[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] OT: Large Wireless Network on the Cheap
|
Aaron Crosman wrote:
For the exact reasons stated above the wireless network is physically
separated from our main network. Runs through a different firewall, and
has no access to our main network. I knew better then to trust myself
to run a secure wireless network from the time I read my first article
on them. While this does open up the risk of outsiders getting on the
network, I'm willing to run those risks.
So, what will the wireless network be used to access? The Internet?
Workgroups?
The building we operate is somewhat unique in that we are the largest
tenet, and co-owner's of the building with the other large tenets. The
conference rooms are all shared between all residents, and since most of
the organizations (maybe all) are non-profits we have a large number of
volunteers that pass through for work and meetings. We'd like to be
able to extend wireless access to those folks with a minimum of effort.
Over time I expect my main system of limiting unwanted guests on the
wireless will be to control signal bleed.
How about a portal which requires a password? Maybe NoCatAuth?
As for encryption I've been torn about what's the right approach. Since
WEP only keeps the honest people honest is it worth the effort with lots
of independent base stations. I've been inclined to set it up with WEP
and change the password rarely (if ever) so the network LOOKs encrypted
to those sniffing and as I said, keeps the honest people honest. Our
users all can use a VPN to our main network if they need proper access
(and security that take real skills/experience to over come).
A VPN server would be very nice. I would move in that direction. Which
OSes do your client computers run?
How would you manage WEP for so many devices?
The other element I have considered, but know almost nothing about is
using a Radius server. Has anyone used FreeRadius? On wireless? How
much of a hassle is it to setup and run? My understanding is that it
might give me a better chance on limited network access but I haven't
really been able to wrap my head around the administrative implications.
I'm waiting for a reply, too. ^_^
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|