Hosting Provided By

Re: Is hotspot going to replace PPPoE

From: Rui Carmo <rui.carmo(at)accao.net>
Date: Sun Jan 26 2003 - 09:20:36 EST

I'm dealing with that one too. There are two variants:

Software-based gateways like http://nocat.net (whatever else vendors name it, it's basically the same thing - get an IP, auth via SSL, NAT to the outside)
Layer-2 auth based on 802.1x and its gazillion non-interoperable variants.

"1" does not require any client software, but forces you to open a browser (which is plain stupid in usability terms, especially since the first versions required you to _keep_ the browser window open to maintain the connection). It also does not support PDAs properly. It allows you to do all sorts of neat tricks if you have a Linux-based gateway server, but for large-scale deployments, no-one wants to put a server in every hotspot.

"2" will (sadly) most likely become the industry norm for WLAN hotspots, since vendors can sell a lot more gear and services with it. Basically, you do low-level Layer-2 auth to an access point, which then sends your auth data to a RADIUS server. Microsoft and Cisco are pushing certificate-based auth (hence the extra gear and services), and XP supports this right out of the box. It only requires APs (and at the most a dumb router) at the hotspot - exactly the same infrastructure model as with PPPoE, by the way.

Not having a PPPoE client installed is fast becoming a non-issue. Mac OS X and XP support it out of the box, and both work flawlessly, the real issue is that PPPoE is being actively ignored as a WLAN AAA solution since it provides vendors with very little extra revenue. Not having an 802.1x client installed is the real issue for the proponents, and (due to lack of proper interoperability) having the wrong one installed is the customer's nightmare.

And believe me, it's easier to set up a PPPoE connection in XP than going through all the hoops required to make 802.1x work properly.

On Monday, Jan 20, 2003, at 13:46 Europe/Lisbon, John Tully wrote:

> I don't see much activity on this list, so here is a real current
> issue that I would like to hear people comment on.
>
> Is HOTSPOT technology going to replace PPPoE. We also make hotspot
> servers and this appears to be the way of the future. We have ten
> times more interest in hotspot than pppoe. Basically "hotspot" means
> a box that can autheticate and give access with the client computers
> have dhcp or static ip configured. Of course it is not ppp, but we
> have included all the radius info and most of the important features
> of ppp in our "hotspot" authentication. Before any ppp gurus get mad,
> most of what is needed from ISPs from ppp (and pppoe) do can be done
> with "hotspot" technology. It is easier for the client because they
> don't need a pppoe client.
>
> Comments please!
>
> John
> www.mikrotik.com
>
Received on Sun Jan 26 09:21:25 2003

Do you need help?
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related ipsec.org Links pppoe Request more information about Pantek

This message: [ Message body ]
Next message: Rui Carmo: "Re: Is hotspot going to replace PPPoE"
Previous message: Rui Carmo: "Re: Using PPPoE to secure Wireless LANs?"
In reply to: John Tully: "Is hotspot going to replace PPPoE"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:43:06 EDT