Help with a new HotSpot project



  • Hello, I need help with a big work Open Source, this is the scheme:

    There are a big of configuration, but first question for starting is:

    • can PFsense act as an access point controller?
    • can PFsense allow user to register itself from a portal, before they can navigate? (for privacy reason I need Name Surname Document)
    • can PFsense allow bandwith configuration for group of user?

    Ok let's start: if it is possible controllate access point, what type of device?
    I like too much this: http://www.open-mesh.com/index.php/enterprise-mesh/mr500-desk-stand.html

    Second problem, I need a sequence like this:

    • a guest access with his notebook or smartphone access to wlan with "Open Authentication"
    • captive portal intervenes and ask the user and password and/or a link for register unregistered user the first time
    • after the registration and/or login the user can navigate at slow speed
    • if a user need more speed, manually, I want insert the user in a "Paying Group" and unlock the bandwith for it
    • from a list to choose, the users can be autodeletet after days, weeks, months…

    Are this first things possible?  ???
    Thank you for anyone would help me!  :D



  • Unfortunately the text on your diagram is too small for me to make it out clearly, even when I use a magnifying glass.

    @johjoh:

    There are a big of configuration, but first question for starting is:

    • can PFsense act as an access point controller?
    • can PFsense allow user to register itself from a portal, before they can navigate? (for privacy reason I need Name Surname Document)
    • can PFsense allow bandwith configuration for group of user?

    1. I don't know what you mean by access point controller, pfSense can act as a router for a number of external wireless access points.
    2. pfSense 2.0 Captive Portal can be configured to require authentication before a system is allowed to access another system through the pfSense router. The authentication is managed by the pfSense administrator or handed off to an external RADIUS server. As best I know there is no mechanism for "self registration" which I think would pretty much defeat the purpose of requiring authentication.
    3.  pfSense 2.0 Captive Portal can apply a bandwidth limit to each user - each user gets the same though it appears a user specific limit can be specified through an external RADIUS server used for authentication.

    @johjoh:

    Second problem, I need a sequence like this:

    • a guest access with his notebook or smartphone access to wlan with "Open Authentication"
    • captive portal intervenes and ask the user and password and/or a link for register unregistered user the first time
    • after the registration and/or login the user can navigate at slow speed
    • if a user need more speed, manually, I want insert the user in a "Paying Group" and unlock the bandwith for it
    • from a list to choose, the users can be autodeletet after days, weeks, months…

    1. provided
    2. provided BUT self registration is not provided. pfSense is open source, you could code self registration yourself or have someone else code it.
    3. provided through captive portal configuration
    4. Apparently possible through using an external RADIUS server
    5. Might be possible through external RADIUS server.

    The MR500 you are interested in appears to provide at least some of the facilities you want as well as mesh networking. Will your wireless clients be roaming and require seamless transition between access points? If not, the MR500 might be more than you need and you might find a much cheaper device provides satisfactory service.



  • Hi and thank you!
    For the small text on the scheme, click on the image, it open ImageHost and after click another one for open in large screen.

    For access point controller I mean that PFsense distribute firmware to all access point and, when I create ann SSID in PFsense, it configure on all access point automatically.
    All access point will be connected via ethernet to a Power Over Ethernet Switch, roaming required.

    Do you have some device to suggest to me for this purpose?
    Can PFsense act as a Radius Server itself?
    Another idea, instead of registration, an SMS with user and password to the cell phone of the user, it's possible with PFsense?

    Thank you!



  • @johjoh:

    For the small text on the scheme, click on the image, it open ImageHost and after click another one for open in large screen.

    Thanks, thats better. Browser Zoom In showed a heavily pixelated image.

    @johjoh:

    For access point controller I mean that PFsense distribute firmware to all access point and, when I create ann SSID in PFsense, it configure on all access point automatically.
    All access point will be connected via ethernet to a Power Over Ethernet Switch, roaming required.

    pfSense has an optional tftp package that could probably be used to distribute firmware to systems that can be configured to do firmware updates or loads by tftp. But maybe you are looking for something to push firmware updates to access points.

    @johjoh:

    Do you have some device to suggest to me for this purpose?
    Can PFsense act as a Radius Server itself?

    1. No, I don't have any experience with mesh networking,
    2. There is a RADIUS package (add on) for pfSense.

    @johjoh:

    Another idea, instead of registration, an SMS with user and password to the cell phone of the user, it's possible with PFsense?

    I don't know of anything in standard pfSense to do this.

    Are you looking for something with the features of OpenMesh and Cloudtrax?



  • you could also buy cisco lwapp capable lap's + wlan controller to have the same functions with greater managing properties.
    i don't think that pfsense would be able to be wireless controller, because that stuff is highly propietary stuff and there is no multivendor standards for that.





  • Half of those were also propietary devices, as an example zyxel.

    But thanks to that  list, maybe i'll try to get some of devices and try those



  • Hi,

    i am creating a HotSpot for a hospital. I have bought 45 APS from Draytek. The Draytek AP-800 can managed over the TR-069 protocoll. There are a open source for the TR-069 protocoll but I will buy the Draytek ACS SI software to manage all 45 APS. All APS are wired to a POE Switch. The Draytek AP-800 can manage 2 Subnetz and 4 VLANs. Great for guest and personal.

    Regards, Valle



  • This radius product allows self registration…...And inexpensive.  I provide it as a hosted radius service for companies with multiple locations that want a single point for auth control.
    http://www.dmasoftlab.com/cont/home


Locked