Re: AT&T WiFi at McDonalds, etc
- From: John Navas <spamfilter1@xxxxxxxxxxxxxx>
- Date: Thu, 01 Nov 2007 22:57:52 GMT
On Wed, 31 Oct 2007 23:30:37 -0700, Jeff Liebermann <jeffl@xxxxxxxxxx>
wrote in <g6sii31k4dnhu955ke87n9o82vjgtopqr8@xxxxxxx>:
John Navas <spamfilter1@xxxxxxxxxxxxxx> hath wroth:
On Wed, 31 Oct 2007 19:27:29 -0700, Jeff Liebermann <jeffl@xxxxxxxxxx>
wrote in <mbdii3lihs4orppiusdjdj6ulullfmpalq@xxxxxxx>:
What I find amusing (or disgusting) is that any wireless provider that
has a functional authentication server, such as AT&T obviously does,
can also provide RADIUS based authentication, which the typical
wireless client has no problem using. The client and access point can
then be issues a unique one time WPA-RADIUS encryption key, and all
the traffic is encrypted.
I suspect the issue is support -- it's bad enough when users can connect
automatically, and it's a nightmare to support the handing out and use
of one-time keys.
That's not exactly the way it would (should?) work. The RADIUS server
delivers the encryption key to both the access point and the client. I
have WPA-RADIUS working at several installations without any
modifications to the client computer.
Trust me, I know how it is supposed to work. ;)
In all cases, the user is
issued a login and password, which are also entered in the RADIUS
server. Administering this is a PITA for a small coffee shop, but
AT&T already does everything that's necessary for their DSL customers,
so there's no added effort involved.
The real effort is support, because lots of people don't know what to
do, or simply forget their credentials (or worse, post their credentials
on a PostIt Note for everyone to see).
The only changes are to convince
AT&T and Wayport to consolidate their authentication methods and to
enable WPA-RADIUS in their wireless access points. That can't be done
at this time because of bureaucracy and more important, because the
access point will not handle multiple encryption modes (WPA-RADIUS and
unencrypted). Two access points would solve that problem, but that's
a major expense that's probably not justified.
What's really needed is to train users in authentication, but that just
ain't gonna happen, so there's really no point to messing that way.
Surely you know how expensive support is. ;)
--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>
.
- Follow-Ups:
- Re: AT&T WiFi at McDonalds, etc
- From: Jeff Liebermann
- Re: AT&T WiFi at McDonalds, etc
- References:
- AT&T WiFi at McDonalds, etc
- From: P.Schuman
- Re: AT&T WiFi at McDonalds, etc
- From: dold
- Re: AT&T WiFi at McDonalds, etc
- From: Bill Kearney
- Re: AT&T WiFi at McDonalds, etc
- From: Jeff Liebermann
- Re: AT&T WiFi at McDonalds, etc
- From: John Navas
- Re: AT&T WiFi at McDonalds, etc
- From: Jeff Liebermann
- AT&T WiFi at McDonalds, etc
- Prev by Date: Re: AT&T WiFi at McDonalds, etc
- Next by Date: VOIP in Sonora Mexico ?
- Previous by thread: Re: AT&T WiFi at McDonalds, etc
- Next by thread: Re: AT&T WiFi at McDonalds, etc
- Index(es):
Relevant Pages
|
