Date: Tue, 23 Dec 2008 14:42:41 +0100 From: Roger Olofsson <240olofsson@telia.com> To: Corey Chandler <lists@sequestered.net> Cc: freebsd-questions@freebsd.org, Nerius Landys <nlandys@gmail.com> Subject: Re: Wireless router? Message-ID: <4950EAD1.6070802@telia.com> In-Reply-To: <49503F7D.8060805@sequestered.net> References: <560f92640812221349y683a7cbhce8ae0f22a8bedf0@mail.gmail.com> <4950245D.5090006@telia.com> <49502764.10405@sequestered.net> <560f92640812221631l777631eaga00687a7e3dafe77@mail.gmail.com> <49503F7D.8060805@sequestered.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Corey Chandler skrev: > Nerius Landys wrote: >> Thank you all for your suggestions. This will be a project for me >> over the holidays. I decided to go the standalone wireless router >> approach. > Good man! >> I will need to figure out how to configure my standalone >> wireless router to "pass everything through" to the internal LAN that >> I already have. > It's called "Bridge mode" on most APs-- it does exactly what you > describe. Just make sure things like "DHCP server" are turned off or > you'll see some... odd breakages. >> Also I don't know too much about security, like how >> to prevent eavesdroppers from connecting to my internal network. One >> of you mentioned access lists, and I assume that means I tell the >> wireless router which MAC addresses it accepts, and nothing else. > Ugh. MAC addresses are trivial to spoof-- I usually don't bother with > using them for security, although I do use 'em to ensure that particular > machines always inherit particular addresses. > >> Is there any other way to provide security? Like a password-protected >> network? What are the buzzwords for these security schemes? Which >> security scheme do you recommend for preventing random people within >> proximity from connecting to my internal netowrk? >> > > Absolutely. Google for WPA or WPA2; WEP has been broken and is trivial > to bruteforce, so I'd not bother with that. > > Once you get the unit in, feel free to email me off list for > configuration questions; it sounds like a fun project! > > -- CJC > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > > > ------------------------------------------------------------------------ > > > No virus found in this incoming message. > Checked by AVG - http://www.avg.com > Version: 8.0.176 / Virus Database: 270.10.0/1861 - Release Date: 2008-12-22 11:23 > Hello Corey, I don't use 'bridge mode'. I set a normal LAN ip for the wifi router - as well as ips to the FreeBSD gateway and dns. This is for the LAN part of the router - then another internal LAN ip for the wifi part. To examplify. Wifi router LAN part - ip 192.168.0.20, gateway 192.168.0.1, dns 192.168.0.10 and 192.168.0.11. Wifi wifi part - network 10.0.0.1 - 10.0.0.10. MAC addresses are indeed trivial to spoof - but if combined with a wifi encryption key/passphrase it adds to security. Greetings /Roger
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4950EAD1.6070802>