okay so here's what i'm trying to do (if you've ever used CCA, you'll know exactly what i need):

i have a fairly large school as a client, and they want wireless access
obviously it needs to be secured somehow, so i'm thinking identity-based since the students will be using both their own personal laptops and school computers.

i'm looking for something that will do the following: when a user connects to the wireless AP, it brings them to a login screen where they login using their username and password. once they are authenticated, it passes traffic normally, but it won't let any traffic through the network at all until they authenticate. they could also statically register their MAC address. (a la ncsu's nomad system or any large hotel chain's system)

i'm thinking that this could be accomplished with a radius server or even microsoft AD. i'm assuming the way CCA and similar products redirect access is through different DHCP pools... correct me if i'm wrong.

i looked for information on teh googles, but didn't come up with much that wasn't a commercial solution - i'd like to either write this myself or use something open source if possible.

i sorta know what i'm doing, i'm just trying to figure out how other systems accomplish it.

8/4/2007 3:02:16 AM

apparently windows server 2008 will do what i need... microsoft's version of NAC is called "network access protection"

i'd like something open source, though. i know there are radius servers that will run on linux.



neeevermind:
http://www.chillispot.org/

answered my own question

8/4/2007 3:09:44 AM