Code Forums - View Single Post

technobard · 12-17-2006, 02:14 PM

I have long resisted wireless. I have Cat 6 connecting the basement to the 2nd floor, but I have recently revisited the idea of occasional wireless. I'd like to keep it on a separate network with a bridge and firewall between the two. This is what I'm thinking:

1. Wireless Access Point with integrated switch on 192.168.15.x (or whatever)
2. A Linux PC (possibly a virtual machine) with 2 NICs: 1 NIC plugged into WAP ethernet port; the 2nd NIC connected to a switch that is part of wired LAN (192.168.1.x)
3. PC is running firewall proxy server (something like Endian or Smoothwall??)

To top it off, I'd like to require a username / password to gain access to the proxy server, so some sort of authentication.

Does this sound like a reasonable approach? Any particular recommendations? I thought about using IPSEC, but that sounds like too much configuration on the connecting PC end. I'd like the flexibility of allowing visitors to use the wireless LAN without a lot of work on their part.

Thanks for any suggestions.

12-17-2006, 02:14 PM	#1 (permalink)
technobard Centurion Nova Prime Join Date: May 2002 Location: Oak Park, IL (USA) Posts: 285	Wireless: Separation of Church and State I have long resisted wireless. I have Cat 6 connecting the basement to the 2nd floor, but I have recently revisited the idea of occasional wireless. I'd like to keep it on a separate network with a bridge and firewall between the two. This is what I'm thinking: 1. Wireless Access Point with integrated switch on 192.168.15.x (or whatever) 2. A Linux PC (possibly a virtual machine) with 2 NICs: 1 NIC plugged into WAP ethernet port; the 2nd NIC connected to a switch that is part of wired LAN (192.168.1.x) 3. PC is running firewall proxy server (something like Endian or Smoothwall??) To top it off, I'd like to require a username / password to gain access to the proxy server, so some sort of authentication. Does this sound like a reasonable approach? Any particular recommendations? I thought about using IPSEC, but that sounds like too much configuration on the connecting PC end. I'd like the flexibility of allowing visitors to use the wireless LAN without a lot of work on their part. Thanks for any suggestions. __________________ It takes 2 points to draw a straight line, but at least 3 points to draw a conclusion.