Lonnie, So Lonnie, if I run DHCP, on my customers IP's, how do I authenticate the users. I'm a real rookie at this. Ron Wallace ---- Original message ---- >Date: Tue, 6 Dec 2005 11:52:08 -0800 >From: Lonnie Nunweiler <[EMAIL PROTECTED]> >Subject: Re: [WISPA] How to Authenticate/Protect (WasEthernet basedauthentication) >To: WISPA General List <wireless@wispa.org> > >If you take Marlon's advice and do not run DHCP then you get to have >that personal contact with each and every subscriber if you ever have >to change network settings. With DHCP running it is real simple and >quick to edit the DHCP config and wait for the DHCP client renewal . > >My advice is completely the opposite. Use DHCP for all of your >customers. You will be happy you did and will mutter things when you >encounter someone who is not on DHCP. > >The personal contact is nice but what if you have several hundred >customers? That is just a little too nice for my tastes. > >Lonnie > >On 12/6/05, Marlon K. Schafer (509) 982-2181 <[EMAIL PROTECTED]> wrote: >> Don't run DHCP! And use mac filtering at the ap's. (I use the smartbridges >> ap's. they'll do radius and authenticate wireless subs just like my dialup >> ones.) >> >> Marlon >> (509) 982-2181 Equipment sales >> (408) 907-6910 (Vonage) Consulting services >> 42846865 (icq) And I run my own wisp! >> 64.146.146.12 (net meeting) >> www.odessaoffice.com/wireless >> www.odessaoffice.com/marlon/cam >> >> >> >> ----- Original Message ----- >> From: "Jason" <[EMAIL PROTECTED]> >> To: "WISPA General List" <wireless@wispa.org> >> Sent: Monday, December 05, 2005 9:39 PM >> Subject: Re: [WISPA] How to Authenticate/Protect (WasEthernet >> basedauthentication) >> >> >> > Marlon, >> > >> > I appreciate the advice. Mostly I am interested in bullet proof >> > authentication of my clients. Any suggestions? >> > >> > Jason >> > >> > Marlon K. Schafer (509) 982-2181 wrote: >> > >> >> Hiya Jason, >> >> >> >> You are mixing your networks.... You won't normally run a homebrew >> >> product to provide a top notch service. >> >> >> >> If security is of THAT great an importance to you, you should NOT run >> >> wifi anything. Put in something much more off the wall. It's a lot >> >> harder to snoop if you don't use one of the world's most common >> >> protocols. >> >> >> >> For these business guys I'd run Trango or something like that. Good >> >> stuff but not nearly as much of it in use and no free tools on the >> >> internet for intercepting and cracking the data stream. >> >> >> >> What we do is remind our customers that this is the internet. They are >> >> hanging out there for thousands upon thousands of people who's only >> >> purpose in life is breaking into their machines and seeing what they can >> >> learn. If they have data that's that sensitive then they need a high end >> >> internal firewall and they need to VPN all internet traffic. >> >> >> >> That help? >> >> Marlon >> >> (509) 982-2181 Equipment sales >> >> (408) 907-6910 (Vonage) Consulting services >> >> 42846865 (icq) And I run my own wisp! >> >> 64.146.146.12 (net meeting) >> >> www.odessaoffice.com/wireless >> >> www.odessaoffice.com/marlon/cam >> >> >> >> >> >> >> >> ----- Original Message ----- From: "Jason" <[EMAIL PROTECTED]> >> >> To: "WISPA General List" <wireless@wispa.org> >> >> Sent: Friday, December 02, 2005 3:20 PM >> >> Subject: [WISPA] How to Authenticate/Protect (Was Ethernet >> >> basedauthentication) >> >> >> >> >> >>> List, >> >>> >> >>> I am on the precipice, ready to take the plunge and become a WISP >> >>> (After 1 year of zoning, permits, 16 hr days, etc), but one thing still >> >>> bothers me. I haven't decided how to authenticate clients to my network >> >>> and REALLY protect their data. The CPE's I will use, rootenna/Senao2611 >> >>> combos, do only WEP, which only obfuscates data nowadays. MAC addresses >> >>> can be cloned. Proxy login via a browser is obnoxious for the end user. >> >>> Ditto PPPoE & VPN logins. There is just no elegant, KISS solution. I >> >>> was looking at PPPoE or PPTP (poptop/linux) with Radius as my system, >> >>> since this would accomplish it, but seems like so much trouble and >> >>> overhead. PPTP is not Mac friendly, PPPoE requires clients (gasp) or a >> >>> router (gack!) and the PPPoE server shipping with Linux is meant "for >> >>> testing purposes only - man". I want an Always On (apparently) system >> >>> for my clients that just works. >> >>> >> >>> How do you other (small) WISPs do this? >> >>> >> >>> Tangent: How do you Senao 2611 users keep Netbios & windows network >> >>> neighborhood data off the wireless network. I was told to add a SOHO >> >>> router to the mix, but don't want to invest in more equipment to >> >>> maintain. >> >>> >> >>> Jason Wallace >> >>> -- >> >>> WISPA Wireless List: wireless@wispa.org >> >>> >> >>> Subscribe/Unsubscribe: >> >>> http://lists.wispa.org/mailman/listinfo/wireless >> >>> >> >>> Archives: http://lists.wispa.org/pipermail/wireless/ >> >>> >> >> >> > -- >> > WISPA Wireless List: wireless@wispa.org >> > >> > Subscribe/Unsubscribe: >> > http://lists.wispa.org/mailman/listinfo/wireless >> > >> > Archives: http://lists.wispa.org/pipermail/wireless/ >> > >> >> -- >> WISPA Wireless List: wireless@wispa.org >> >> Subscribe/Unsubscribe: >> http://lists.wispa.org/mailman/listinfo/wireless >> >> Archives: http://lists.wispa.org/pipermail/wireless/ >> > > >-- >Lonnie Nunweiler >Valemount Networks Corporation >http://www.star-os.com/ >-- >WISPA Wireless List: wireless@wispa.org > >Subscribe/Unsubscribe: >http://lists.wispa.org/mailman/listinfo/wireless > >Archives: http://lists.wispa.org/pipermail/wireless/ Ron Wallace Hahnron, Inc. 220 S. Jackson St. Addison, MI 49220
Phone: (517) 547-8410 Mobile: (517) 605-4542 e-mail: [EMAIL PROTECTED] -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/