combo wireless and wired home network

[Ed Wilts]

On Fri, Aug 06, 2004 at 07:17:15AM -0500, Cowles, Steve wrote:
> 1) Replace your current Netgear firewall with a combo wireless
> accesspoint/router/switch. Both Netgear and LinkSys have models that would
> allow you to use your existing CAT5 wiring and add wireless capabilites.
> 
> 2) Add just a Wireless AccessPoint (WAP) and plug it into an open swithport
> on your current netgear firewall. Again, both Netgear and LinkSys have
> models with "just" the wireless accesspoint without the router or switch.
> 
> FWIW: Option 2 is how I implemented wireless at my home. I already had CAT5
> wiring throughout the house using a 16 port 10/100 switch (I use a linux
> based firewall). I bought a LinkSys WAP54G and plugged it into an open
> switchport, then bought the PCMCIA wireless NIC for my laptop. Works great!
> 
> With both options, you would still need to buy the Wireless NIC card for the
> computer/laptop in the garage.

There is one significant issue you've got with both options 1 & 2.  If
anybody breaks the wireless security (which is typically not that hard),
they're now on the *inside* of your network - safely behind your
firewall.

What I've done to avoid this is to add a wireless firewall/router to my
network so th config now looks like so:

    cable modem
        |
        |
    wireless router/firewall (Linksys)
        |
        |
    router/firewall (another Linksys)
       |
       |
    servers, desktops

My laptop has 2 connections - one wired when it's on my desk, and one
wireless.  When I'm wired, I'm on the inside.  When wireless, I have
restrictions as to which ports I can go through.  The ports available
through the wireless router are a subset of what's available on the
inside firewall.  Nobody gets on the inside of the inner firewall unless
they have a cable they can plug into my firewall/switch.  

-- 
Ed Wilts, RHCE
Mounds View, MN, USA
mailto:ewilts at ewilts.org
Member #1, Red Hat Community Ambassador Program