Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


CrashAndBurn

669 posts

Ultimate Geek


#255644 22-Aug-2019 08:54
Send private message

Scenario: My brother lives overseas and runs a student accommodation and would like to setup a wi-fi network that will use machine ID for authentication. This is to stop people from sharing their logins to everyone.

 

Question: Any recommendation on the cheapest and easiest way to do this. Was hoping for something that a user just provides their machine ID and my brother loads it in then thats it.

 

 


Create new topic
sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #2303485 22-Aug-2019 08:56
Send private message

What do you mean by "machine ID" ?

 

 




xpd

xpd
Geek @ Coastguard NZ
13769 posts

Uber Geek

Retired Mod
ID Verified
Trusted
Lifetime subscriber

  #2303487 22-Aug-2019 08:57
Send private message

Turn off DHCP and lock down by MAC address of the device is prob the most easiest/cheapest way - but does require admin to add each device manually etc. 

 

 





       Gavin / xpd / FastRaccoon / Geek of Coastguard New Zealand

 

                      LinkTree

 

 

 


CrashAndBurn

669 posts

Ultimate Geek


  #2303489 22-Aug-2019 08:58
Send private message

sbiddle:

 

What do you mean by "machine ID" ?

 

 

Device ID? Basically he wants to allow each student to connect to the wifi with a laptop and mobile each.




CrashAndBurn

669 posts

Ultimate Geek


  #2303500 22-Aug-2019 09:13
Send private message

His current setup is a fibre connection with his router providing the wifi. The router has 4 LAN ports. He wants to add 2 more access points. One in each hallway. Any recommendation? Was hoping for something that can be managed in the router and not from each access point e.g. when the mac address is added, the user can connect on any of the access points.


sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #2303507 22-Aug-2019 09:27
Send private message

CrashAndBurn:

 

sbiddle:

 

What do you mean by "machine ID" ?

 

 

Device ID? Basically he wants to allow each student to connect to the wifi with a laptop and mobile each.

 

 

That still doesn't answer the question about what you mean by "device ID". Are you meaning MAC address?

 

By the sounds of it this is a very straight forward setup at present and nothing you want to do would likely be possible without moving to a more sophisticated setup.

 

For MAC address based authentication you'll ideally need to build a hotspot solution with external radius server and use 802.1x EAP + MAC address authentication which sounds well beyond the hardware capabilities of what you have, and probably the knowledge required to put this all together. Maintaining MAC addresses will also be a nightmare.

 

 

 

 


CrashAndBurn

669 posts

Ultimate Geek


  #2303520 22-Aug-2019 09:34
Send private message

sbiddle:

 

CrashAndBurn:

 

sbiddle:

 

What do you mean by "machine ID" ?

 

 

Device ID? Basically he wants to allow each student to connect to the wifi with a laptop and mobile each.

 

 

That still doesn't answer the question about what you mean by "device ID". Are you meaning MAC address?

 

By the sounds of it this is a very straight forward setup at present and nothing you want to do would likely be possible without moving to a more sophisticated setup.

 

For MAC address based authentication you'll ideally need to build a hotspot solution with external radius server and use 802.1x EAP + MAC address authentication which sounds well beyond the hardware capabilities of what you have, and probably the knowledge required to put this all together. Maintaining MAC addresses will also be a nightmare.

 

 

Yes it is the mac address. Mmm. I thought it was as easy as plugging in 2 more access points to the current router and changing authentication method. I guess I will have to research some more.


bignose
142 posts

Master Geek


  #2303535 22-Aug-2019 09:52
Send private message

forget about mac address filtering - setup a proper radius server and use proper userid/password auth for wifi - people are much less willing to 'share' their credentials when it's directly traceable back to themselves.


 
 
 

Trade NZ and US shares and funds with Sharesies (affiliate link).
gareth41
742 posts

Ultimate Geek


  #2303538 22-Aug-2019 09:57
Send private message

FreeRadius and OpenWrt will do what you want, they're a mission to setup though if you're not familiar with Linux.  Also add Coova-Chilli or WifiDog to that if you want a captive portal.


CrashAndBurn

669 posts

Ultimate Geek


  #2304314 23-Aug-2019 07:26
Send private message

Follow up question: Is there an SME grade WiFi router where I can limit how many simultaneous connections an account can use. What I am thinking now is each user will have their own login BUT limit it to 2 connections at any given time?


Spyware
3764 posts

Uber Geek

Lifetime subscriber

  #2304329 23-Aug-2019 07:56
Send private message

Radius accounting.


sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #2304337 23-Aug-2019 08:20
Send private message

CrashAndBurn:

 

Follow up question: Is there an SME grade WiFi router where I can limit how many simultaneous connections an account can use. What I am thinking now is each user will have their own login BUT limit it to 2 connections at any given time?

 

 

Depends how you're tryiing to log in.

 

If it's via standard WPA2 PSK the answer is no because it's not something a router has control over. 

 

If it's via a captive portal using radius or something like Mikrotik hotspot manager the answer is yes.

 

It it's using WPA2 PSK with 802.1x EAP the answer is yes.

 

As much as I hate to say it if you really have to ask the question I suspect building a solution is potentially going to be beyond your skill levels and you might be better off getting an expert to build a solution for you.

 

Something like a Mikrotik router could do everything you want, but that has a learning curve that goes with it.

 

 


Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.