Post on 22-Feb-2016
description
Monowall and Captive Portal
Timothy MeadeEric Stolten
What Is Monowall?
Embedded firewall software package m0n0wall is based on a bare-bones version
of FreeBSD, along with a web server, PHP and a few other utilities.
The entire system configuration is stored in one single XML text file.
What Is a Captive Portal?
The captive portal is a web page that users/clients are forced to visit before they are granted access to the internet.
At this page they are asked to enter there user name and password.
This username and password are passed along to the RADIUS server
The flow of data
Wireless User
AP
Monowall w/ DHCP
Radius
NIS Server
How to Build a Monowall System Basic things you need:
Null modem cable Compact Flash media 8 meg+ Embedded PC system
Soekris (who we used) PC engines
Access point for wireless
Creating monowall
The first thing you need to do is download an image of monowall and burn it onto your CF card with physdiskwrite.Exe.
First Boot
For the first boot. Connect the null modem cable to the soekris box and power it on.
Once fully booted connect the lan interface to the switch. Load a web browser and input http://192.168.1.1 to login to the web GUI of monowall.
The Login/password originally was admin/mono.
Wan Configuration
Lan Configuration
Captive Portal configuration
DHCP Setup
D-link Router/AP Configuration Assigned the IP 192.168.0.2 Disabled DHCP Changed SSID (service set identifier) to
“354AP” Password for admin and user changed to
mono354
Physical Connection to the Network.
Monowall
Lab 1DHCP
Lab2 NIS
Gateway Lab 3Lab 4RADIUS
311 311 311 311
Switches
AP Wireless userLan port
WAN port
Why It Took So Long Almost every time you mess up the
configuration you have to reload the configuration file.
Not using an AP Cant bridge lan/opt1 interfaces and run captive
portal Misuse of the AP
From monowall a connection was made to the WAN port of the AP it should have been on the switch side.
Other Plans?
Changing the DHCP pool from 192.168.X.X to a range within our subnet.