I don't know how adventurous you feel, but as long as the the old gear supports L2TP pass through, you could consider trying npppd. Although, it requires some preparation work like adding PIPEX to the generic kernel and building npppd from the source code. Another option is to investigate using OpenVPN if you can add a rule to the old wireless gear to pass UDP 1194. If you are interested, I have OpenVPN config files to share because it is the solution I use for wireless security.
________________________________ To: misc@openbsd.org Sent: Friday, September 9, 2011 2:33 AM Subject: Security over wireless. Hi. I'm using some old gear that doesn't support WPA or better (WEP only). Until I get around to that what are my options security wise? Here's the machines: inet <-> OpenBSD <-> CPE AP <-> USB <-> OpenBSD <-> desktops The AP is some Cisco or something. Like those WRT54s and whatnot. I notice it has options for L2TP pass through and maybe IPSEC and PPTP. I'm not really sure how they work that (no man pages of course). The USB stick is old and WEP only (Netgear MA111). I have control over all the machines It's a bit dual purpose - it's my route to the internet so I figure encrypting/decrypting at the OpenBSD machines or tunneling between them or something is probably good but the plan is also to access the immediate inet OpenBSD machine from the desktop end OpenBSD machine via SSH at some point but I'm not sure if that matters. I'm unfamiliar with all of that (yes even SSH). I'd like to use something that's in base at a minimum. If it's conceptually simple that's a bonus. Best wishes.
