Wireless router?
Roger Olofsson
240olofsson at telia.com
Sat Dec 27 19:50:03 UTC 2008
Corey Chandler skrev:
> Roger Olofsson wrote:
>>
>>
>> Corey Chandler skrev:
>>> Nerius Landys wrote:
>>>> Thank you all for your suggestions. This will be a project for me
>>>> over the holidays. I decided to go the standalone wireless router
>>>> approach.
>>> Good man!
>>>> I will need to figure out how to configure my standalone
>>>> wireless router to "pass everything through" to the internal LAN that
>>>> I already have.
>>> It's called "Bridge mode" on most APs-- it does exactly what you
>>> describe. Just make sure things like "DHCP server" are turned off or
>>> you'll see some... odd breakages.
>>>> Also I don't know too much about security, like how
>>>> to prevent eavesdroppers from connecting to my internal network. One
>>>> of you mentioned access lists, and I assume that means I tell the
>>>> wireless router which MAC addresses it accepts, and nothing else.
>>> Ugh. MAC addresses are trivial to spoof-- I usually don't bother
>>> with using them for security, although I do use 'em to ensure that
>>> particular machines always inherit particular addresses.
>>>
>>>> Is there any other way to provide security? Like a password-protected
>>>> network? What are the buzzwords for these security schemes? Which
>>>> security scheme do you recommend for preventing random people within
>>>> proximity from connecting to my internal netowrk?
>>>>
>>>
>>> Absolutely. Google for WPA or WPA2; WEP has been broken and is
>>> trivial to bruteforce, so I'd not bother with that.
>>>
>>> Once you get the unit in, feel free to email me off list for
>>> configuration questions; it sounds like a fun project!
>>>
>>> -- CJC
>>> _______________________________________________
>>> freebsd-questions at freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>>> To unsubscribe, send any mail to
>>> "freebsd-questions-unsubscribe at freebsd.org"
>>>
>>>
>>> ------------------------------------------------------------------------
>>>
>>>
>>> No virus found in this incoming message.
>>> Checked by AVG - http://www.avg.com Version: 8.0.176 / Virus
>>> Database: 270.10.0/1861 - Release Date: 2008-12-22 11:23
>>>
>>
>> Hello Corey,
>>
>> I don't use 'bridge mode'. I set a normal LAN ip for the wifi router -
>> as well as ips to the FreeBSD gateway and dns. This is for the LAN
>> part of the router - then another internal LAN ip for the wifi part.
>>
>> To examplify.
>>
>> Wifi router LAN part - ip 192.168.0.20, gateway 192.168.0.1, dns
>> 192.168.0.10 and 192.168.0.11.
>>
>> Wifi wifi part - network 10.0.0.1 - 10.0.0.10.
> The problem with doing that is a lot of systems start throwing weird
> errors in a double NAT environment. I'd probably avoid that step and
> restrict wireless to its own VLAN if I were to go that route...
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
>
> ------------------------------------------------------------------------
>
>
> No virus found in this incoming message.
> Checked by AVG - http://www.avg.com
> Version: 8.0.176 / Virus Database: 270.10.0/1865 - Release Date: 2008-12-26 13:01
>
Hello Corey,
There is no double NAT involved.
/Roger
More information about the freebsd-questions
mailing list