Wireless router?

Corey Chandler lists at sequestered.net
Sat Dec 27 19:24:42 UTC 2008

Roger Olofsson wrote:
> Corey Chandler skrev:
>> Nerius Landys wrote:
>>> Thank you all for your suggestions.  This will be a project for me
>>> over the holidays.  I decided to go the standalone wireless router
>>> approach.  
>> Good man!
>>> I will need to figure out how to configure my standalone
>>> wireless router to "pass everything through" to the internal LAN that
>>> I already have.  
>> It's called "Bridge mode" on most APs-- it does exactly what you 
>> describe.  Just make sure things like "DHCP server" are turned off or 
>> you'll see some... odd breakages.
>>> Also I don't know too much about security, like how
>>> to prevent eavesdroppers from connecting to my internal network.  One
>>> of you mentioned access lists, and I assume that means I tell the
>>> wireless router which MAC addresses it accepts, and nothing else.  
>> Ugh.  MAC addresses are trivial to spoof-- I usually don't bother 
>> with using them for security, although I do use 'em to ensure that 
>> particular machines always inherit particular addresses.
>>> Is there any other way to provide security?  Like a password-protected
>>> network?  What are the buzzwords for these security schemes?  Which
>>> security scheme do you recommend for preventing random people within
>>> proximity from connecting to my internal netowrk?
>> Absolutely.  Google for WPA or WPA2; WEP has been broken and is 
>> trivial to bruteforce, so I'd not bother with that.
>> Once you get the unit in, feel free to email me off list for 
>> configuration questions; it sounds like a fun project!
>> -- CJC
>> _______________________________________________
>> freebsd-questions at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to 
>> "freebsd-questions-unsubscribe at freebsd.org"
>> ------------------------------------------------------------------------
>> No virus found in this incoming message.
>> Checked by AVG - http://www.avg.com Version: 8.0.176 / Virus 
>> Database: 270.10.0/1861 - Release Date: 2008-12-22 11:23
> Hello Corey,
> I don't use 'bridge mode'. I set a normal LAN ip for the wifi router - 
> as well as ips to the FreeBSD gateway and dns. This is for the LAN 
> part of the router - then another internal LAN ip for the wifi part.
> To examplify.
> Wifi router LAN part - ip, gateway, dns 
> and
> Wifi wifi part - network -
The problem with doing that is a lot of systems start throwing weird 
errors in a double NAT environment.   I'd probably avoid that step and 
restrict wireless to its own VLAN if I were to go that route...

More information about the freebsd-questions mailing list