https://www.ironwifi.com/
IRONWifi was designed around the support for a cloud based Wifi authentication systems . It works great and is used by numerous guest and hotels based WIFI solutions & that needs to authentication users.
Here I will demo a straight configuration using a IronWIFI radius-server for a fortigate user.
On IronWIFI you will need a portal account in order to select a radius server region and create the RADIUS_users. The offer demo access and pricing solutions that will meet most ORGs needs.
They will provide a specific RADIUS-server port for the auth/acct function which are not the well known radius services udp1812/1813 . The pricing model of IronWiFi makes it economical if you need to support array of APs and numerous users. We are going to use it for a fortigate-firewall & for a local defined system admin user in this case kfelix.
Here's the cfg on the fortigate, it's identical to any other radius user cfg, btw.
You will need the IronWiFi RADIUS_SERVER DETAILS to complete the fortigate configurations
Once you have an account setup, the cfg is simple for the IronWIFI items.
You can uncover the secret
RadiusClient
Users accounts creations
You have a simple dashboard , and its provides very good details for the avg administrator and on what's happen ( when/what/who/etc....)
You have a host of pre-defined reports that can be executed to displau access-accept or rejects. These logs can be downloaded as a text-format which will meet most audit-trails.
The meer fact that you can download logs is a big plus imho and these logs are simple to follow.
The advantage of IronWiFi over jumpcloud RADIUS-aaS are listed here & along with a typical deployment design.
Both are gear as RADIUS-aaS services but they are different in many way. IronWIFI an JumpCloud are reliable and good solutions.
AFAIK,
IronWIFI does not have a LDAP-aaS other contender in this market are foxpass.
ironwifi supports chap and mschap so your 100% secure from prying eyes from a internet standpoint
Ken Felix
Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment