'Re: [IPCop-user] IPCop and Wireless Internet Access'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipcop-user
Subject:    Re: [IPCop-user] IPCop and Wireless Internet Access
From:       David W Studeman <dwstudeman () ovi ! com>
Date:       2011-09-08 20:24:52
Message-ID: j4b8ak$8lg$1 () dough ! gmane ! org
[Download RAW message or body]

Johnny wrote:

> With the help of a friend here on the list, here is what I did.
> 
> Ipcop box has 3 nic cards. Red, Green and blue.
> 
> Blue nic connects to a Linksys 54g wireless router.  The router is set to
> get it's IP from the ipcop box.
> 
> Ipcop box is 10.10.2.1 that users DHCP.  I have 10.10.2.3 set on the blue
> to
> give out IP's in the range.  Ipcop box handles green and blue DHCP.
> Also the only way someone can get on my network is when I give them access
> via the blue with their mac address otherwise they are out of luck.
> 
> Getting ready to build a 4 nic box with red, green, blue and orange for
> DMZ.
> 
> Hope this helps.
> 
> Johnny Miller
> millerj@cinci.rr.com
> gamer tag: wcso845
>  
> Lets find a cure for cancer together visit:
> http://www.worldcommunitygrid.org
>  
> 
> -----Original Message-----
> From: Eric Shubert [mailto:ejs@shubes.net]
> Sent: Thursday, September 08, 2011 10:34 AM
> To: ipcop-user@lists.sourceforge.net
> Subject: Re: [IPCop-user] IPCop and Wireless Internet Access
> 
> On 09/07/2011 11:13 PM, David Taylor wrote:
>> On 8/09/2011 1:32 p.m., Leon Moya wrote:
>>> Greetings List.
>>>
>>> I am currently gaining access to the Internet via a wireless broadband
> account (Vodafone Au)
>>> through a "Pocket WiFi 2" modem/router. (Huawei E585u-82)
>>>
>>> Work stations are connected by a variety of branded wireless USB
> adapter's.
>>>
>>> My question being, is there a method / devices that would allow me to
> protect the network
>>> behind an IPCop machine?
>>>
>>> Many Thanks for any forthcoming suggestions.
>>>
>>> Leon
>>> (Australia)
>> Does this device only provide Wifi out?  If so, you could get an Access
>> Point, like a cheap D-Link or something similar that can be configured
>> as a "Wireless Client".  (Pretend IPCop Red is an X-Box or similar that
>> needs Ethernet)  That wires up to Red on the IPcop and then you can put
>> another Access Point, or a switch, on the Green NIC and all the
>> workstations get reconfigured to point the Green AP, or switch's wired
>> network.
>> A bit messy :(
>>
> 
> True that. Putting a wireless AP on the green subnet pretty much defeats
> the purpose (additional protection) though, and goes against the idea of
> the green subnet being trusted.
> 
> If you connect the workstations via wired switch to IPCop green as David
> said, then you gain a little security in that each workstation is no
> longer vulnerable to wireless insecurities. You still have a single wifi
> hop on the red side, which is an improvement, but still not entirely
> secure.
> 
> Of course there are degrees of security. The only way I know of doing
> wifi with maximum protection is to use a VPN in conjunction with it,
> which is probably not possible with your Huawei device (just a guess -
> maybe it can).
> 

Before anyone goes further off the chart on a WiFi tangent, the OP is 
talking about cellular data to the IPCop machine and then using WiFi in 
IPCop to serve to the workstations, yes, IPCop has had this ability since 
1.4.18 and 2.0rc1 has the ability to change the flip flop modems we are 
deluged with now from the built in usb cdrom to usbserial modem via 
usb_modeswitch. For the OP, he would need a USB Cellular Data modem in IPCop 
itself and a wiFi bridge to connect to Blue and then connect all the 
workstations to Blue. The Huawei E585u-82 is useless for what you want to do 
unless it has a usb port where you can connect IPCop directly to the modem 
section. I have a backup/test machine I have been running Cellular Data on 
for quite some time and I connect to it via blue to stream music or surf 
when I feel like using some of my quota.

USB modeswitch is not automated yet so I just added the command to 
rc.event.local in 2.0rc1. Here is one session using a T-Mobile Rocket 3 
connected to usb 1.1 proving it is backward compatible to such:
http://www.speedtest.net/result/1465031221.png
-- 
Dave
http://www.raqcop.com


------------------------------------------------------------------------------
Doing More with Less: The Next Generation Virtual Desktop 
What are the key obstacles that have prevented many mid-market businesses
from deploying virtual desktops?   How do next-generation virtual desktops
provide companies an easier-to-deploy, easier-to-manage and more affordable
virtual desktop model.http://www.accelacomm.com/jaw/sfnl/114/51426474/
_______________________________________________
IPCop-user mailing list
IPCop-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipcop-user
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic