The orgnaization has 4 sites where they have a small computer lab/workspace with DSL (at each site) for accessing the Internet. DSL services are from commercial ISPs. There are visitors going into each site and stay some time for their research work. Each site has a number of its own dekstops (Windows XP/Vista machines) and the visitors do also use their own laptops to access the Internet. A wirelss network is setup at each workspace and is protected with WEP (WPA). There are no (windows) domains or servers at these four locations. The visitors are given the WEP key (over the phone) for them to access the wireless and hence the Internet.
I wish to implement a solution where authentication is centralised at their main office (5th site). The visitors generally come to the main office first before going to other satellite sites. All they need access is Internet. Such a centralized solution will also let the organization monitor/log usage (once a visitor has managed to burn entire monthly DSL quota in 2 days and the organisation could not identify the exact person who was responsible for it). The sites are basically functioning with very minimal staff/administrative supervision.
Wireless Access Points have been recently upgraded with D-Link 3200APs, which can talk to a RADIUS server.
Is it possible for a RADIUS server to be kept at the central office for authentication & accounting though the 4 satellite sites have their own private subnets? What (cost effective) options do I have for this scenario?