[Cialug] public/private wifi

Jeff Chapin chapinjeff at gmail.com
Thu Dec 31 11:26:27 CST 2009


DD-wrt can do this with virtual APs. I am not sure of the steps off the
top of my head, but I had this running at one point using this doc as a
basis:

http://www.dd-wrt.com/wiki/index.php/Separate_WLANs

Jeff

Josh More wrote:
> Several options.  For security, ALL of them should use WPA2, not WEP.
>
> 1) Use two WAPs.  Connect them to dedicated interfaces on a
> security/firewall box like Untangle or IP Cop.  Set the rules there.
>
> 2) Use one WAP, set it public with no connections anywhere else.  Set up
> a VPN connection with a client on your workstation to use the WAP to pop
> back in to your local network in a secure fashion.
>
> There are probably others, but anything that involves sharing a WAP for
> two security levels is probably unwise.
>
>
>
> -Josh More, RHCE, CISSP, NCLP, GIAC 
>  morej at alliancetechnologies.net 
>  515-245-7701
>
>   
>>>> Matthew Nuzum <newz at bearfruit.org> 12/31/09 11:17 AM >>>
>>>>         
> What's the ideal way to set up a public/private wifi network? Picture
> this
> scenario:
>
> You have a network that you want to allow people to access publicly.
> There
> is a shared wep key that you can tell people to use when they're
> connected
> to your network. Devices may be a PC or could be a phone, an iPod, a wii
> or
> whatever. However you don't want these people to use your printer or
> access
> your network shares. Being able to limit the bandwidth used by these
> devices
> is nice.
>
> You want it to be easy for the people who should be able to access these
> shared resources to get connected to them. They may be using Linux, Mac
> OS
> or Windows. Or they may be a wired or wireless printer (my HP printer
> uses
> wifi and saves scanned docs to a shared folder).
>
> What would you do? Assuming you have a common soho router (maybe openwrt
> compatible) a computer that can be used as a server (running whatever
> OS)
> and plenty of networking/linux experience.
>
>   



More information about the Cialug mailing list