On Mon, 29 Jan 2007 23:25:18 +0100 Peter Teunissen <[EMAIL PROTECTED]> wrote:
> Best would be to have another NIC on the router for the WAP (or use > a PCI WLAN card), so you can have stricter rules in the FW for > wireless clients. For instance, allow only certain (DHCP per mac > address assigned) IP's to access the LAN from the WLAN and let others > only access the WAN. WLAN in inherently less secure than wired > networking, so it'd be nice to keep them separated. I would second this suggestion. I have my Debian firewall (Sarge using the Shorewall package) configured this way and it has not caused me any problems. It allows me to open my wireless access for guests without exposing my wired file and print server for public access. -- Bill Thompson [EMAIL PROTECTED]
signature.asc
Description: PGP signature
