You know, I have been thinking about this 802.11 stuff.
I recently came across a post somewhere, (probably slashdot) that talked about a solution to the whole problem with WEP not being secure and all. Basically, the idea is that you don't use WEP (or at least not only WEP) for the encryption.
Now that might seem obvious, but it leads to the question, "How can I easily manage an alternate encryption scheme?" Naturally, you'd be using a firewall between your LAN and the wireless network. But previously, I had always had to give it some thought, like "Oh, we'll have to only allow certain IPs through, and how do we make sure that those IPs are ours, and not being spoofed, etc." But then I read that posting.
Basically, the gist of it is this: you set up your wireless network, and allow only packets for PPTP (or IPSec) through the firewall. Then you VPN through the firewall into your wired LAN.
It's so simple. :)
In a VPN, you are connecting over an untrusted network, into a trusted one. Typically, these are the Internet and your office LAN, respectively. In this case, we just use a different untrusted network. Instead of the internet, it is the wireless LAN.
If there is ever a demand for wireless connectivity at work, I know what I'm doing.
Posted by jshare at September 16, 2001 05:02 PM