Slashdot Mirror

← Back to Stories (view on slashdot.org)

Securing Wireless Networks with IPSEC and FreeBSD

Posted by timothy on from the minding-inlets-and-outlets dept.

GoldenScrewdriver writes: "A colleague of mine has written an excellent article on how to secure your wireless network using an IPSEC VPN tunnel, NAT, and a FreeBSD firewall. With the inherent weaknesses of WEP, I thought this article might be interesting to those who prefer some privacy on their wireless link." If this might fit your situation, you might also find this earlier article interesting as well.

3 of 34 comments (clear)

  1. Just the info I've been looking for! by sclatter · · Score: 3, Interesting


    At work I've been running an IPsec VPN on FreeBSD for quite a while now. It's a great thing-- sort of tricky to set up but runs like top once it's up. I never was able to figure out how to work NAT into the picture, though. On Linux NAT and firewalling and FreeS/WAN are very well integrated, but on FreeBSD we use KAME which has a very IPv6 sensibility. No need for NAT in IPv6, so it just doesn't seem to play nice.

    This article explains the trick to it-- run NAT on the internal interface! Should have thought of that! :-)

    BTW, if anyone is curious KAME to FreeS/WAN VPNs work just fine. Ours was set up that way for quite some time.

  2. Another misleading article. by Rick+the+Red · · Score: 3, Insightful

    Sheesh! This is getting out of hand. GoldenScrewdriver writes
    "A colleague of mine has written an excellent article on how to secure your wireless network using an IPSEC VPN tunnel, NAT, and a FreeBSD firewall. With the inherent weaknesses of WEP, I thought this article might be interesting to those who prefer some privacy on their wireless link."
    OK, I admit, I missed the last word there, "link", and concentrated on the previous phrase "wireless network", which also appears in the subject ("Securing Wireless Networks with IPSEC and FreeBSD"). But, true to Slashdot form lately, this is not about securing wireless networks, it's about securing a wireless link between your firewall and your ISP. Yeah, right -- that applies to what, five people? V.s. hundreds running actual wireless LANs on the other side of the firewall?

    GIVE US A FUCKING BREAK. PLEASE make the subjects reflect what the story's really about, so we won't waste our time!

    "If this might fit your situation, you might also find this earlier article interesting as well."
    No, I didn't. That earlier article had nothing about encrypting wireless LANs, other than the helpful suggestion that you might want to consider it, and concludes with "Configuring IPsec is beyond the scope of this article." No shit.

    --
    If all this should have a reason, we would be the last to know.
  3. Re:My experiences with Windows XP Professional by glenmark · · Score: 2

    XP? Hate to break it to you, but XP is not a server OS. It does not provide server functionality. The follow-on to Windows 2000 server, .NET server, is yet to be released.

    --
    *** Quantum Mechanics: The Dreams of Which Stuff is Made ***