I'm about to test the Monowall in a slightly different scenario then what I
guess most of you guys do.
I am about to build a separate network for our viristors and guests. From
this Visitor network our guests should get Internet access but no access to
our company resources.
On this network I connect the Monowall LAN interface, enables DHCP and DNS
forwarding. I will also use the Captive portal function, forcing them to log
On my company network I connect the Monowall WAN interface.
With this setup there pop's up a couple of questions:
- Can I disable the Management on the LAN interface??? I do no want any
clever visitor trying to logon to the Monowall and changing stuff.
- When a user logs on to the Captive portal page, it performs a HTTP POST
sending the user ID and password in clear text. Any user with a network
sniffer will easily find the others credentials... Can this be changed into
a HTTPS-POST??? It would add a lot of security into it.
IT Security Coordinator
Flextronics Network Services