Tomato and possibly DD-WRT firmware make great travel routers as well inexpensive openvpn clients for pfsense.
> On Jul 31, 2014, at 10:15 PM, Moshe Katz <[email protected]> wrote: > >> On Thu, Jul 31, 2014 at 8:44 PM, Kenward Vaughan <[email protected]> >> wrote: >> In my quest to set up a computational lab at my school, the IT department >> has offered us the freedom to create this specialized lab as long as we >> aren't hooked up to the school's network--we are to be completely isolated. >> They have no one to maintain it software-wise (we will be doing that), and >> (I believe) fear security breaches, etc, emanating from there. >> >> They would allow us to go outside through the Wifi spots, though, as long as >> it is through the open (insecure) side. There is an accessible secure >> (internal) network as well. >> >> Is there a way to set up pfSense either on the internal server or a separate >> Internet side box to control outbound traffic by having it sign into that >> network then having the other machines have access? >> >> I'm not any sort of network person (self-taught in Linux/computers in >> general), so please accept my apology up front if this is an idiotic >> question. >> >> Thanks! >> >> >> Kenward > > As Adam said, yes this can be done. Also as Adam said, it's probably a good > idea to ask someone with a little bit of network experience. > > The only thing I have to add over Adam's reply is that, yes, pfSense should > natively be capable of using a WiFi connection as its "WAN" and a wired > network connection as its "LAN". If you set the WiFi interface to > "Infrastructure (BSS)" mode, it will connect to an existing wireless network. > The only caveat is that you need to make sure your wireless card is one of > the properly supported ones - otherwise you might end up with intermittent > dropouts and all kinds of unexplained problems. Again, as Adam said, doing > it this way really should be your last resort, just because there are too > many things that could go wrong with it. Finally, I should note that all of > this is true on paper, and I have not actually tested it myself in the field > - I don't have a spare wireless card. > > If all of Adam's other suggestions don't work, and you really need to go with > WiFi, Adam's other idea about using a travel router is actually something I > have done in practice at a construction site - the travel router and a > pfSense box are in the construction trailer connected to each other by > Ethernet, the travel router connects to a wireless network coming from > offsite, and the pfSense box sees the travel router as just another regular > network connection. Performance was as good as could be expected from > long-range WiFi - poor, to say the least, but that was because of WiFi signal > strength, not because of the setup itself. I used an Apple Airport Express > as my travel router, but there are others that may work better - and the > Airport Express is very hard to troubleshoot because it has no web interface. > > Moshe > > -- > Moshe Katz > -- [email protected] > -- +1(301)867-3732 > > _______________________________________________ > List mailing list > [email protected] > https://lists.pfsense.org/mailman/listinfo/list
_______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
