# Internet access upon authentication



## plmday (Sep 20, 2010)

I am in a campus. To access the internet, a web-based authentication is required. They give us a url when entered in a browser it will direct us to a page which asks our username and password for authentication, if successful, we can access internet. Can anybody explain to me or point to me some other resources on how it works? Is it a proxy?

Let's come to the practical problem. I am a Linux user, new to FreeBSD world. I just did a fresh installation of FreeBSD from the i386 cd-iso. After running 'dhclient' I successfully get an ip address via dhcp, but I don't know how I could get authenticated because I could not find a browser thing in the cli. Any idea? Thanks in advance.


----------



## wblock@ (Sep 20, 2010)

The authentication may only be for HTTP and other web protocols, allowing you to install ports (like www/links).

Otherwise, the computer support people there are the authority, and you might have to ask them.  Who knows, maybe they'll even know what FreeBSD is and will be happy to help.

Or they might recoil in horror at the idea there's anything other than Windows.  In that case, you'll have to use another computer as a gateway (easy with a Linux system, I'd think).  Or just download packages for xorg and Firefox onto that computer and transfer them to the FreeBSD system.


----------



## plmday (Sep 20, 2010)

wblock said:
			
		

> The authentication may only be for HTTP and other web protocols, allowing you to install ports (like www/links).



My bad luck. They do not allow installing ports... 



> Otherwise, the computer support people there are the authority, and you might have to ask them.  Who knows, maybe they'll even know what FreeBSD is and will be happy to help.
> 
> Or they might recoil in horror at the idea there's anything other than Windows.  In that case, you'll have to use another computer as a gateway (easy with a Linux system, I'd think).  Or just download packages for xorg and Firefox onto that computer and transfer them to the FreeBSD system.



I am dual booting with Linux...


----------



## gordon@ (Sep 22, 2010)

I suspect they are doing MAC layer filtering. Once you are authenticated, your MAC address is allowed to access the network. Try dual booting authenticate with Linux and then reboot and try FreeBSD, see if it still works.


----------



## plmday (Sep 22, 2010)

gordon@ said:
			
		

> I suspect they are doing MAC layer filtering. Once you are authenticated, your MAC address is allowed to access the network. Try dual booting authenticate with Linux and then reboot and try FreeBSD, see if it still works.



I tried, unfortunately it does not work for FreeBSD but only for Linux (after reboot into Linux, no authentication needed as long as I regain an IP via DHCP). So it seems that it does do MAC layer filtering but ...


----------



## wblock@ (Sep 22, 2010)

The MAC should be the same for FreeBSD, since it's the same card.  If it's different, maybe a card with some firmware or run-time issue, you could manually set the MAC on FreeBSD with ifconfig(8).


----------



## mix_room (Sep 22, 2010)

plmday said:
			
		

> My bad luck. They do not allow installing ports...



ports are not always the same as ports

http://en.wikipedia.org/wiki/Port_number vs. http://www.freebsd.org/ports/$

If you installed the machine, you have complete control over it, and you should be able to install ports (the FreeBSD kind) 

They are probably not doing MAC authentication, otherwise it would be sufficient to spoof the MAC and then get access. What they probably have is a captive portal. The first dhcp-lease gives you an IP with access to only the login page, and probably some local sites (perhaps oncampus information or similar), after you login some rules, firewall or routing, are changed and you have access to the world. Think of it like being a tiger in a cage, but a tiger who owns the key.  

Perhaps you can write a script that fills the form for you, this could then be run every time you do not have access.


----------



## plmday (Sep 23, 2010)

wblock said:
			
		

> The MAC should be the same for FreeBSD, since it's the same card.  If it's different, maybe a card with some firmware or run-time issue, you could manually set the MAC on FreeBSD with ifconfig(8).



Yes, it's the same.


----------



## plmday (Sep 23, 2010)

mix_room said:
			
		

> ports are not always the same as ports
> 
> http://en.wikipedia.org/wiki/Port_number vs. http://www.freebsd.org/ports/$
> 
> If you installed the machine, you have complete control over it, and you should be able to install ports (the FreeBSD kind)



Yes, my mistake. I have installed the whole ports tree from the CD. What I am in trouble is to install an app from within the ports, because it needs to get the source from ftp.



> They are probably not doing MAC authentication, otherwise it would be sufficient to spoof the MAC and then get access. What they probably have is a captive portal. The first dhcp-lease gives you an IP with access to only the login page, and probably some local sites (perhaps oncampus information or similar), after you login some rules, firewall or routing, are changed and you have access to the world. Think of it like being a tiger in a cage, but a tiger who owns the key.



This seems correctly describes my situation. When I wanna get access to the out world in Linux, I do need to follow this two steps. After I get an IP address, I can only access the login page in a browser.



> Perhaps you can write a script that fills the form for you, this could then be run every time you do not have access.



The problem is now I do not know how to get the access for even once. Somebody has told me curl could be used to do this. But I cannot install it from ports without internet access.


----------



## mix_room (Sep 27, 2010)

plmday said:
			
		

> Yes, my mistake. I have installed the whole ports tree from the CD. What I am in trouble is to install an app from within the ports, because it needs to get the source from ftp.



Try downloading the package using another computer, copy it to a USB-stick or similar, and install the package.


----------

