[TriLUG] Dual Network Question

Michael Lee melee3 at ncsu.edu
Tue Mar 15 14:55:59 EST 2005


> Since wireless isn't nearly as secure as wired, running wireless on
> a separate subnet actually does make sense from a security
> standpoint.  But, it would be nice to combine that with a good
> VPN setup where you could run a laptop through the wireless
> but still make it show up in the local network and have all the
> same services it would have if it were connected to the wired
> network.  Unfortunately, setting that up ins't nearly as easy as
> setting up a wireless access point.  If anyone's got something
> like that setup, I'd love to hear about it.  (Note, btw, that I'm
> not talking about SSHing into the network.  I'm looking for
> nothing less than a full VPN setup where the wireless laptop
> through the VPN ends up on the same subnet as the internal
> network.)
>
> Cheers,
> Tanner

Tanner,

I have a similar setup with my home network.  Due to security reasons, I
decided to leave the wireless network separate from my LAN.  The way I
access services on the LAN is by hard coding the domain names into the
/etc/hosts file.  This works fine, I can print, view webpages, rDesktop,
and access any other servers on the LAN from my wireless network.  Note
however, that some services (such as NFS) don't work because they connect
back to ports on the private network (the LAN still cannot connect to the
wireless network).  For example, to connect to a samba printer from the
wireless network, //melee/samsung would work since 'melee' is in the
/etc/hosts file with the valid IP address.

This gives the added security of obscurity (which I admit, isn't actual
security).  If anyone were able to break my WEP encryption and spoof a
valid MAC address, then they wouldn't be able to access any computers on
the LAN unless they knew their MAC addresses.  That and it would be a lot
easier to log into my neighbors unsecured WLAN...

--
Michael Lee
Network Engineering
Electrical and Computer Engineering Department
NC State University
melee3 at ncsu.edu




More information about the TriLUG mailing list