On Sat, 22 Jan 2005 12:23:30 +0800, John <naverxp at yahoo dot com dot sg> wrote:
> (Should i put AP users under another
Definitely. I wouldn't do it any other way. Throw in a third
interface and put the AP on that, use captive portal with RADIUS HTTPS
authentication and don't bother with VPN. Test the rules to make sure
the AP's subnet can't get to the LAN.