[vpn] wep

Travis Watson rtwatson at qwest.net
Thu Jun 6 09:35:41 EDT 2002


Pete,

Someone else already suggested it (don't have the name available), but
going the VPN route with client software is the way to go to get what
you want.  The original suggestor pointed you toward Netscreen, which is
also probably a good choice, though you certainly have options.

I've implemented this at one site and it worked fine (though we went
with a different device).  The only thing I would prepare you for is the
shaky hand user messing up his/her client software and calling you *all
the time* until they get used to it.  Additionally, you may have to
allow for split-tunneling so people can get to local resources.  It
depends on what users are doing and how you are set up, but it's a
decision you will have to make early on.  Generally speaking,
split-tunneling is bad juju, but since your users are already on the
inside, it's not near as big of a vulnerability.  Just make sure their
web-surfing pulls through the tunnel if the WAP is between them and your
Internet POP.

Good luck.

--Travis


On Mon, 2002-06-03 at 09:28, Pete Jacob wrote:
> Hello~
> I was wondering if anyone knew of a good solution to help my problem...
> I have an external wireless connection to an office across the street using 
> a Breeze com 802.11B
> technology... but the equipment will only use a 40bit WEP key.
> I would like to accomplish the following:
> 1. treat both sites as a different broadcast domains
> 2. have some sort of magical box that will provide some sort of magical 
> vpn/3des encryption, and have two ether net ports
> in it, one to connect to the network another to connect to the wireless 
> network, then back at the remote site it
> would do the same...
> 
> I was thinking that Cisco probably makes what I need but since I am only a 
> lowly ccna it might be
> to difficult to configure, and too costly.
> I also think I should be able to do this with a pee cea, and two nics... 
> but this sounds like a bad idea.
> 
> 
> Thanks~
> Pete.
> ----
> 

> 
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.368 / Virus Database: 204 - Release Date: 5/29/2002
> 
> ----
> 

> VPN is sponsored by SecurityFocus.com



VPN is sponsored by SecurityFocus.com





More information about the VPN mailing list