I recently purchased a wireless card (Netgear MA311) for my m0n0wall
box (Soekris net4501). Happily, installing it was very easy, and I was
quickly able to get it talking to a wireless card in my laptop using WEP.
Being the paranoid sort, I want better protection than WEP provides.
Ideally what I would like is, in effect, to have the wireless port on
m0n0wall bridged to the LAN port, but with the wireless communication
using IPsec. I have been looking through the m0n0wall list archive and
browsing the web trying to figure out how to do this, but as I'm sure
others have experienced, there is so much stuff out there, it is hard to
figure out what parts are relevant.
Is it possible to use IPsec in bridge mode, or do I need to assign the
wireless card its own subnet and use routing? Can I set up a tunnel
from my wireless client to the m0n0wall box, have the packets decrypted
on the m0n0wall box, and then route/nat/firewall them from there the same
as for a wired connection? Pointers to documentation on how to do either
of these would be appreciated.
My laptop with the wireless card is running RedHat9, so I think I need to
use FreeS/WAN on that end. I found some documentation that tells how to
connect two systems both running FreeS/WAN, but I didn't see how those
settings mapped to the items settable in the m0n0wall IPsec interface.
Can anyone point me to a document that tells how to make FreeS/WAN work
with the IPsec stuff in m0n0wall? Is there something that would be easier
or better than FreeS/WAN, given that I am only trying to encrypt traffic
to the m0n0wall box, and not out over the WAN?