On 29-jan-2007, at 21:57, Kristian Lampen wrote:
Hi,
I plan to set up a home network, a little bit more than a DSL-
router-box
with the PC's connected to it. I could do so, but for reasons of fun
(hobby), the learning aspect and be in touch with future
technologies, I
want to do it more flexible and controllable.
This is my plan:
[WiFi Access Point]
|
| PC3 PC2 PC1 LAPTOP
| | | | |
[-------
Switch--------------------]
|
| NIC 1
|
[Debian Router]
|
| NIC 2
|
[DSL-Modem]
|
|
outside(WAN)
All network interfaces should be Gigabit-interfaces.
So, my questions are:
1. Is this network setup realisable?
as others have writte already; yes. to make things simpler, make sure
you bridge the dsl-modem; they tend to come routed.
2. Is it correct to place the WiFi Access Point connected to the
switch,
or better directly to the Debian Router?
Best would be to have another NIC on the router for the WAP (or use a
PCI WLAN card), so you can have stricter rules in the FW for wireless
clients. For instance, allow only certain (DHCP per mac address
assigned) IP's to access the LAN from the WLAN and let others only
access the WAN. WLAN in inherently less secure than wired networking,
so it'd be nice to keep them separated.
3. I want to have the possibility to see the whole network traffic
with
the router. Not only the traffic from the PC's through the router
to the
outside world. How can I manage this? Do I have to buy a switch
with the
port-mirroring feature? If so, how do I have to connect it to the
Router?
I've read something about using an old non-switching hub attached to
your network and an old cpu, running snort. This way you should be
able to sniff all traffic. Dunno much more about it tho, never tried
it myself.
4. Does someone have examples for Switches I could use?
AFAIK, just plain vanilla switches should do, unless you'd want to
fiddle with vlan...
HTH,
Peter
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
