Re: Wireless LAN Design at public places

["Sunny Tang" <sunny.bsd () dst com sg>]

Hi,

I believe the WLAN deployment you mentioned is using a box like Nomadix 
(www.nomadix.com) or IP3Networks NetAccess (www.ip3networks.com)

What it does is to provide "zero configuration" at client end, as such 
you don't need to change your existing IP configuration at your 
notebook/PDA in order to join the wlan. Once connected to the AP (Access 
Point), the IP3 box will act as proxy, and performing NAT for your 
existing IP (if any), otherwise, act as DHCP pusher to allocate one IP 
to your notebook.

When you fire-up your Internet browser, the IP3 box will intercept 
port-80 and redirect to a predefine web page. From there, you can 
implement AAA/Radius policy for Internet access.

BOM list:
- xDSL/cable/leased Internet Access
- Router, Switch/Hub
- 802.11 wireless points
- IP3Networks NetAccess
- Optional: Radius (AAA & centralize user database management)

Pretty straight-forward scenario, and you don't need to worry about SSID 
or WEP key, since you are letting authentication handled by IP3 box.

Hope this helps.
Sunny.
http://www.dst.com.sg

Leonard.Ong () nokia com wrote:
> Hi,
>
> Anyone has URL or experiences at designing WLAN at public Places.  I would like to replicate a good implementation, 
> I've seen in one airport.  Once we have joined the WLAN using auto-detect accesspoint, my notebook was assigned IP 
> address. However, even the next hop / default gateway is not reachable (destination unreachable - ACL?) and so does any 
> other services.
>
> It is only when I have authenticate via webpage ( the browser redirects me to the auth page, regardless whatever URL I 
> have typed in ), then access is allowed to any.
>
> Thanks... I am particularly intrested on how you can block access even to the def. gateway.
>
>
> Regards,
> Leonard Ong