On 16 Dec 2009 at 16:03, Mark Robinson wrote: > > Hi, I currently have two wireless access points that provide wireless > access to the corporate LAN in two meeting rooms. To satisfy PCI compliance, > I need to install a firewall between each access point and the LAN and only > allow traffic from our corporate IP range through to the LAN. Has anyone done > this before, and can you recommend any firewalls that will do the job? I have > installed Smoothwall onto a PC and played around with it but I´m not sure if > it´s the best solution for what I need. Thanks, Mark
Smoothwall will do the job, as will IPcop (a fork of Smoothwall which I prefer) and pfSense and most other FLOSS firewall distros. In IPCop you would set up a RED - BLUE - GREEN network with 3 NICs, RED being the Internet, GREEN being the LAN and BLUE being the WAPs. I have this at one of my sites. My green LAN is 10.79.2.x while my blue LAN uses 192.168.79.x. The blue LAN can only see the gateway, they don't even know about the 10.79.2.x space. IPcop can provide DHCP services for the blue LAN as well as for the green LAN. http://ipcop.org/ -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +-----------------------------------+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
