Solved

Would this setup for a WISP work?

Posted on 2007-11-29
3
922 Views
Last Modified: 2013-12-15
I intend to set up a small Wireless Internet Provider (for about 30 people). I was thinking of using a sort of VPN for authentication. Would this work:

- Server with 2 network cards. One of them connected to the Internet link, the other to an access point that's in bridge mode. Maybe some security in the AP in the form of MAC address-locking.
- VPN (PPTPD) on the server.

On the client:
- AP set to AP client mode capable of authenticating through PPTP.

I think this would provide me with user/pass authentication (which is something I want), and some security. If someone want's to hack it, at least they'd have to bypass the MAC and PPTP security, which is better than nothing.

Or am I totally wrong?

Regards,

TJ
0
Comment
Question by:tjbraza
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 14

Assisted Solution

by:arrkerr1024
arrkerr1024 earned 200 total points
ID: 20374251
Are the 30 people the same every time?  In other words, is it a fixed pool of people, and you can register their machines or mac addresses ahead of time?

Maybe WPA-Enterprise is something you should look at - it is supported by most APs and most OSs and you can do anything from windows authentication to a radius server to shared key authentication.

The VPN should work as well, but I'd go for WPA/WPA2-Enterprise.
0
 

Author Comment

by:tjbraza
ID: 20375446
Yes, they are the same 30 people always. Their MAC address is known beforehand because the client AP is provided by me.
0
 
LVL 2

Accepted Solution

by:
hattmardy earned 300 total points
ID: 20384588
Yes what you're doing can work. A lot of people do it with PPTP, or even PPPoE. You can find CPE equipment that use those protocols:
http://www.deliberant.com/estore/web/pc-1167-7-dlb2112-80211bg-12dbi-integrated-radio.aspx

You can set this in WISP mode with the WAN type as PPPoE. This particular model supports both PPPoE and PPtP.

This is much better than MAC authentication only because it is very easy to spoof MAC addresses, so it's not very secure.

And as arrkerr1024 said, WPA2-enterprise is also a good solution.

-Matt
<a href="www.matthardy.info">Matt Hardy</a>
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Need WiFi? Often, there are perfectly good networks that don't have WiFi capability - and there's a need to add it.  - Perhaps you have an Ethernet port into a network but no WiFi nearby. - Perhaps you have a powerline extender and no WiFi at the…
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question