[ previous ] [ next ] [ threads ]
 
 From:  Jim Gifford <jim at giffords dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] mOnOwall and Wireless configuration
 Date:  Mon, 5 Apr 2004 17:17:52 -0400
You haven't said whether a cable run might be feasible for you, but
never underestimate the usefulness of a single fiber pair (might as well
pull 4 as one though).  You can use transceivers and get 10, 100, gig,
or higher.  You might be able to get such a cable buried for as little
as $1500, and it will scale much better than the wireless link.

Having said all that, wireless should be more than adequate for a
simple link.  802.11b will limit you to about 5-7Mib/sec throughput
after overhead.  802.11a and 802.11g claim as much as 108Mib/sec in
proprietary x2 connections.  Expect to see much less than that in actual
throuput though.

WEP is a joke, if you use a wireless link with WEP as the primary link
between the two buildings, and have any significant level of traffic,
it can easily be compromised.  If you have sparse traffic, it just takes
a little longer to break the keys.  Use strong security on top of the
wireless (like IPSec for example).  Assume that anyone within 10 miles of
your link will be able to see the traffic and attempt to steal the data.
Paranoia isn't always a bad thing.  *grin*

One advantage wired/optical has over wireless is the difficulty of tapping
into the link.  Additionally, with transceivers, it looks like just
another link between switches, as opposed to having to do some routing.
You could purchase a 100mbit or even 10mbit transceiver for each end to
save money this year, and next year buy switches for each end that have
gigabit fiber capability to link the buildings.  Wireless will be more
difficult to upgrade that way.

Make sure you check the legal issues too before you get started.
I know of at least one medical facility that has had to deal with HIPPA
violations, and it isn't a fun task.

Good luck with your project.

jim gifford

On Mon, Apr 05, 2004 at 02:05:45PM -0700, John Andrunas wrote:
> I am not particularly familiar with HIPPA requirements, but I hope that 
> plain old WEP, doesn't meet the security requirements.  Heck I would be 
> a lot more comfortable running some Cat 5/6 across the way if it is only 
> 30 yards.
> 
> David Rodgers wrote:
> 
> >On Mon, 2004-04-05 at 15:36, James Adams wrote:
> > 
> >
> >>Hi all,
> >>I'm the MIS Director for a small, rural, non-profit community mental 
> >>health
> >>center. We have recently purchased a building adjoining our current
> >>building--approx 30 yards between the buildings. Rather than purchasing 
> >>one
> >>of the embedded mOnOwall appliances for wireless network connectivity,  I
> >>was wondering if I could install mOnOwall on two PII machines that I have
> >>and accomplish the same thing? 
> >>   
> >>
> >
> >Absolutely! Yes you can do exactly what you are trying to do! :-)
> >
> >
> > 
> >
> >>
> >>I'm not unfamiliar with networking, IPTables, etc., but very unfamiliar 
> >>with
> >>wireless; but I do know that I need WEP. 
> >>   
> >>
> >
> >Instead of WEP though you could setup your m0n0walls at each site and do
> >gateway to gateway VPN with ipsec to protect your traffic. I assume that
> >this will be patient data and such going back and forth? I would not
> >entrust WEP to keep something like that safe from prying eyes.
> >
> >
> > 
> >
> >>And I do know that I will need
> >>cable, antennas etc..  
> >>   
> >>
> >
> >You could probably accomplish this best with a pair of PC's running
> >M0n0wall and 2 cisco or (insert other company name here) external
> >wireless bridges from ebay. If the total distance is 30 yards and line
> >of site is good the cute little rubber ducky antenna that comes with it
> >will be fine. 
> >
> > 
> >
> >>A local vendor is trying to sell us a Linux-based
> >>software package, Star-OS, running on my old PIIs  for about $1600. 
> >>Another
> >>is trying to sell us a 3com solution for about $2300. I have a sneaking
> >>suspicious that I can do this with mOnOwall. Our state is in the midst of 
> >>a
> >>budget crisis and my IT funds are being slashed dramatically.
> >>   
> >>
> >
> >It's scary what people will try to sell you these days.
> >
> >That being said if you don't feel comfortable fitting all of this stuff
> >together and making it work commercial solutions can save your life. 
> >
> >
> >
> >David Rodgers
> >
> > 
> >
> >>
> >>TIA for any advice,
> >>
> >>Jim Adams 
> >>MIS Director 
> >>Comprehend, Inc. 
> >>Maysville KY 
> >>
> >>
> >>---
> >>Outgoing mail is certified Virus Free.
> >>Checked by AVG anti-virus system (http://www.grisoft.com).
> >>Version: 6.0.647 / Virus Database: 414 - Release Date: 3/29/2004
> >>
> >>   
> >>
> >
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> >For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> > 
> >
> 
> -- 
> 
> John Andrunas
> IT Engineer
> Treyarch Corp
> 310.664.5907
> andrunas at treyarch dot com 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>