[TCLUG] Semi-OT: Wireless Access Point?

Mon Apr 19 13:17:28 CDT 2004

On Mon, Apr 19, 2004 at 12:38:22PM -0500, Scott Raun wrote:
> I only _need_ the WAP - but I'm willing buy a box with hub/router
> capability built-in.  I probably don't really need better than b,
> because my outbound DSL pipe is (IIRC), 640/128.  OK, the Linux box
> may have a 100MB card in it, and the inside connection to my Cisco 675
> claims to be 100MB, but those are the only pieces in the home network
> that currently supports greater than 10MB.  I have one data transfer
> that I'm going to be doing sometime in the nearish future that might
> be able to take advantage of a higher bandwidth, but I'm willing to
> move ~3GB over my 10MB pipe.  It's just text (my e-library), and if it
> takes several hours, so what?

Take this into consideration.  You do not want access to your local
machines to be limited by your upstream connection.  I am running into
this at home because I currently do not have a firewall/private lan set
up.  Each of my machines is grabbing an IP address from the ISP, and all
traffic is being routed by the ISP's router.  This is partially because
I have a really stupid HUB, and not a smart switch.

The simplest thing you can do to leverage what you currently have is to
use your Cisco 675 to do NAT and Firewall.  Buy a switch and Wireless AP
and attach your AP in bridging mode, which should let your Cisco assign
DHCP addresses to any device on the network.  Make sure you set up WEP
and Mac filtering in the very least (though neither are very secure).

If you want a Linux firewall, you can do more fancy security measures by
having a capture-portal based authentication.  WEP and Mac filtering are
pretty useless for authorizing individuals to your network, and you
can't do such advanced routing with the Cisco 675.  The cool thing about
capture-portals is that you can apply it to the full subnet if you want.
It doesn't matter if the user is on wireless or wired connections.

Look at NoCatAuth or similar capture portal software.  The TCWUG group
has some pretty good resources, too.

-- 
Chad Walstrom <chewie at wookimus.net>           http://www.wookimus.net/
           assert(expired(knowledge)); /* core dump */

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list