On Wed, 19 Feb 2003, Emmanuel Gravel wrote:
> I was looking into setting up a wireless network at home. I'm already using
> FreeBSD 4.4 as my gateway/firewall (NATD/ipfw/junkbuster) for my wired network.
> I was initially looking at a Cisco 350 as an access point and Orinoco cards for
> the laptops/desktops that don't have wired access, mostly because an admin I
> knew swears by their security features. Cost is too high for my budjet however
> (for the access point).
> After some searching, I've found that FreeBSD could be used directly with a
> wireless card to become an access point. However, with the Orinoco cards, I
> read it could only do ad-hoc and not infrastructure mode. For that, a
> Prism-based card is required. I've looked at the list of cards pretty quickly,
> but I don't know which ones to get. Keep in mind that all the systems that will
> be wireless will be Windows (98/XP), apart from the FreeBSD gateway.
> Here's what I would like to accomplish:
> 1- The "access point" will not advertise it's name
> 2- When connecting to the access point, the clients will encrypt the name
> they're trying to connect to, so outside snoopers, even if they do break WEP,
> won't be able to connect (I think this is what was done with the Orinoco cards,
> the Cisco 350, and special client software).
> 3- All communication afterwards is continuously encrypted between the clients
> and the access point (not just with WEP). Both clients and server should have
> key pairs (SSL?).
> 4- All clients will have access to the network and internet as if they were
> wired (i.e. there should be no difference to the user whether using a wireless
> or wired computer). This includes Windows shares as well as any other TCP/IP
> based protocol.
> Which Prism-based card would be best for this? Keep in mind I need both PCI and
> PCMCIA cards that should all be compatible with each other. I have both PCI and
> ISA slots available on my FreeBSD system.
> Also, which Windows software will I be needing to make this painless to the
> user (if anything specialized is needed)? Also, on the Windows side again,
> which diagnostics software would be best?
> Thanks for your help!
I use a DLink dl-650 card in my box. I also put my wireless network inside
of IPSec and enforce it with IPFW. This way, unless each client is using
the appropriate ipsec settings, they will never see the wireless network.
My setup may be a little different however. Heres what I have:
| FBSD gw/firewall
| FBSD (bridge)(firewall)| ----- To wired internal network
------------------------- (still 192.168.1.0)
nothing but IPSec ESP/AH
in here (or out)
To wireless internal network
My wireless laptops.
> Do you Yahoo!?
> Yahoo! Shopping - Send Flowers for Valentine's Day
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-questions" in the body of the message
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message