-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm pretty sure this is completely possible but I have not yet set it
up.  I am looking for confirmation and any tips prior to committing to
the solution.

I wish to create secure wireless access on the internal network.  Secure
in this case means:

- - All data between the wireless clients and the access point is encrypted.
- - Authentication of the wireless client is required, meaning if the
client does not have the right credentials, they cannot connect.

Here is my current plan.  Please shoot holes or add to the defenses as
you see fit:

Internet
 |
 |
Firewall
 |
 |
Switch
 | \----wired workstations and servers....
 |
WRT54GL running OpenWRT (or similar)
 |
VPN running in the WRT54GL
 ||
Wireless AP
 ||
 || (VPN connection)
 ||
Wireless client (Windows or Linux)
 ||
 ||
VPN client running in wireless client

Comments and Questions about the above:

1. Running the VPN in the access point seems the least likely to
complicate or disturb the wired network.

2. What firmware distribution is best for running a VPN (ipsec or other)
in the wireless router?

3. What client VPN software, especially for the Windows users, is
recommended?  OpenVPN (http://openvpn.se/) looks good but needs to work
with whatever VPN server is in the access point.

4. Any other tips?

Alan


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFFuUmRDQw/VSQuFZYRAuViAJ4tdhTFsqAchQBZ5yaKusKm++4lFgCfXBPV
H2YeQvo6OyNEBqEmujyG/28=
=EQap
-----END PGP SIGNATURE-----
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss