "should have" category if we cover the whole building --  
Sunday school teachers, committee members, etc. Soon, if we have just  
one password, it will be known to far too many people.

	So, I decided maybe I ought to look into a Radius solution, so that  
we could give each person their own account that could be revoked or  
granted as needed. Anyone have any experience in such an  
implementation? I'm thinking I'd go with an RHEL server to run it,  
but Mac OS X Server is a possibility as well. They'd probably prefer  
Windows 2003 Server, but it is bad enough administering Windows  
clients, I do not want to administer a Windows server too.

	Also, if this could be linked to some kind of total authentication  
method that would cover Ethernet too, I'm game. It'd be nice if we  
could make it necessary to have a user ID to use the wired Ethernet  
jacks around the building too. I'm not familiar with the options in  
that direction, though...

	Suggestions? Tips? Notes telling me I'm insane?


Timothy R. Butler | "Because philosophy arises from awe, a philosopher
tbutler at ofb.biz   | is bound in  his  way to  be a lover of myths  and
www.uninet.info   | poetic fables. Poets and philosophers are alike in
timothybutler.us  | being big with wonder."
                                                      -- Thomas Aquinas

More information about the Christiansource mailing list