Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Would this setup for a WISP work?

Posted on 2007-11-29
3
Medium Priority
?
936 Views
Last Modified: 2013-12-15
I intend to set up a small Wireless Internet Provider (for about 30 people). I was thinking of using a sort of VPN for authentication. Would this work:

- Server with 2 network cards. One of them connected to the Internet link, the other to an access point that's in bridge mode. Maybe some security in the AP in the form of MAC address-locking.
- VPN (PPTPD) on the server.

On the client:
- AP set to AP client mode capable of authenticating through PPTP.

I think this would provide me with user/pass authentication (which is something I want), and some security. If someone want's to hack it, at least they'd have to bypass the MAC and PPTP security, which is better than nothing.

Or am I totally wrong?

Regards,

TJ
0
Comment
Question by:tjbraza
3 Comments
 
LVL 14

Assisted Solution

by:arrkerr1024
arrkerr1024 earned 600 total points
ID: 20374251
Are the 30 people the same every time?  In other words, is it a fixed pool of people, and you can register their machines or mac addresses ahead of time?

Maybe WPA-Enterprise is something you should look at - it is supported by most APs and most OSs and you can do anything from windows authentication to a radius server to shared key authentication.

The VPN should work as well, but I'd go for WPA/WPA2-Enterprise.
0
 

Author Comment

by:tjbraza
ID: 20375446
Yes, they are the same 30 people always. Their MAC address is known beforehand because the client AP is provided by me.
0
 
LVL 2

Accepted Solution

by:
hattmardy earned 900 total points
ID: 20384588
Yes what you're doing can work. A lot of people do it with PPTP, or even PPPoE. You can find CPE equipment that use those protocols:
http://www.deliberant.com/estore/web/pc-1167-7-dlb2112-80211bg-12dbi-integrated-radio.aspx

You can set this in WISP mode with the WAN type as PPPoE. This particular model supports both PPPoE and PPtP.

This is much better than MAC authentication only because it is very easy to spoof MAC addresses, so it's not very secure.

And as arrkerr1024 said, WPA2-enterprise is also a good solution.

-Matt
<a href="www.matthardy.info">Matt Hardy</a>
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Working settings for French ISP Orange "Prêt à Surfer" SIM cards for data connections only. Can't be found anywhere else !
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Suggested Courses
Course of the Month13 days, 5 hours left to enroll

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question