Steve, I'm posing questions here, not answering. At some point in the future I plan to set up a wireless AP here, and I'd like to not only use it to access my local intranet, but also to allow users next door at the coffee shop to access the internet, (one of whom might be me).
Have you considered methods to allow some wireless client to pass through the firewall to the local net? SSH would seem to be the most likely prospect. I plan to put the AP in the DMZ. It should run dhcp-server for the wireless connections and then NAT/gateway them to the firewall. It would also be nice to serve first request for port 80 to a `splash' page before passing the request to the Internet. As I said, these are more questions, not answers. -- Sincerely, David Smead http://www.amplepower.com. On Fri, 5 Apr 2002, Steve Cayford wrote: > > On Friday, April 5, 2002, at 12:42 PM, [EMAIL PROTECTED] wrote: > > > So, you will run NoCat in the DMZ. > > NoCat is the Wireless gateway/Authenicator that will > > allow authenticated wireless users Internet Access > > through your Oxygen router. > > > > NoCat issues it's own ip addresses to DCHP wireless > > clients on a DIFFERENT subnet than the DMZ and then > > NAT's that through the Oxygen router? > > That's my theory, unless anyone has other recommendations... > > > > > Well, in theory I supose that should work depending on > > the ipchains rules, etc. If you do do this, write it > > up as I'm sure NoCat and LEAF could use the how to. > > Will do. (If I get it to work.) > > -Steve > > > -sp > > > > Steve Cayford wrote > > > >> > >> Hi. I've been running Oxygen on a router at home for > > most of a year now > >> with no problems. Thanks to all for your excellent > > work. > >> > >> I'm planning to try running a wireless subnet in my > > house and hopefully > >> broadcast it outside as well -- I'd like to sit at > > the coffee shop > >> across the street and still go online. I've been > > thinking about joining > >> the free wireless crowd and using something like > > NoCatAuth to share > >> wireless access. I haven't looked at the details of > > the system much, but > >> my initial impression is they use perl and apache to > > control > >> masquerading on a router. > >> > >> My thought is to run NoCatAuth on a separate machine > > in a DMZ off of my > >> primary router. (Definitely not on my internal > > network!) Does this sound > >> reasonable? Am I going to run into weird problems by > > chaining IP > >> masquerading like that? > >> > >> Thanks for any suggestions. > >> > >> -Steve > >> > >> > >> _______________________________________________ > >> Leaf-user mailing list > >> [EMAIL PROTECTED] > >> https://lists.sourceforge.net/lists/listinfo/leaf-user > > > > > > > _______________________________________________ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
