[ previous ] [ next ] [ threads ]
 
 From:  "Magne Andreassen" <magne dot andreassen at bluezone dot no>
 To:  "'Jim McBeath'" <jimmc at macrovision dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] wireless+IPsec+RedHat9?
 Date:  Tue, 2 Dec 2003 13:19:56 +0100 
Jim McBeath wrote:
> 
> Being the paranoid sort, I want better protection than WEP 
> provides. Ideally what I would like is, in effect, to have 
> the wireless port on m0n0wall bridged to the LAN port, but 
> with the wireless communication using IPsec.  I have been 
> looking through the m0n0wall list archive and browsing the 
> web trying to figure out how to do this, but as I'm sure 
> others have experienced, there is so much stuff out there, it 
> is hard to figure out what parts are relevant.
> 
> Is it possible to use IPsec in bridge mode, or do I need to assign the
> wireless card its own subnet and use routing?   Can I set up a tunnel
> from my wireless client to the m0n0wall box, have the packets 
> decrypted on the m0n0wall box, and then route/nat/firewall 
> them from there the same as for a wired connection?  Pointers 
> to documentation on how to do either of these would be appreciated.
> 
You must assign own subnet for wireless, optionally set up dhcp for it, 
and add some rules for wireless to allow PPTP traffic(TCP 1723 and GRE):
http://m0n0.ch/wall/list/?action=show_msg&actionargs[]=7&actionargs[]=04
(you dont have to add rules for DHCP anymore)

Magne