Chris Vogel

Yes!

#OpenWRT + #Packetfence:

On an unencrypted registration SSID authorized a client through a portal page.

Then showed the client via dpsk (dynamic pre-shared key) provisioner login data for the encrypted SSID to connect to a network with internet access.

When the client connects to the unencrypted SSID it gets redirected to a portal to enter an email address (and possibly other data). Packetfence sends an email to a pre-configured address (owned by the sponsor) containing a link to approve the request for access.

The client waits on a portal html page for the sponsor to click the link. After the sponsor clicks the link to approve the request the clients web page reloads and shows the name of the encrypted SSID to connect to and a password for the connection.

Next step to accomplish: configure OpenWRT (hostapd) and Packetfence to allow the usage of the PSK to connect to the encrypted SSID.

BTW: Testing this I'm using #deskhop to switch seamlessly between my notebook and my #Librem5 which I use as a test client for the wifi connection to the OpenWRT access point.

Mar 30, 2024 at 1:33pmWeb
Show threadChris VogelMar 30, 2024

It seems I'm stuck on the #OpenWRT side. Don't know how to configure #dpsk (dynamic pre-shared key).

https://forum.openwrt.org/t/dynamic-pre-shared-key-dpsk-via-radius/193298?u=chrichri

Dynamic pre-shared key (dpsk) via radius

I'd like to achieve what the wpa_psk_file offers, but with the information fetched from a radius server: a device with mac connects using a psk openwrt sends a radius auth request containing mac and psk to the radius server the radius server sends a reply an Access-Accept reply would contain Tunnel-Type = VLAN and Tunnel-Private-Group-Id = openwrt disconnects the device or puts it into the according VLAN Any help would be much apreciated. Background: Have one open ssid in a network that ...

OpenWrt Forum
Show threadChris VogelApr 1, 2024

I think this is solved as I wrote in the forum thread.

Learned something new: When I tried to revert the wireless.js in luci to a version offering the configuration for #ppsk aka #dpsk I controlled the downloaded version in the debugging window of #firefox.

Right there its possible to download a javascript file from the debugger to a file, change it and use it inside the opened web page. No need to change anything on the server serving the original js.