Date: Mon, 18 Feb 2002 00:03:31 -0800 From: Alfred Perlstein <alfred@freebsd.org> To: security@freebsd.org Subject: using ipsec on dynamic addresses? Message-ID: <20020218080331.GT12136@elvis.mu.org>
next in thread | raw e-mail | index | archive | help
I'm looking to secure a wireless LAN. It looks like this: _______________________ _____________ / Wireless Lan \ \ / / xl0->DSL/internet < >- _|_<-ethernet->fxp0 router xl1->LAN \ Laptop-A Laptop-B etc / wireless \____________| '---------------------' base-station What I think I want to do is: block traffic going _through_ fxp0 but not _into_ fxp0, generate keys for each laptop on the router, give each laptop its own key, have the laptops DHCP an address, have laptops authenticate via the key and negotiate secure connections, finally be done with this nightmare. I don't really need any hooks into dhclient I think I can figure that out on my own, it's just the key generation thing and dynamic addresses that seem to be a real pain. Anyone aware of any howtos on doing this? thanks, -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020218080331.GT12136>