Re: [IUG] Wireless with authentication --SIP2

["Christopher Wells" <CWells at thegdl dot org>]

Darren,

We do have content filtering enabled, but that is performed by using the
squid package in pfSense and directing it to our upstream proxy.

Redirecting patrons to the captive portal is handled by pfSense as well
and while I believe there is some firewall/DNS blackhole at work it is
all configured by pfSense itself and not done manually.

Chris Wells

THE VIEWS EXPRESSED HEREIN ARE MY OWN 
AND DO NOT NECESSARILY REFLECT THE VIEWS OF MY EMPLOYER.


-----Original Message-----
From: innopac-bounces at innovativeusers dot org
[mailto:innopac-bounces at innovativeusers dot org] On Behalf Of Darren Raven
Sent: Thursday, November 10, 2011 4:53 PM
To: IUG INNOPAC List
Subject: Re: [IUG] Wireless with authentication --SIP2

Hi Chris,

Do you employ web content filtering in addition to your captive portal
authentication, or just authentication?  And how are you redirecting
patrons to the captive portal on the wifi device?  Firewall rules?

Thanks,

Darren Raven
Systems Analyst
Fraser Valley Regional Library
http://www.fvrl.ca

-----Original Message-----
From: innopac-bounces at innovativeusers dot org
[mailto:innopac-bounces at innovativeusers dot org] On Behalf Of Christopher
Wells
Sent: Thursday, November 10, 2011 12:55 PM
To: IUG INNOPAC List
Subject: Re: [IUG] Wireless with authentication --SIP2

Greetings,

I have received permission to release what I've written under a BSD
license, therefore I present to you, the following:  
https://bitbucket.org/drcookie/iii_connector/

Basically, you need to configure a FreeRADIUS server to use the
'iii_connector.pl' module and nothing else.  We use a dedicated
FreeRADIUS server installed on the pfSense machine at our headquarters
branch.  The file 'to_install.txt' in the project root contains the
packages that must be installed in order for the module to work.

I would love to hear of anyone else who has success using this
software/configuration, so please, feel free to send an email my way.

Thanks,
Chris Wells

THE VIEWS EXPRESSED HEREIN ARE MY OWN
AND DO NOT NECESSARILY REFLECT THE VIEWS OF MY EMPLOYER.

-----Original Message-----
From: innopac-bounces at innovativeusers dot org
[mailto:innopac-bounces at innovativeusers dot org] On Behalf Of Ross Berryman
Sent: Thursday, November 10, 2011 3:33 PM
To: 'IUG INNOPAC List'
Subject: Re: [IUG] Wireless with authentication --SIP2

Hi Chris 

We too are working on this
Would you be willing to share some direction with the custom
authentication module 

Thanks 

Ross Berryman
KRLS System Technician
Systech at krls dot org
218.587.2171 ext.229

-----Original Message-----
From: innopac-bounces at innovativeusers dot org
[mailto:innopac-bounces at innovativeusers dot org] On Behalf Of Christopher
Wells
Sent: Wednesday, November 09, 2011 2:36 PM
To: IUG INNOPAC List
Subject: Re: [IUG] Wireless with authentication --SIP2

We are currently authenticating our wireless access using the PatronAPI.
Our system is a little custom, basically consisting of:

Millennium ILS -> FreeRADIUS (custom authentication module) -> pfSense
firewall (acting as a captive portal) -> Access points -> Patrons

The system seems very robust so far and has far fewer failures when
compared to our previous solution (the provider who shall not be named).

Thanks,

Chris Wells

THE VIEWS EXPRESSED HEREIN ARE MY OWN
AND DO NOT NECESSARILY REFLECT THE VIEWS OF MY EMPLOYER.

-----Original Message-----
From: innopac-bounces at innovativeusers dot org
[mailto:innopac-bounces at innovativeusers dot org] On Behalf Of Eeva Stierwalt
Sent: Wednesday, November 09, 2011 2:40 PM
To: innopac at innopacusers dot org
Subject: [IUG] Wireless with authentication --SIP2

Good afternoon!  We're looking at requiring authentication for our
Wireless usage (and perhaps even based on patron account status --
monies owed, blocks, e.g.).  
 
Is anyone out there doing this using SIP2 (or PatronAPI) and if so, can
you tell me which software you're using for this?  
 
Thanks so much and kind regards, Eeva
 
Eeva Stierwalt
Integrated Library System
Solutions Specialist
Information Technology
London Public Library
251 Dundas St.
London, ON  Canada  N6A 6H9
t 519.661.5100 ex 5156
f 519.663.9013
e eeva dot stierwalt at lpl dot london dot on dot ca

--
This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.



--- StripMime Report -- processed MIME parts --- multipart/alternative
  text/plain (text body -- kept)
  text/html
---
--
This message was distributed through the Innovative Users Group INNOPAC
list Public replies:  INNOPAC at innovativeusers dot org You are currently
subscribed to innopac as: cwells at thegdl dot org dot 
Update your subscription options:
http://innovativeusers.org/iug-discussion-list

--
This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.


--
This message was distributed through the Innovative Users Group INNOPAC
list Public replies:  INNOPAC at innovativeusers dot org You are currently
subscribed to innopac as: stomproj at larl dot org dot 
Update your subscription options:
http://innovativeusers.org/iug-discussion-list



--
This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.

--
This message was distributed through the Innovative Users Group INNOPAC
list Public replies:  INNOPAC at innovativeusers dot org You are currently
subscribed to innopac as: cwells at thegdl dot org dot 
Update your subscription options:
http://innovativeusers.org/iug-discussion-list

--
This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.


--
This message was distributed through the Innovative Users Group INNOPAC
list
Public replies:  INNOPAC at innovativeusers dot org
You are currently subscribed to innopac as: draven at fvrl dot bc dot ca dot 
Update your subscription options:
http://innovativeusers.org/iug-discussion-list

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


--
This message was distributed through the Innovative Users Group INNOPAC
list
Public replies:  INNOPAC at innovativeusers dot org
You are currently subscribed to innopac as: cwells at thegdl dot org dot 
Update your subscription options:
http://innovativeusers.org/iug-discussion-list

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.