[MLB-WIRELESS] Wireless connection of 2 wired networks

[Jason Hecker]

In answer to your questions below, running the wireless cards in bridge mode, 
even with WEP (which isn't the best encryption about) can lead to a 
compromise of the link if someone were so determined to break in.  An option 
would be to use OpenVPN ( http://openvpn.sourceforge.net ) and set up bridged 
tunnels using it.  OpenVPN supports bridging but lets you use a faaar more 
secure link with tried and true OpenSSL protocols and also has the optional 
added benefit of compression to boot.  I've only just started looking at 
OpenVPN myself and have yet to implement it myself but you could do the 
following (someone correct me if I am wrong on details).

Link the two wireless cards together chatting in ad-hoc mode over their own 
unroutable subnet.  Set up OpenVPN tunnel devices at each end and bridge them 
to the local ethernet cards.  Configure the OpenVPN tunnels to chat through 
the unroutable interfaces (which would be the wireless cards).

This way any unwanted traffic from a renegade card in adhoc mode would not 
have it's packets forwarded onto your network (especially if you enforced 
this with appropriate firewall rules) and the traffic could be happily 
snooped without very much risk of the data being cracked.  You probably 
wouldn't even have to set up WEP and it'd be redundant and may slow the link 
anyway due to WEP overheads.

Sorry it's light on detail but that's the concept and would do exactly what 
you are after and meet your criteria.

OpenVPN works on Windows, whateverBSD and Linux.

> 1. Snoopers - can someone listen in to the traffic going back & forth
> between the AP's in bridge mode? If so, what options are there for
> encryption?
>
> 2. Hackers - can someone with a wireless card break into either end of the
> bridge and get into the network?


To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message