[ previous ] [ next ] [ threads ]
 From:  Vittore Zen <drzen at gamebox dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Best practices for wifi hotspot with m0n0wall
 Date:  Fri, 14 Jan 2005 09:21:22 +0100

mynetwork  with  <-> m0n0 <-> switch
radius server &              |  | |
def. gateway                 ap1 | |

(the same that 
http://www.tomsnetworking.com/Sections-article92-page3.php but more 
access points)

What is the best practices for wifi hot spot with m0n0wall?

My choiches are:
- no WEP in wifi access points
- captive portal with radius (and https?)
- dhcp server
- block every ip of mynetwork (to hotsport subnet) except default 
gateway destination.
- the same SSID on ap1, ap2, ap3 (are linksys)
- the same channel on ap1, ap2, ap3
The main ideas are:
- friendly for users
- accettable security policy

Thanks in advance