At 07:53 PM 2/4/03 -0800, Peter Nosko wrote:
[...]
pn] Thanks for the reply, Ray. Yes, by "this" I mean a linksys wireless router.
[...]
pn] I thought I might be able to make use of one too. It can be configured for an externalWith unimportant differences of detail, I'm doing exactly this with a D-Link WAP/router here. In my case, though, it's for bench testing small wireless LANs in a "lab" setting, not running a real network. I chose a combined WAP/router only because this one was on an absurdly cheap sale locally. My setup works the way you describe.
dynamic IP assignment, and since I'm using a DHCP server behind my Dachstein firewall/router
(upgrading soon to Bearing), all my internal clients are also setup for dynamic IP assignment.
Continuing along that line, I figured if I take my existing notebook connection from the hub of
the internal network to feed this wireless router, it would get one my 10.x.x.x addresses
dynamically (like the notebook did) and assign the notebook with a wireless card one of it's own
NAT'ed (preconfigured for 192.168.x.x) addresses.
pn] I'm thinking my notebook "wouldn't know the difference" and I'd still have the same protectionYes. But this is NAT'd access, not "transparent" access. It suffers from the same restrictions that any NAT setup does (mainly, the inability to initiate connections *to* the NAT'd WLAN unless port-forwarding rules are in place).
from my firewall as before, no? However, would I still have "transparent" access to the other,
er, Windoze clients on the internal network? Again, I'm thinking it would, looking like it has
the IP of the linksys router to the rest of the internal network. Am I right?
pn] If adding a separate NIC to the LEAF router/firewall adds something I missed in your previousHow secure will your WLAN be? Will is be as secure as your UTP-based LAN? The setup you propose gives you no way to protect your LAN hosts from a break-in on your WLAN, whereas putting the WLAN on a separate LEAF-router interface lets you control (you can call this "complicate" if you wish) access from the WLAN to the LAN.
explanations, please smack me and say it again. But I think this would complicate my access to the
other internal clients.
Whether that is important in your situation is something I cannot judge. The D-Link WAP/router I have looks like it has the usual WAP security options, and I expect the Linksys you're looking at is similar. You need to decide if this is enough. (Since I'm only using mine on a test LAN, it is not a real issue for me.)
pn] BTW, I have a DMZ so I'm already at a 3-NIC system, but adding one more just adds to the fun, eh?
-- -------------------------------------------"Never tell me the odds!"-------- Ray Olszewski -- Han Solo Palo Alto, California, USA [EMAIL PROTECTED] ------------------------------------------------------------------------------- ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
