Zeroshell Linux: Captive Portal, Internet Gateway and Router (part3) - page 2
Setting up the Captive Portal
In the first part of this series, we set up ZeroShell to work with an existing router. Therefore we could take advantage of ZeroShell's services, such as RADIUS authentication and the soft AP, without having to do the configuration work of setting it up to do the routing on the network. However, if want to get rid of your off-the-shelf router (or use it as an extra AP), you can follow the steps in this section.
This requires your ZeroShell machine to be loaded with at least two Ethernet adapters, if you want any wired access to the network. For example, one adapter would be connected to the Internet modem, and the other to a single computer, or a switch to support multiple computers. If you only want ZeroShell to offer wireless access (and you have a compatible Wi-Fi adapter), only one Ethernet adapter is required.
Tip: If you don't have a switch, you can use your old router. To do this, disable DHCP on the router, and change it's IP to something within the subnet of ZeroShell (but not the same), such as 192.168.0.2 or 192.168.1.2. Then plug ZeroShell and other computers into the regular Ethernet ports; don't use the WAN or Internet port. If its a wireless router, Wi-Fi computers can connect too.
Here's how to configure ZeroShell to act as the router/gateway:
- You need to edit the IP address of the adapter you previously had connected to your off-the-shelf router. We'll make this adapter the one that will provide the wired access to your computers; the other adapter will hook to your modem. You want to change this adapter to an IP that will better represent it as the router. For example, you should use 192.168.0.1 or 192.168.1.1, rather than 192.168.0.75 or 192.168.1.75. To do this, click Setup from the main menu, click the Network tab, select the IP address, and click the Edit button. If you enabled DHCP for the adapter (instead of assigning a static IP) you can follow the directions from Part 1 on changing the default IP settings. If you have only one wired adapter and you're going to only offer wireless access, you need to create/change an IP for the wireless interface rather than for the single wired adapter, since that Ethernet adapter will be used for the Internet connection.
- Next you probably want to enable the DHCP server, so you don't have to manually set each client up with a static IP address: (Figure 4 shows an example configuration)
- Click the DHCP link on the main menu and click the New button in the upper right of the page. Then on the window that appears, select the subnet of the IP address you created (such as 192.168.0.0/255.255.255.0 if the IP is 192.168.0.1 or 192.168.1.0/255.255.255.0 if the IP is 192.168.1.1), and click OK.
- On the DHCP page, define the IP address range for clients, such as 192.168.1.100 - 192.168.1.199, in the Range 1 fields. If you want a particular client to always receive the same IP, click the Addï¿½ button in the Static IP Entries section, input the desired IP and the client's MAC address, and click OK.
- On the DHCP page, type the IP address you created into the Default Gateway and DNS 1 fields on the right, and click Save.
- Make sure the Enabled checkbox in the upper right is marked.
- If you have a DSL or other Internet connection that requires IP or logon details, configure it now (automatic cable connections are discussed later). This is just like when setting up a off-the-shelf router/gateway; it needs the Internet connection details. Click the Setup link on the main menu and select the Network tab. If your connection uses PPPoE, click the New PPPoE button, input the details, and click OK. If your connection uses a static IP only, click the Add IP button for the interface that's connected to the modem.
- On the Network page, click the New Bridge button, move the Internet connection and other Ethernet interfaces over to the Bridge Components, and click Save.
- If you have an automatic cable Internet connection, where you don't have to input any IP or logon details, you can just enable the DHCP client to retrieve the IP details from your ISP. On the Network page, in the Bridge section, click the Dyn IP button, select Enabled from the drop down list box, wait till the adapter receives an IP from your ISP, and click Close.
- You must enable Network Address Translation (NAT) for the Bridge. Click Router from the main menu, click the NAT tab, move the bridge over to the NAT Enabled Interfaces, and click Save.
Now the ZeroShell box should be routing the network traffic and acting as the gateway to the Internet. Computers plugged into the wired port should automatically receive an IP and access to the Internet.
Wrapping up our ZeroShell series
This part completes our series on configuring and using ZeroShell. You should now be able to run WPA/WPA2-Enterprise encryption on your Wi-Fi network; thanks to ZeroShell's RADIUS server. If you have the right wireless adapter, ZeroShell can also act as an AP. Plus you should understand how to get a simple captive portal working for hotspots. Finally, you should be able to replace your router with the ZeroShell machine.
Eric Geier is an author of many computing and networking books, including Home Networking All-in-One Desk Reference For Dummies (Wiley 2008) and 100 Things You Need to Know about Microsoft Windows Vista (Que 2007).
Sponsored by BlackBerry
BlackBerry® Enterprise Server Express enables businesses of any size to quickly and easily get started with the BlackBerry solution. It provides advanced BlackBerry smartphone features with no additional software or user license fees, and works with any Internet-enabled BlackBerry data plan or a BlackBerry enterprise data plan. Download now!