Any ideas I can validate my customers to authenticate them use guests networks

  • 1
  • Question
  • Updated 4 years ago
  • Answered
  • (Edited)
Hi, We have a database saved 1-2 million users information. I need a method to check whether all users try to access our guest WIFI network is come from our database, because we just want registered user use guest network.

Does anybody have any ideas to solve this problems?
Photo of Bin Yu

Bin Yu

  • 24 Posts
  • 0 Reply Likes

Posted 4 years ago

  • 1
Photo of Mike Kouri

Mike Kouri, Official Rep

  • 1030 Posts
  • 271 Reply Likes
The classic approach would be be to place a RADIUS server in front of your database and then use 802.1x for wireless authentication. With Aerohive products an alternate approach would be to use Private PSKs for wireless authentication. 
Photo of Bin Yu

Bin Yu

  • 24 Posts
  • 0 Reply Likes
I do not think PPSK can work with 1.5 million users.

Is that possible in the CWP terms acceptance to add onsubmit validation. Then the validation java script to do http request from external restful web service. the restful web service can do query  in my mysql database.

I heard CWP only can access external Web Server by using http request?
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Personally, I would definitely go down the 802.1X route with a secure on-boarding process of some kind.

However, a CWP can also authenticate to RADIUS which may meet your needs better if your use case is just guest access for casual use.

(As with most other vendors in the wireless space, Aerohive do not yet support using TLS-based EAP types for CWPs, you instead use naked PAP, CHAP, CHAPv2, but you could pass the RADIUS traffic over an encrypted tunnel behind the scenes.)
(Edited)
Photo of Bin Yu

Bin Yu

  • 24 Posts
  • 0 Reply Likes
Is that possible in the CWP terms acceptance to add onsubmit validation. Then the validation java script to do http request from external restful web service. the restful web service can do query  in my mysql database.

I heard CWP only can access external Web Server by using http request?
Photo of Bin Yu

Bin Yu

  • 24 Posts
  • 0 Reply Likes
Is that possible in the CWP terms acceptance to add onsubmit validation. Then the validation java script to do http request from external restful web service. the restful web service can do query  in my mysql database.

I heard CWP only can access external Web Server by using http request?
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Why would you want to reinvent the wheel in this way and use a Web service like that?

My advise is to use the technology that already exists at the correct level of abstraction:

Use RADIUS-backed auth with a CWP, configuring the RADIUS infrastructure to use your MySQL database if this is how the information is already stored.

You will get the credentials passed in PAP, CHAP or CHAPv2 and you can do as you please at the RADIUS back end to integrate.

FreeRADIUS would be an ideal fit for this.
(Edited)
Photo of Bin Yu

Bin Yu

  • 24 Posts
  • 0 Reply Likes
this can be a solution but I need to retrieve data to create a new database rather thean reuse current existed database.

Do you think my method will going to work. the HTTP request can talk to external webserver?
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
If needed, can you not add a SQL view to present it in a usable form to FreeRADIUS in-and-from the existing database?

http://en.wikipedia.org/wiki/View_%28SQL%29

http://dev.mysql.com/doc/refman/5.6/en/views.html

There are no compatibly implications for other database users in this way and you can construct the view even if data is held across multiple tables.

Even though, yes, it is abstractly possible, I am still struggling to understand why anybody would actually want to do this via a HTTP(S) request to an external service... It really feels to me like a layering violation.
(Edited)
Photo of Bin Yu

Bin Yu

  • 24 Posts
  • 0 Reply Likes
OK, I will take your point to try to work out the freeradius solution.

Do you have some tutorial for aerohive link to freeradius server.
Photo of Joe Fraher

Joe Fraher, Official Rep

  • 30 Posts
  • 7 Reply Likes
Hello, Bin Yu. There is a configuration guide that includes examples for integrating Aerohive with an external RADIUS server. You can open it here. I hope it will be helpful for you.