Seperate Security for Each Client
-
What type of security settings will work best with pfSense to not have to use a shared secret between all the users. Need a secret for each.
-
Radius, but the support for that is not finnished yet.
I will add it all to 1.1. Then wireless will be complete and support anything you can expect from a enterprise wlan AP.
Until then you either let wireless users associate with a shared secret and add auth with some sort of tunneling (VPN / PPPoE etc.) or Captive portal.
Or do the same as above with a complete open system (remeber to disable intra-bss as you don't want to be a relay unit for others to talk via.
You can also add mac filtering via a backend funtion, there is a explanation about how to use it under a ticket regarding mac filtering. -
How much work is left for Radius? I could see a bounty for it if it's close.
-
1.0 is not getting any new stuff. So you would have to hold your horses for 1.1.
Once 1.0 is out you will most likely see some alpha code for 1.1 and the rest of the wireless code will be developed there.
I have changed a lot of stuff, but I haven't yet decided if standalone radius will be a part of the new code or if it will require a standalone auth server.
this will have TBD when 1.1 is taking shape.
Most likely I will add a seperate package for running radius with wireless functions.ATM. I'm very busy with work, so unless somone else is going to add this as a package/pacthset for 1.0 then you will not see it until 1.1 alpha versions start comming out.
And money will not speed it up much for my part, but maybe others will be interested. I have some code to share if some other dev wants to work on it and make some $$ ;) -
Thanks for the info. I'll just move to a captive portal and mac filtering for the residential. I was planning on having business connections rent our bridges, so it won't matter to use the same encryption key since they won't know the key.