OK, so I have setup Bering rc3 on a couple of boxes and simulated different speeds of Internet connectivity to test the IPSec (freeswan) implementation and am very pleased with the results. Also, I am very happy with how easy the configuration is. So, my question and situation pertaining to wireless is as follows.
I have the SMC 2602W, a PCI card which houses a SMC 2632 PCMCIA card, for which I seem to think that I'll be compiling the Atmel drivers since I haven't found any .lrp packages or .o drivers that are specific to this wireless chipset. If this is wrong, please correct me. In any event, what I wondering is what would be the best way to provide encryption, if not also authentication, in order to use wireless and be treated as a "trusted" host on my LAN. I already know to just completely disregard WEP, as it appears to have been compromised to being the Worthless Encryption Protocol. So, are there any wireless cards, besides Cisco, that are supported by LEAF, Bering, or just Linux that can do either the Extensible Authentication Protocol (EAP), or Cisco's variant, called LEAP? Outside of L/EAP being available, I have run through several scenarios to consider, as follows: --use MAC filtering in Shorewall to only allow specified wireless NICs to even pass packet filtering rules --use DHCP, with the wireless card setup as a bridged interface -OR- use DHCP relay with the wireless card setup as a routed interface? --use IPSec road-warrior configuration between "trusted" zones and wireless client(s), but will IPSec work if the client is on the same segment as my local LAN (in the case above where I presume to bridge the 802.11 with the LAN), assuming that I have a shorewall rule-set that only allows IPSec-specific traffic through? Obviously, I would like to stay as close to convenience as possible without sacrificing any security. Unfortunately, I think that the Bering support for L/EAP is currently non-existent, which makes IPSec the most secure choice, but I'm pondering the most functional, least complex solution that is available. Additionally, if there are any horror stories about using (or trying to use) the SMC card that I mention, please advise on that as well, especially since I'd readily switch to any card that has better support, is easier to use, or has more functionality, especially since the prices of the 802.11b cards seem to have dropped steeply with the advent of 802.11a and 802.11g. Any and all replies to my questions are welcome! Thanks in advance... Rob ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
