[CoovaChilli] WPA Captive Portal

Xavier Maysonnave x.maysonnave at gmail.com
Sat May 6 04:55:50 BST 2017


PGP: CAE5 CE4A EFE9 134F D991 5465 081C B6FB 2EAC 6CC9


​ / Pudhuveedu​

2017-05-05 18:20 GMT+05:30 Sevan Janiyan <venture37 at geeklan.co.uk>:

> Hi Xavier,
> On 25/04/2017 13:50, Xavier Maysonnave wrote:
> > 1 - I noticed that my last email has been moderated and not published.
> > It contained the Makefile who let compile the 1.4 version of Coova on
> > 17.01. Thanks. Anyway if someone is interrested I can share my work.
> Is there any reason why you're trying to post distro specific
> contributions here rather than looking to get the fixes integrated so
> things work out of the box? (would be pretty frustrating for folks to
> have to fish out some Makefile from a list posting elsewhere, no?)

​Initially I was looking how to compile the 1.3 to get the radsec support.
Then I investigate the 1.4 code and improved the environment for LEDE 17.01
as I wanted to see all the compile option in make menuconfig. I have the
files for the 1.3.0 and the 1.4. If you think it could be a contribution
let me know how to proceed. ​Now I use the 1.3.0 version on LEDE 17.01 as
the 1.4 is not running. The coova dhcp didn't give any ip address.

> > 2 - I started radsec successfully with coova on LEDE 17.01 and now I try
> to
> > setup WPA2 Enterprise with Freeradius 3.0 on Debian Stretch. My
> > authentication scheme uses peap and mschapv2. Following
> > http://coova.github.io/CoovaChilli/WPACaptivePortal/ I setup the flag
> > wpaguests and setup the proxy with success. Registered users doesn't
> reach
> > the captive portal, that's really good. However I cannot setup
> > ChilliSpot-Config
> > = require-uam-auth and change an Access-Reject to an Access-Accept for
> > unknown login. It simply doesn't work. Following https://goo.gl/dtFDsa
> or
> > https://goo.gl/gCf3QD I didn't make any progress. Is this technic still
> > possible on Freeradius 3 or not ?
> Could this just be a fallout from the configuration style changes in
> modern FreeRADIUS?

​In Freeradius 3 it's not possible any longer to change an Access-Reject to
an Access-Accept when using eap. I setup a dummy user who let my users get
an Access-Accept and send a require-uam-auth attribute that they reach
immediately the captive portal.


> Sevan
> _______________________________________________
> CoovaChilli mailing list
> CoovaChilli at brightonchilli.org.uk
> https://www.brightonchilli.org.uk/mailman/listinfo/coovachilli

More information about the CoovaChilli mailing list