[svlug] Advice wanted regarding setting up WiFi
sverma at sfsu.edu
Wed Mar 31 18:53:25 PST 2004
William R Ward wrote:
>So I see two options:
> 1) Add a new firewall box between the cable modem and the WiFi
>station, and then our existing firewall between that and the wired
> 2) Add a second ethernet port to our Linux server and connect the
>WiFi to that, and use Linux's built-in firewall to control access.
>Either way, I would also want to set up something to provide
>authentication (NoCatAuth?) so only authorized users can use it.
If you run nocatauth, you can do the firewall stuff in it, as nocat is
mostly a iptables based conditional firewall. You can add your rules to
it. You could run it in open mode (asks the user to agree to an
acceptable use policy before continuing) or in captive mode, where they
users will need an account (just like t-mobile's hotspots). The traffic
is still unencrypted (nocat doesn't encrypt anything by itself), but you
could always add on the extra WEP +MAC solution. Let me know if you have
more Nocat questions...we've been doing it for a while.
>I have very little spare time to mess with this, so I want something
>that can be set up easily. I also don't have the budget to be buying
>a lot of hardware.
You could probably get away with an old laptop + two pcmcia ethernet
cards (Craigslist?). That's what I run at home.
>With these constraints in mind, what's the best solution?
Dr. Sameer Verma, Ph.D.
Asst. Professor of Information Systems
San Francisco State University
San Francisco CA 94132 USA
More information about the svlug