Corey Chandler skrev:
Nerius Landys wrote:
Thank you all for your suggestions. This will be a project for me
over the holidays. I decided to go the standalone wireless router
approach.
Good man!
I will need to figure out how to configure my standalone
wireless router to "pass everything through" to the internal LAN that
I already have.
It's called "Bridge mode" on most APs-- it does exactly what you
describe. Just make sure things like "DHCP server" are turned off or
you'll see some... odd breakages.
Also I don't know too much about security, like how
to prevent eavesdroppers from connecting to my internal network. One
of you mentioned access lists, and I assume that means I tell the
wireless router which MAC addresses it accepts, and nothing else.
Ugh. MAC addresses are trivial to spoof-- I usually don't bother with
using them for security, although I do use 'em to ensure that particular
machines always inherit particular addresses.
Is there any other way to provide security? Like a password-protected
network? What are the buzzwords for these security schemes? Which
security scheme do you recommend for preventing random people within
proximity from connecting to my internal netowrk?
Absolutely. Google for WPA or WPA2; WEP has been broken and is trivial
to bruteforce, so I'd not bother with that.
Once you get the unit in, feel free to email me off list for
configuration questions; it sounds like a fun project!
-- CJC
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG - http://www.avg.com
Version: 8.0.176 / Virus Database: 270.10.0/1861 - Release Date: 2008-12-22 11:23
Hello Corey,
I don't use 'bridge mode'. I set a normal LAN ip for the wifi router -
as well as ips to the FreeBSD gateway and dns. This is for the LAN part
of the router - then another internal LAN ip for the wifi part.
To examplify.
Wifi router LAN part - ip 192.168.0.20, gateway 192.168.0.1, dns
192.168.0.10 and 192.168.0.11.
Wifi wifi part - network 10.0.0.1 - 10.0.0.10.
MAC addresses are indeed trivial to spoof - but if combined with a wifi
encryption key/passphrase it adds to security.
Greetings
/Roger
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
