eduroam along with commercial hotspot system
This chapter describes a sophisticated deployment of Wireless LAN that includes both eduroam access (as
service provider, not identity provider) and a commercial hotspot deployment that offers three distinct classes of
access and multiple billing models. The following access models are covered:
These instructions assumes that a server with at least two network interfaces is present, where eth0 connects to
the outside internet, and eth1 is free for use with the hotspot system. It uses IP addresses in the 10.10.0.0/8
range within the system. The instructions attempt to be distribution-neutral. However, users should note that
this example was installed on an openSUSE 10.2 Linux operating system, and distribution-specific information
may be present.
- Prepare a Linux server with a distribution of choice and install the following packages at a minimum:
vconfig -> provides the VLAN configuration tool vconfig (separate download required:
chillispot -> provides the web-redirect portal binary, chilli (version 1.1.0 is on openSUSE 10.2
iptables -> provides firewall manipulation tools iptables, ip6tables (version 1.3.6 is on openSUSE 10.2
apache2 -> provides the web server for the web-redirect portal httpd (version 2.2.3 is on openSUSE
10.2 installation media).
MySQL -> provides the datastore for user accounts mysql (version 5.0.26 is on openSUSE 10.2
apache2-mod-perl -> enables execution of perl CGIs (version 2.0.2 is on openSUSE 10.2 installation
php5 -> provides php (version 5.2.0 is on openSUSE 10.2 installation media).
phpmyprepaid -> provides user management web interface (separate download required:
http://sourceforge.net/projects/phpmyprepaid, in this deployment version 0.3.3 is in use).
freeradius -> provides the RADIUS server radiusd (version 1.1.3 is on openSUSE 10.2 installation
○ dhcp-server -> provides the DHCP server dhcpd (version 3.0.5 is on openSUSE 10.2 installation
- Ensure the following configurations are met:
Kernel: must support
IEEE 802.1q VLANs
tun/tap network interfaces
must have routing capabilities
Note: The openSUSE 10.2 kernel supports all of the above.