Another work-around for the "login page" issue
Ward,
Another good way to allow people to log in to "fleabagmotel.com" to authorize themselves would be to install the squid proxy on the vpn-in-a-flash box.
With the right iptables rules configured, all outgoing web traffic through the box would appear to come from the box itself. Possibly just setting up NAT correctly would do the trick as well, if the wireless and wired interfaces are not set up as bridged.
Now your wifi laptop or cellphone can connect to the Wifi on the box, and handle the authorization procedure, then every client connected through the box would appear to be the same machine.
On a related note:
I have set up my home network and used iptables on my linux-enabled router (dd-wrt.com) to force all outgoing web traffic through squid on my pbxinaflash box. It works great, and you can optionally configure dansguardian for web filtering (makes me less nervous when my kids are online). It's a transparent proxy (for http, not https, however) so no configuration is necessary on the clients (nor is there a way to bypass the proxy on the clients =-).
I may be able to help out with this part of the project, as I've done quite a bit with OpenVPN for my home and office as well.
For anyone else out there running dd-wrt firmware in their router and using a pbxinaflash server, here are the firewall rules I'm using:
iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -d 10.0.1.1 -j ACCEPT
iptables -t nat -A PREROUTING -i br0 -s ! 10.0.1.50 -p tcp --dport 80 -j DNAT --to 10.0.1.50:8080
iptables -t nat -A POSTROUTING -o br0 -s 10.0.1.0/24 -d 10.0.1.50 -j SNAT --to 10.0.1.1
iptables -I FORWARD -s 10.0.1.0/24 -d 10.0.1.50 -i br0 -p tcp --dport 8080 -j ACCEPT
The router's internal IP is 10.0.1.1.
The pbxinaflash server is 10.0.1.50
The dansguardian process listens on port 8080 (change this above if you go directly to squid on port 3128)
For squid and dansguardian configuration, do some googling.
All my web traffic goes through this box (it's a Wal-Mart special) and I haven't seen any performance hit on my phone traffic. The squid proxy is really nice for accelerating your web browsing, too.