On Wed, 19 Feb 2003, Emmanuel Gravel wrote:
I was looking into setting up a wireless network at home. I'm already using
FreeBSD 4.4 as my gateway/firewall (NATD/ipfw/junkbuster) for my wired network.
I was initially looking at a Cisco 350 as an access point and Orinoco cards for
the laptops/desktops that don't have wired access, mostly because an admin I
knew swears by their security features. Cost is too high for my budjet however
(for the access point).
After some searching, I've found that FreeBSD could be used directly with a
wireless card to become an access point. However, with the Orinoco cards, I
read it could only do ad-hoc and not infrastructure mode. For that, a
Prism-based card is required. I've looked at the list of cards pretty quickly,
but I don't know which ones to get. Keep in mind that all the systems that will
be wireless will be Windows (98/XP), apart from the FreeBSD gateway.
Here's what I would like to accomplish:
1- The access point will not advertise it's name
2- When connecting to the access point, the clients will encrypt the name
they're trying to connect to, so outside snoopers, even if they do break WEP,
won't be able to connect (I think this is what was done with the Orinoco cards,
the Cisco 350, and special client software).
3- All communication afterwards is continuously encrypted between the clients
and the access point (not just with WEP). Both clients and server should have
key pairs (SSL?).
4- All clients will have access to the network and internet as if they were
wired (i.e. there should be no difference to the user whether using a wireless
or wired computer). This includes Windows shares as well as any other TCP/IP
based protocol.
Which Prism-based card would be best for this? Keep in mind I need both PCI and
PCMCIA cards that should all be compatible with each other. I have both PCI and
ISA slots available on my FreeBSD system.
Also, which Windows software will I be needing to make this painless to the
user (if anything specialized is needed)? Also, on the Windows side again,
which diagnostics software would be best?
Thanks for your help!
I use a DLink dl-650 card in my box. I also put my wireless network inside
of IPSec and enforce it with IPFW. This way, unless each client is using
the appropriate ipsec settings, they will never see the wireless network.
My setup may be a little different however. Heres what I have:
To Internet
|
-
| FBSD gw/firewall
-
|
192.168.1.0/24
|
|
--
| FBSD (bridge)(firewall)| - To wired internal network
-(still 192.168.1.0)
wi0
nothing but IPSec ESP/AH
in here (or out)
|
|
|
To wireless internal network
(still 192.168.1.0)
|
|
My wireless laptops.
__
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message
