On 5 Jun 2006, at 21:14, Spruell, Darren-Perot wrote: > From: [EMAIL PROTECTED] >> WEP is pretty much out, WPA isn't supported, IPSec is probably too >> complicated for the general public to get going, and that's about >> it. If I can't do it in OpenBSD, I may have to use a >> separate access point, but I'd rather keep it all in one box. > > OpenVPN is a fairly good choice for this. Strong crypto options, very > minimalistic configurations can be used on both the client and > server side > of things, support for address pools, X.509 certificate > authentication or > static keys, works with NAT, and clients avaiable for popular > platforms.
Although a VPN is a possibility, I'm thinking more along the lines of a wireless hotspot than an extended network. I want to make it as plain and simple as possible for punters to walk in off the street and get internet access. No client downloads, no convoluted key setup process, just walk in, put the password in and go. I kind of want an excuse for this: http://www.flickr.com/photos/[EMAIL PROTECTED]/146733948/in/ set-72057594135255982/ I may have to settle for some token protection method, such as WPA, purely for the purposes of simplicity. Alternatively use a separate AP that supports WPA2 and a bunch of other protocols, and not bother trying to do it all in OpenBSD. Terms and conditions apply, your data is never totally secure, etc, etc. Shame really, one box would be better than two. Gaby -- Junkets for bunterish lickspittles since 1998! http://www.playr.co.uk/sudoku/ http://weblog.vanhegan.net/
