Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Would this setup for a WISP work?

Posted on 2007-11-29
3
Medium Priority
?
930 Views
Last Modified: 2013-12-15
I intend to set up a small Wireless Internet Provider (for about 30 people). I was thinking of using a sort of VPN for authentication. Would this work:

- Server with 2 network cards. One of them connected to the Internet link, the other to an access point that's in bridge mode. Maybe some security in the AP in the form of MAC address-locking.
- VPN (PPTPD) on the server.

On the client:
- AP set to AP client mode capable of authenticating through PPTP.

I think this would provide me with user/pass authentication (which is something I want), and some security. If someone want's to hack it, at least they'd have to bypass the MAC and PPTP security, which is better than nothing.

Or am I totally wrong?

Regards,

TJ
0
Comment
Question by:tjbraza
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 14

Assisted Solution

by:arrkerr1024
arrkerr1024 earned 600 total points
ID: 20374251
Are the 30 people the same every time?  In other words, is it a fixed pool of people, and you can register their machines or mac addresses ahead of time?

Maybe WPA-Enterprise is something you should look at - it is supported by most APs and most OSs and you can do anything from windows authentication to a radius server to shared key authentication.

The VPN should work as well, but I'd go for WPA/WPA2-Enterprise.
0
 

Author Comment

by:tjbraza
ID: 20375446
Yes, they are the same 30 people always. Their MAC address is known beforehand because the client AP is provided by me.
0
 
LVL 2

Accepted Solution

by:
hattmardy earned 900 total points
ID: 20384588
Yes what you're doing can work. A lot of people do it with PPTP, or even PPPoE. You can find CPE equipment that use those protocols:
http://www.deliberant.com/estore/web/pc-1167-7-dlb2112-80211bg-12dbi-integrated-radio.aspx

You can set this in WISP mode with the WAN type as PPPoE. This particular model supports both PPPoE and PPtP.

This is much better than MAC authentication only because it is very easy to spoof MAC addresses, so it's not very secure.

And as arrkerr1024 said, WPA2-enterprise is also a good solution.

-Matt
<a href="www.matthardy.info">Matt Hardy</a>
0

Featured Post

Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Working settings for French ISP Orange "Prêt à Surfer" SIM cards for data connections only. Can't be found anywhere else !
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question