>> My Gentoo router's wireless network is encrypted via WPA and doesn't >> DHCP. I'd like to take this a step further in case my WPA key gets >> hacked. Can I issue only certain IPs to certain MAC addresses? >> >> Does WPA2 require hardware support? > > I don't think so. It should just be a driver/firmware update if you've > got some device that supports WPA and not WPA2. The AES encryption of > WPA2 requires a little more hardware power than WEP or WPA normally > uses, but I don't think it needs any special chip or anything like > that. > > You can also do VPN over your wifi connection, and require it for > access to the rest of your network or the internet. At least then if > someone hacks your wireless key, they still can't do anything without > having your VPN certificate.
It sounds like VPN may be the strongest thing going. Could I turn off WPA and keep everything hidden within the VPN? Could I use a password instead of a certificate for access? Is the only downside that the client needs to have VPN software installed? - Grant