[Techtalk] Designing a Wireless Network
Elwing
elwing at elwing.org
Mon Oct 15 20:43:51 UTC 2007
On Oct 15, 2007, at 1:49 PM, Kai MacTane wrote:
>
> Internet ------ DSL modem --- switch ------- FINROD
> |
> |
> GALADRIEL
> |
> switch
> |
> --------------------------------- wireless AP
> | | |
> various Windows workstations
> |
> |
> printer
>
> [end monospaced ASCII art]
>
> However, there's one problem with all of the above setup: any machine
> that's connected wirelessly is on a different network segment from
> everything else. That means that not only can it not print, it also
> can't browse Galadriel's network shares, play MP3s, and so on.
>
> I'm trying to figure out the best way to get wireless machines on the
> same network segment with everything else. So far, my ideas have
> included:
See if your WAP supports "bridged" mode. It will basically no longer
be a router, and will pass all traffic between the network segments.
This has a few implications:
1) you need a DHCP server on the network to serve the wireless
devices (if necessary)
2) random sniffers/onlookers will have access to your wired network -
which may or may not be desirable
Another option is to have a VPN concentrator (server) running on the
wired network that will allow the wireless devices to become part of
the wired network, while still keeping the non-permitted wireless
devices out.
I personally use bridged mode on my WAP and assume that anyone on my
internal network is malicious, so everything's protected. YMMV
according to your needs.
Elwing
More information about the Techtalk
mailing list