[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: 802.11 gateway/authpf
- From: "Sancho2k.net Lists" <lists_(_at_)_sancho2k_(_dot_)_net>
- Date: Wed, 30 Jul 2003 21:47:25 -0600
I've been considering implementing OpenBSD as a wireless access point.
It would be a simple setup with one interface into the wired net and one
802.11b adaptor. My main concern would be unauthorized Internet access
through my wireless network; in other words, should someone crack the
wep and associate with the AP, I don't want them to get past the AP to
the rest of the wired net or out the Internet.
I was thinking of running pf and opening access only once a user has
authenticated through SSH to give them access through authpf. This way
thier access to the wired net is more difficult to obtain since it is
based upon a password or ssh key. All access through the OpenBSD AP is
blocked until they successfully authenticate.
This is really planned to be a temporary solution until IPSEC can be
implemented. Are there any inherent flaws in this scheme besides the
fact that the traffic on the wlan can be intercepted, if there is no
wep/insecure wep? I hope to minimize the traffic that comes onto the
wlan to broadcasts only (or native wlan traffic) by connecting the AP
into a switch rather than a hub.