|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
RE: Using PPPoE to secure Wireless LANs?
Date: Mon Jan 20 2003 - 08:51:16 EST
And why would you be telling me how it should set up the list and how it
replies since it is not my list.
Bob
http://www.canadianisp.com - Compare Internet Service Providers anywhere
in Canada
http://www.carricksolutions.com - The largest PPPoE / Broadband Help
Website
-----Original Message-----
From: owner-pppoe@ipsec.org [mailto:owner-pppoe@ipsec.org] On Behalf Of
John Tully
Sent: Monday, January 20, 2003 8:48 AM
To: pppoe@ipsec.org
Subject: RE: Using PPPoE to secure Wireless LANs?
Hello Bob,
>No. If you want me to review it you send it on hardware. I get
>not put myself out even 600 bucks for hardware so you can take full
>advantage of the exposure it would receive on my website.
Our system goes on any PC based hardware -- so it can be experimented
with
on an old computer system. It is quite easy to do, we have about twenty
new demo users a day -- very few complaints.
About the list-replying, I meant that when you reply to an email from
the
list, it is automatically addressed to the person that wrote the email
to
the list. It should be that the "reply-to" field in the email has the
address of the list. This is how 90% plus list are configured.
John
www.mikrotik.com
>John Tully
>Sent: Monday, January 20, 2003 7:52 AM
>To: Bob Carrick; pppoe@ipsec.org
>www.mikrotik.com If you want the unlimited (up to 5000) clients, it is
>is an open list, then I think price discussion is normal.
> >VIA (like Celeron). Unlimited PPPoE connections.
> > > > layer, using MS-CHAP-v2 as the authentication mechanism. As
> > > > already
> > > > the same IP network regardless of his physical location.
> > > >
> > > > The encryption is MPPE-128bit. AFAIK, MPPE can be reconsidered
> > > > safe
> >
> > > > at 128-bits in stateful mode. However, the system is designed
> > > > such that we could use any(?) VPN protocol in place of PPTP; we
> > > > only use PPTP because it's available in all the Windows clients.
> > > >
> > > > We use RADIUS for all AAA.
> > > >
> > > > I have packaged the software that provides this service into
> > > > Linux-based router (incidentally, using Roaring Penguin's
> > > > excellent PPPOE
> > > > implementation) that runs off a live CDROM. If anyone's
> > > > interested
> >in
> > > > giving it a whirl, drop me a line. Please be aware that this is
> >only a
> > > > beta at the moment, and so a degree of familiarity with VLANs,
> >RADIUS
> > > > and IP is essential.
> > > >
> > > > cheers, josh.
> > > >
> > > > On Mon, 2 Dec 2002, Rui Carmo wrote:
> > > >
> > > > > Hello,
> > > > >
> > > > > I'm not sure if anyone on this list is aware of a recent
> > > > > Slashdot
> > > > > post:
> > > > >
> > > > > http://ask.slashdot.org/askslashdot/02/12/01/2333218.shtml?tid
> > > > > =1
> > > > > 72
> > > > >
> > > > > It was intriguing enough for me to start pursuing the same
> > > > > solution, and I believe to have pieced together most of what
> > > > > is necessary (and share mostly the same doubts).
> > > > > DHCP, no nothing, so there is no easy way to have access
> > > > > without
> > > > > for
> >
> > > > > them
> > > > > - changing keys every month - is a nightmare, 802.1x and a
> > > > > bunch
> >of new
> > > > > stuff is daunting, to say the least...]
> > > > >
> > > > > - Full session control (IP address assignments, traffic
> > > > > accounting, sessions only allowed during office hours, etc.),
> > > > > same
> >
> > > > > as any remote access server.
> > > > >
> > > > > [I like this bit. I have to manage a number of dial-up
> > > > > accesses,
>
> > > > > and integrating the lot would be great.]
> > > > >
> > > > > - Cheap (server packages available for Linux and FreeBSD, any
> > > > > box can take the load)
> > > > >
> > > > > [I've read through this mailing list's archives and seen the
> > > > > numerous "look at our products" replies. Please refrain from
> > > > > saying anything of the sort just yet - I'd like some unbiased
> > > > > discussion first :)]
> > > > >
> > > > > - No proprietary IPSec tricks required - yes, I've considered
> > > > > it
>
> > > > > as an option, but remember, my users are Windows users, and
> > > > > PPPoE has the advantage of removing all IP addresses from the
> > > > > WLAN segment.
> > > > >
> > > > > [I'm considering VPN/PPTP myself, but IPSec seems to be the
> > > > > standard offer from most vendors]
> > > > >
> > > > >
> > > > > Disadvantages:
> > > > >
> > > > > - No PPPoE clients for PDAs (yet)
> > > > > - No published HOWTOs on PPPoE server setup under Linux
> > > > > (plenty of
> >
> > > > > DSL/PPPoE client info and at least one HOWTO for FreeBSD, but
> > > > > since PPPoE servers are mostly commercial products, no one
> > > > > wants
>
> > > > > to give away info for free)
> > > > >
> > > > > [I share this guy's lack of general info, if only for testing.
> > > > > There is not a single comprehensive HOWTO in sight that an
> > > > > on Slashdot was really useful _against_ it - just the usual
> > > > > 'google for it' replies...]
> > > > >
> > > > > - Rogue PPPoE Servers - not really an issue if you can filter
> > > > > PPPoE frames on the radio interface - and I can, so you need
> > > > > wired
> > > > > addresses without an established PPPoE session - so MAC
> > > > > spoofing is of very limited use).
> > > > > to be related to MPPE security (assuming filtering out rogue
> > > > > our stuff")?
> > > > >
> > > > > Thanks for any pointers,
> > > > >
> > > > > Rui Carmo
> > > > >
> > > > >
> > > > >
> > > >
> > > > ------------------------------------------------------------
Received on Mon Jan 20 08:51:55 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:43:06 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |