On Thu, Jul 31, 2014 at 8:44 PM, Kenward Vaughan <kay_...@earthlink.net> wrote:
> In my quest to set up a computational lab at my school, the IT department > has offered us the freedom to create this specialized lab as long as we > aren't hooked up to the school's network--we are to be completely isolated. > They have no one to maintain it software-wise (we will be doing that), and > (I believe) fear security breaches, etc, emanating from there. > > They would allow us to go outside through the Wifi spots, though, as long > as it is through the open (insecure) side. There is an accessible secure > (internal) network as well. > > Is there a way to set up pfSense either on the internal server or a > separate Internet side box to control outbound traffic by having it sign > into that network then having the other machines have access? > > I'm not any sort of network person (self-taught in Linux/computers in > general), so please accept my apology up front if this is an idiotic > question. > > Thanks! > > > Kenward As Adam said, yes this can be done. Also as Adam said, it's probably a good idea to ask someone with a little bit of network experience. The only thing I have to add over Adam's reply is that, yes, pfSense should natively be capable of using a WiFi connection as its "WAN" and a wired network connection as its "LAN". If you set the WiFi interface to "Infrastructure (BSS)" mode, it will connect to an existing wireless network. The only caveat is that you need to make sure your wireless card is one of the properly supported ones - otherwise you might end up with intermittent dropouts and all kinds of unexplained problems. Again, as Adam said, doing it this way really should be your last resort, just because there are too many things that could go wrong with it. Finally, I should note that all of this is true on paper, and I have not actually tested it myself in the field - I don't have a spare wireless card. If all of Adam's other suggestions don't work, and you really need to go with WiFi, Adam's other idea about using a travel router is actually something I have done in practice at a construction site - the travel router and a pfSense box are in the construction trailer connected to each other by Ethernet, the travel router connects to a wireless network coming from offsite, and the pfSense box sees the travel router as just another regular network connection. Performance was as good as could be expected from long-range WiFi - poor, to say the least, but that was because of WiFi signal strength, not because of the setup itself. I used an Apple Airport Express as my travel router, but there are others that may work better - and the Airport Express is very hard to troubleshoot because it has no web interface. Moshe -- Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732
_______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
