Working in WiFi as part of my job, I had used systems like PacketFence and ClearPass to run autentication for the networks I run. These systems require large systems to run, and are a 16lbs sledge hammer where a push pin is needed. Thinking back to a conversation with Dragorn at The WOPR Summit, I figured I'd tackle writting a bare bones wireless management to support BTV this year.
I was able to get the code done before the event in August, but there are still a number of things which still need to be completed. I'm hoping to tackle a number of them before WOPR this year.
Stay tuned for more posts on Con-Fi over the next couple of months as we approach the start of WOPR.
802.1x Wireless Authentication
Con-Fi uses WPA2-Enterprise to support authenticating attendees. Using EAP-PEAP/MS-CHAPv2, users are able to authenticate with the username and password created during the self registration.
User and Group RADIUS Attributes (Partially Completed)
Administrators are able to add RADIUS attributes to both users and groups. This allows administrators to put different groups into different VLANs or set wireless roles.
To be implemented: Web based management of RADIUS attributes
Docker Build (Partially Completed)
Being able to quickly bring up the system is important. Con-Fi is built on Docker flexiblity and portablity.
To be implemented: Fully automated running of Con-Fi
There are a number of different features I would like to get written into Con-Fi to be able to make deployment and management easier. As time goes on, I'll be writing more features into Con-Fi. One of the primary features to be written next is an administrative interface for managing users, groups, and RADIUS attributes.