I have done something similar but not using a DMZ. I simply added a second Private network for the WiFi network using a normal NIC and a Separate Wireless Access Point. Simply don't add any rules that will allow the two networks to interact into your shorewall rules and you have 2 independent, isolated internal networks both of which have internet access through your firewall. The WiFi equipment we used had the capability to encrypt it's own communications which we implemented to ensure that other laptops could not be connected to the wireless network and use our satellite connection without permission. All of our gear was from Alloy.
Andrew Gray -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Sean E. Covel Sent: Tuesday, 16 Dec 2003 06:19 To: [EMAIL PROTECTED] Cc: Leaf User List Subject: Re: [leaf-user] CABLE + WIFI + IPSEC + WINDOWS + BERING = ??? Julian, On Mon, 2003-12-15 at 11:32, Julian Church wrote: > Hi Sean > > On Mon, 15 Dec 2003 10:02:35 -0500, Sean E. Covel <[EMAIL PROTECTED]> > wrote: > > > Here is what I am proposing to do: > > > > Cable Modem -> Bering --> (Private Network) Current PC (Windows XP) > > | > > ---> DMZ --> WAP --> Laptop (Windows XP) > > > > The question is, of course, how to secure the WIFI and Laptop. I was > > hoping that the Laptop could establish an IPSEC connection through the > > WAP to Bering. > > Strange! > > That's exactly what I'm planning at home, except there are two laptops, > both running Mac OS X (which has an IPSEC client built in. > > As far as I've determined by searching the internet, as long as your > access point is set up as a transparent bridge, the IPSEC traffic will > pass straight through. > > cheers > > Julian > > Since this needs to be up-and-running quickly, and I'm doing it in my spare time, I wanted to go the path of least resistance. How soon till you implement? I was hoping to learn from someone else's mistakes ;-). Don't want to be the trailblazer on this one. It just sounds too easy. Anyone actually done it? Even with 802.11a/b/g? ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html __________ NOD32 1.579 (20031215) Information __________ This message was checked by NOD32 antivirus system. http://www.nod32.com ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html