[ previous ] [ next ] [ threads ]
 
 From:  "James W Harrington" <jamesh at thefifthrace dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] IPSEC Question
 Date:  Wed, 27 Sep 2006 08:41:21 -0400
I think you are right about it being pointless.  Having just drawn the
diagram to explain it someone else the only place the traffic would be
encrypted would be between the two interfaces.

Thanks for the feedback anyway

James

-----Original Message-----
From: Kimmo Jaskari [mailto:kimmo dot jaskari at gmail dot com] 
Sent: 27 September 2006 13:31
To: 
Subject: Re: [m0n0wall] IPSEC Question

On 9/27/06, James W Harrington <jamesh at thefifthrace dot com> wrote:
> This may be a crazy idea but I am looking at whether or not is
possible to encrypt my wiress traffic using a IPSEC tunnel from the
Captive Portal Interface on my m0n0wall to the WAN Interface.  Currently
I have approx 100 users using captive portal which rules out using WEP
or WPA (I dont want to have to keep giving out the key.. hence my use of
captive portal.)
>
> But I was wondering if I can create what would effectivly be a site to
site VPN between the two interfaces??

From what I can read of your message (assuming I'm not
misunderstanding you), the encryption would be  from interface to
interface in that case, ie entirey internal to the firewall. I don't
know if it can be done, but I do know it would be pretty pointless -
nobody is likely to be logged in on the firewall and snooping what is
going on inside it. :)

The traffic that needs encrypting is the traffic going over the
airwaves from the wireless access point to the wireless device that is
communicating with it.

-- 
-{ Kimmo Jaskari }--{ kimmo dot jaskari at gmail dot com }--

Progress isn't made by early risers. It's made by lazy men trying to
find easier ways to do something.
  - Robert Heinlein

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch