This is a discussion on Re: [fw-wiz] Locking down public wireless access - Firewalls ; Chris Bills wrote: > [snip] > > ideally, we would like to implement a system in which the user will > connect to un-encrypted wireless, but any attempts to get out will be > redirected to the authentication page. Once ...
> ideally, we would like to implement a system in which the user will
> connect to un-encrypted wireless, but any attempts to get out will be
> redirected to the authentication page. Once the user logs in, they
> will be given the WEP key of the day, and then they will have
> unrestricted access.
WEP is not secure. WEP keys can be broken in as little as minutes,
given sufficient traffic volume. Use WPA or WPA2.
> I'm investigating the usage of Linksys WRT45G routers, with a modified
> firmware, but I have no actual experience with this.
The "stock" WRT54G firmware can do WPA-RADIUS, IIRC. I believe this is
what you want. WPA-PSK would be a PITA in your environment.
Particularly if you'll have more than one AP.
> If you have any suggestions for hardware, or existing documentation
> floating on the net about how to achieve this sort of setup, please
> let me know.
Here's a previous firewall-wizards reply:
Here's a link to the LinkSys WRT54G product page, whence you can fetch
the user's manual:
At home I'm using a WRT54G with WPA-PSK. At work the experimental
wireless network is using a NetGear FWAG114 with WPA-PSK. I'll be
converting the home WLAN to WPA-RADIUS in preparation for doing the
same at work.
firewall-wizards mailing list