I saw the original note from Charles Baker which mentioned the 2002 issue of Linux Journal about setting up a wireless home network. Unfortunately, the article is only available to subscribers. So here goes...
Is there a difference in the security arrangement at the point in between the wireless access point and the client in the two scenarios below? It would seem that in the scenario A, implementing the VPN gateway with FreeS/WAN at the LRP box secures you from the point of the company VPN to the LRP router. However, once inside your LAN, the data that is transmitted between the wireless access point and the client is no longer secure (no encryption provided by the VPN). In scenario B, it would seem that because you are masquerading to the point of the client, the data will be encrypted over the wireless network for the entire length of transmission from the company VPN to the end point at the client. Granted, you can implement further security measures over your wireless LAN, but leaving that out of the discussion, does scenario B offer more protection? Is there a fallacy in my thought process here and that scenario B is just as vulnerable? Could it be that hacker tools like Airsnort and WEPcrack can still decrypt the data? Scenario A ________ _____ ________ _______ | | | | |Wireless| | | |Company |___(Internet)___| LRP |____| Access |__///__|Client | | VPN | ( ) | VPN | | Point | |_______| |________| |_____| |________| Scenario B ________ ______ ________ _______ | | | LRP | |Wireless| | | |Company |___(Internet)___|IPSec |___| Access |__///__|Client | | VPN | ( ) | Masq | | Point | |VPN End| |________| |______| |________| |_______| _______________________________________________________________ Sponsored by: ThinkGeek at http://www.ThinkGeek.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html