[c-nsp] extending PVLAN to wireless?
Adam Greene
maillist at webjogger.net
Wed Nov 24 08:40:45 EST 2004
Have you looked at MikroTik? Runs on linux...
----- Original Message -----
From: "Ryan O'Connell" <ryan at complicity.co.uk>
To: "Bradley Urberg Carlson" <carlson at tcfreenet.org>
Cc: <cisco-nsp at puck.nether.net>
Sent: Tuesday, November 23, 2004 12:01 PM
Subject: Re: [c-nsp] extending PVLAN to wireless?
> On 23/11/2004 16:37, Bradley Urberg Carlson wrote:
>
> > I have used Private VLAN features to reduce virus activity in
> > convention centers, etc. I'd like to add open wireless access to some
> > of these areas. Is anyone familiar with an access point which
> > supports PVLAN-like end-node isolation, or "secure-ARP", or some other
> > method which might either prevent traffic between end-nodes, or else
> > force that traffic through a stateful-inspection firewall? Forcing
> > users to use a VPN client is not an option, as the hotspot needs to
> > appear open. Cost is a factor, so something simple like a "PVLAN
> > hotspot" AP would be preferable.
>
>
> On Cisco AP1100 and AP1200, you can use "bridge-group <group>
> port-protected" command to do this.
>
> You'll also need to consider the possibility that if you're using
> standard WEP, it's still possible for someone to pretend to be the
> access point and send data direct to another device if within range as
> they all share the same encryption key. (This isn't a standard feature
> of 802.11b, it would need some hacking to make work)
>
> --
> Ryan O'Connell - CCIE #8174
> <ryan at complicity.co.uk> - http://www.complicity.co.uk
>
> I'm not losing my mind, no I'm not changing my lines,
> I'm just learning new things with the passage of time
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> ---
> [This e-mail was scanned for viruses by Webjogger's AntiVirus Protection
System]
>
>
---
[This e-mail was scanned for viruses by Webjogger's AntiVirus Protection System]
More information about the cisco-nsp
mailing list