Guest network on corporate LAN - options for security
Kurt Buff
kurt.buff at gmail.com
Wed Feb 6 19:47:43 UTC 2013
On Wed, Feb 6, 2013 at 11:38 AM, Adam Vande More <amvandemore at gmail.com> wrote:
> On Wed, Feb 6, 2013 at 1:29 PM, Kurt Buff <kurt.buff at gmail.com> wrote:
>>
>> All,
>>
>> If this isn't the right list for this, please let me know.
>>
>> Quite some time ago, I set up an unsecured guest VLAN in our network,
>> providing wireless access to all of the sundry devices that staff and
>> visitors carry. I set up a small FreeBSD machine to serve IP addresses
>> via DHCP, and that was dead simple.
>>
>> However, there are now other tenants in our building, and the subnet
>> is getting too much bandwidth and address consumption - the range I
>> set up is completely filled, and the VLAN is consuming about half of
>> our Internet pipe, which is far too much for my comfort.
>>
>> I suspect the other tenants are leeching.
>>
>> Does anyone have ideas on how I can leverage that FreeBSD box to control
>> this?
>
>
> If it were me, I would consider replacing the FreeBSD Box with PfSense. It
> has a lot of managment features built in so if you're looking to get those
> without a big time sink otherwise, something like that is the way to go.
Thanks.
I'll take a look at that.
Kurt
More information about the freebsd-net
mailing list