Jump to content

Radius auth & dhcp radius proxy

peerfunk
By peerfunk
in Networking
 Share
Posted

Hello,

My parents own a small company (family business) so the place of business is also their home. Up until now we had one network for the business pcs, a linux server and private laptops etc. We also have wifi  accesspoints that are connected to the network, so employees can access the internet on their private devices.(I attached a basic overview to this post) This system is a total mess and it is incredibly stupid to not separate the business network from the private network.

I am a complete noob with networking stuff so I wanted to ask you guys if you could point me into the right direction. The basic idea is to separate the wifi network into two user-groups and two subnets. one that only has access to the internet the other has access to the whole network. As a firewall/router system I am currently running a dedicated pc with ipcop. As far as I know I have to use a radius server for authentication to the wireless network and somehow have to figure out how to configure the dhcp-server on the ipcop-system so it puts all 'guest' users form the radius authentication into a subnet that only has access to the internet.

My question now is how can I use the radius authentification-name with a dhcp-server so it puts the user 'guest' into the subnet 10.xxx.xxx.xxx and the user 'admin' into the subnet 192.168.xxx.xxx? I am sorry if the answer is just a quick google search away but I have read a lot about this in the past few days and couldn't find an easy solution.

Sorry for being such a noob - thanks

Untitled Diagram.png

Link to comment
https://linustechtips.com/topic/808676-radius-auth-dhcp-radius-proxy/
Share on other sites
Link to post
Share on other sites
Posted

Hello and welcome to the forums! :D How much are your parents willing to pay for some equipment? You could get Ubiquiti hardware. Such as their APs and AP controller.  You can control the APs via the controller and you could deny and permit what can be access and what cannot. Or you could buy enterprise network equipment for cheap. Such as used Cisco/HP/Dell Switches and routers. If you do choose to use networking equipment, then I'd recommend using Cisco. 

 

For the Radius server, is it running on the Linux box or the IPCOP? How many employees do your parents have at their company, how much data is being used across the network? Any large files? 

 

 

CPU: AMD Ryzen 5 5600X | CPU Cooler: Stock AMD Cooler | Motherboard: Asus ROG STRIX B550-F GAMING (WI-FI) | RAM: Corsair Vengeance LPX 32 GB (4x 8 GB) DDR4-3000 CL16 | GPU: Nvidia GTX 1060 6GB Zotac Mini | Case: K280 Case | PSU: Cooler Master B600 Power supply | SSD: 1TB  | HDDs: 1x 250GB & 1x 1TB WD Blue | Monitor: 24" Acer S240HLBID | OS: Win 11 Pro.

 

Home Lab:  Lenovo ThinkCenter M82 Hyper-V Server 2022 | Dell OptiPlex 9020 Hyper-V Server 2022 | TP-LINK TL-SG108E | Cisco Catalyst C2960CG 8 Port Switch | HP MicroServer G8 SCCM Server | 2x Dell PowerEdge R630 Hyper-V Server 2022

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Networking

×