Tags: radius

11/20/11

  12:49:06 pm, by The Dreamer   , 1764 words  
Categories: Stuff, WiFi, Furnishings, Amazon Kindle, Barnes & Noble Nook, Nintendo 3DS

Kindle Fire -- the first 72 hours

Well, it's been just a touch over 72 hours since I got my Amazon Kindle Fire.

I pre-ordered it shortly after it was announced, with an ETA for November 17th with free 2-day Amazon Prime shipping. I knew there was a chance that they should ship early, because they did that the last time I pre-ordered something (The Kindle 2 and the Nintendo 3DS). But, its been a busy week...and I tried my best to keep my calendar open to receive it....I had an appointment pre-Kindle Fire announcement on the 14th, and I was keeping the 15th open for something that was later scheduled in conflict to the 14th....and ended up having an appointment on the 16th. If I had some notice from Amazon just before they shipped to adjust its timing...I might've...since the 15th being open now...I could've gotten it then. Instead I had to wait for UPS to make a redelivery attempt and bring it to me on the originally scheduled day... November 17th.

I didn't open it immediately when UPS gave it to me, in fact I put it down first and then had to find it before I could open it. It was easy to open...no info with it, but I eventually found the power button and it eventually booted and walked me through setup...though complicated by the fact that I needed to know its MAC address to add it to my radius and dhcp server configs. Plus I hadn't decided on an IP for it yet. Fortunately with radius access controls, its easier to find the MAC address of new devices than before.

It came pre-activated, in fact I had seen it in my kindle account before they shipped it (but no serial number was associated with the registration yet)...but I changed its name to follow the naming scheme I had gone with (if you can call only one previous device the basis of a scheme)...though I am tempted to get a Kindle Touch 3G to succeed my Kindle 2....though wonder if they're going to come out with a DX version? What I liked was that my Kindle Fire's email address was my first Kindle's address with '42' added to the username. &#59;D Though there's a bunch of Kindle apps associated with my account that I don't recognize....wish the automatic naming was more descriptive. Suspect some are devices where I had to reinstall the system or have since be retired.

Though I wasn't crazy enough to buy content for it before receiving it...though I was tempted.

Anyways...what I was getting to, was once I got it working on my WiFi network, the next step would've been registration...and it flashed it briefly before telling me that it was registered and had the name I have given it earlier. And, then it was to update itself. So I found somewhere to plug it in and left it.

Big problem that is getting worse in my home now...so many things that need to get plugged in, and all the convenient outlets are already full and now I'm running out of inconvenient ones too. The Kindle Fire is using one of those inconvenient ones. I've been meaning to build myself some kind of charging center, similar to the kind of thing Cali Lewis was presented doing in a GeekBrief. Perhaps I'll have to step up plans to get around to 'building' it. Just haven't found that piece of furniture to buy to modify yet... Probably just a matter of time that I come across something reasonable on Amazon.com with Prime and get it though....

Full story »

07/09/11

  07:12:06 pm, by The Dreamer   , 913 words  
Categories: Hardware, Computer, Networking, WiFi

Airport Express service for Lunatic Haven

That's right, I got an Airport Express to go with the two Airport Extremes that I have in my home.

As I mentioned before, I had gotten the second Airport Extreme to extend my 'wired' network to a room where the CAT5 to that room was bad and not wanting to try to fix it. The problem is that I run separate SSIDs on my main Airport Extreme for a/n and b/g/n frequencies. Since things that can use 5Ghz, tend to work better around here. And, there didn't seem to be a reliable way to ensure that 5Ghz was always chosen unless it had a different SSID. Something I learned about doing from LISA &#59;D

Well, the second extreme was set to extend my network, and I told it to go for the 5GHz SSID. But, in extend wireless mode...there's no option to set different SSID(s)....so it was advertising my 5GHz SSID for both frequencies. Wanting to keep things straight, I ended up turning off allow wireless clients to use the second Airport Extreme.

But, increasing number of wireless devices in my home....I wanted to have a better WiFi signal in the bedroom.

Now I did have some older 802.11g access points, and they were on and using a different SSID. Hadn't noticed that I had set the Airport Extreme to do only WPA2 personal until today. The old 802.11g access points originally only did WEP....there was an upgrade to get WPA personal, but it broke the WDS feature that I was using then. But, when I stopped using WDS...I did upgrade but left them on their own SSID because it didn't seem to work too well otherwise.

Though wonder if WPA vs WPA2 would explain it...the other was at the time the Airport Extreme wasn't doing access control and the old Belkin APs had a list of MAC addresses would allow...though it wasn't getting updated that well...

So, I was liking the use of RADIUS to control access on my home network...and wanting to use the same RADIUS to control whatever method I extended my network. So, that pretty much meant....another Airport Extreme or an Airport Express.

I knew there were differences, but I tried to decide if the differences were that important. Apparently, I didn't get it right...but an Airport Express being cheaper than another Airport Extreme...meant that I could try this sooner than later. Plus I there's always the possibility of it becoming part of my arsenal for travel use (except for its dependence on Airport Utility...which is current difficult because I run an Ubuntu laptop....though I am considering a Mac laptop [now instead of a Windows laptop]).

The first difference is that it only has a 10/100 port on it....which was important for extending my network (to TARDIS), but didn't seem important for extending the reach of my wireless now. The other difference (I missed) is that its 2.4GHz or 5GHz....rather than both at the same time.

Was trying to decide if I would have it extend my wireless network by wireless (or wired)...if it were simultaneous dual band....wired would likely be the only choice. Though decided that wired would remain the way to extend my 2.4Ghz network...since the lack of reach of 2.4GHz was kind of why I was doing this.

Full story »

05/30/11

  12:03:00 am, by The Dreamer   , 1362 words  
Categories: Software, Computer, Networking, WiFi, Ubuntu

Freeradius & DHCP Failover

Link: http://deployingradius.com/

So, ever since I looked at adding Mac Address Access Controls to my Airport Extreme...on top of WPA2 Personal, and the fact that my DHCP server only does reserved IPs, security. I used to do Mac Address Access Controls on my previous routers, but it was an easier interface to work with on those. And, I didn't realize how the Time Access worked on the Airport Extreme, the default allow all the time rule at the top tripped me up. So, I thought if I wanted it, I would need a RADIUS server...and I didn't know if I wanted to do that....yet.

But, after I woke one morning and couldn't seem to account for why there seemed to be so much data streaming through my Cox connection...there had been strange spikes in the past, but always figured it was something updating itself while I wasn't home (like iTunes and my podcast subscriptions). But, this one morning...there was no corresponding activity from any of my computers, and I didn't see anything obvious with my TiVos/ReplayTVs. Though I could've just missed it.

So, I fixed the Timed Access control and put my current devices in. With a note that I should really look into installing RADIUS somewhere, so that it would be easier to maintain the list than the airport utility. I would lose being able to find the MAC address of some new wireless device that doesn't have the MAC address stamped on it....for addition to my DHCP server.

Later during the setup in: Another Airport comes to Lunatic Haven I had wiped out the settings....and didn't feel like putting it back in again. Which made it more urgent (in my mind) to get RADIUS working.

So, I went online and searched and searched and searched...on how to do this. I had looked before, and wasn't all that successful. There's no simple how-to apparently. But, I found bits and pieces around, and decided to just go for it.

First, I installed freeradius on my Ubuntu server 'box'.

sudo apt-get install freeradius

It starts right away, now to make it work. And, debug it. Well, most of the examples were for older freeRADIUS versions, so things weren't where it said, or command line switches were different, or it didn't work. I did find some examples of MAC address authorization, but they involved 'Auth-Type := Local' in the /etc/freeradius/users file. But, the clients.conf part seemed right. I strongly considered just doing 'Auth-Type := Accept'...but I wanted to figure this mess out.

client 192.168.1.1 {
        secret = testing123
        shortname = airport
        nastype = other
}

So kept searching and searching....eventually, I found fragments on site called "Deploying RADIUS: Practices and Principles". It confirmed that I was basically on the right track, I just needed to figure out what to put in the users file to make it go from Auth-Reject to Auth-Accept.

Well, the example for MAC Address entry for users I had found was:

001122-334455  Auth-Type := Local,  User-Password == "testing123"

At first I was pointing my Airport Extreme at it and watching the debug output, and watching everything stop working now and then. But, eventually I used 'radtest' to test my freeRADIUS configuration. And, eventually, I found that what I needed was:

001122-334455  Cleartext-Password := "testing123"

And, all was good. I pointed my main Airport Extreme to it, and it everything adjusted and worked. I then pointed the new Airport Extreme at it and things continued to work.

Yay! :cool:

Pages: 1· 2

Now instead of subjecting some poor random forum to a long rambling thought, I will try to consolidate those things into this blog where they can be more easily ignored profess to be collected thoughts from my mind.

Latest Poopli Updaters -- http://lkc.me/poop

bloglovin

There are 20 years 1 month 25 days 19 hours 59 minutes and 39 seconds until the end of time.
And, it has been 4 years 11 months 1 day 18 hours 3 minutes and 17 seconds since The Doctor saved us all from the end of the World!

Search

November 2017
Mon Tue Wed Thu Fri Sat Sun
 << <   > >>
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30      
Google

Linkblog

  XML Feeds

Who's Online?

  • Guest Users: 1
This seal is issued to lawrencechen.net by StopTheHacker Inc.
blogging software

hosted by
Green Web Hosting! This site hosted by DreamHost.

monitored by
Monitored by eXternalTest
SiteUptime Web Site Monitoring Service
website uptime