Thanks for your help, that makes! I have downloaded IPcop and I will see how I get on!
Thanks again. Mark -----Original Message----- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: 16 December 2009 20:26 To: NT System Admin Issues Subject: Re: Protecting LAN access from Wireless Access points On 16 Dec 2009 at 16:03, Mark Robinson wrote: > > Hi, I currently have two wireless access points that provide wireless > access to the corporate LAN in two meeting rooms. To satisfy PCI compliance, > I need to install a firewall between each access point and the LAN and only > allow traffic from our corporate IP range through to the LAN. Has anyone done > this before, and can you recommend any firewalls that will do the job? I have > installed Smoothwall onto a PC and played around with it but I´m not sure if > it´s the best solution for what I need. Thanks, Mark Smoothwall will do the job, as will IPcop (a fork of Smoothwall which I prefer) and pfSense and most other FLOSS firewall distros. In IPCop you would set up a RED - BLUE - GREEN network with 3 NICs, RED being the Internet, GREEN being the LAN and BLUE being the WAPs. I have this at one of my sites. My green LAN is 10.79.2.x while my blue LAN uses 192.168.79.x. The blue LAN can only see the gateway, they don't even know about the 10.79.2.x space. IPcop can provide DHCP services for the blue LAN as well as for the green LAN. http://ipcop.org/ -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +-----------------------------------+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ IMPORTANT INFORMATION Internet communications are not secure and therefore CIPS does not accept legal responsibility for the contents of any e-mail message sent via this medium. The content of any e-mail communication is the view of the individual and CIPS does not accept legal liability for the contents. Although this message and any attachments are believed to be free of virus or other defect that might affect any computer system into which it is received and opened, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by CIPS for any loss or damage in any way arising from its use. CIPS runs the following software packages: MS Office Suite 2003, MS Visio 2003, MS Project 2002. Please ensure that any files you send are compatible. The Chartered Institute of Purchasing & Supply (CIPS) is an organisation incorporated under Royal Charter and is based at Easton House, Easton on the Hill, Stamford, Lincs PE9 3NZ, tel: +44 (0)1780 756777, and is a registered Charity number 1017938. CIPS Services Limited is a wholly owned subsidiary company of CIPS, registered in England under number 2610367 and is registered at the address shown above. Both organisations operate under a group VAT registration number: 3426 489 42. -- Scanned by iCritical. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~