[Commotion-discuss] Commotion-discuss Digest, Vol 28, Issue 5

Mon Feb 23 17:04:07 EST 2015

Thanks Dan. I guess I was looking for the two separate networks with
firewall but might be more of an undertaking then I thought. I will
probably just go with setting up the router as a basic, WPA2 password
protected AP and add an additional AP with no pw.

Thanks again
On Mon, Feb 23, 2015 at 12:00 PM <
commotion-discuss-request at lists.chambana.net> wrote:

> Send Commotion-discuss mailing list submissions to
>         commotion-discuss at lists.chambana.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://lists.chambana.net/mailman/listinfo/commotion-discuss
> or, via email, send a message with subject or body 'help' to
>         commotion-discuss-request at lists.chambana.net
>
> You can reach the person managing the list at
>         commotion-discuss-owner at lists.chambana.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Commotion-discuss digest..."
>
>
> Today's Topics:
>
>    1. Re: Setting up nodes for dual purpose (Dan Staples)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 23 Feb 2015 11:13:39 -0500
> From: Dan Staples <danstaples at opentechinstitute.org>
> To: commotion-discuss at lists.chambana.net
> Subject: Re: [Commotion-discuss] Setting up nodes for dual purpose
> Message-ID: <54EB51B3.3020801 at opentechinstitute.org>
> Content-Type: text/plain; charset=UTF-8
>
> Is the idea that you want the mesh network and the private network to be
> entirely isolated from each other? And maybe you want the single device to
> provide an internet gateway to both networks? This can be done, but it will
> take some manual configuration and some familiarity with the OpenWRT
> advanced menus, such as setting up virtual network interfaces and setting
> firewall zones.
>
> Of course if you want the two networks to be fully isolated, your best bet
> is to just use two different routers as that would make things a lot
> easier. But if you really want to use a single device to provide access
> points to both the private network and the Commotion network, a dual-radio
> device like the TP-Link WDR4300 or WDR3600 might be a good bet, so you can
> dedicate one radio to each network.
>
> After installing and configuring Commotion as normal on the node, you'd
> need to create a new network interface for the private network, in
> Advanced->Network->Interfaces. Then you'd create a firewall zone for the
> new interface that doesn't allow forwarding to/from any other zones
> (besides WAN if your node has a gateway), in Advanced->Network->Firewall.
> Finally, you would create an access point that would be attached to the new
> network interface in Advanced->Network->Wifi.
>
> If the device you are using has an ethernet LAN switch like the TP-Links I
> mentioned, you could optionally configure that to offer some dedicated
> port(s) to the private network if you wish, in Advanced->Network->Switch.
>
> Here is some relevant documentation from OpenWRT:
>
> http://wiki.openwrt.org/doc/uci/network
> http://wiki.openwrt.org/doc/uci/firewall
> http://wiki.openwrt.org/doc/uci/wireless
> http://wiki.openwrt.org/doc/uci/network/switch
>
> Dan
>
> On 02/18/2015 09:13 PM, Alex Meyer wrote:
> > Hey all, I am in the process of planning out a new network using
> commotion and was wondering if it was possible to set up selected nodes in
> the network to serve a dual purpose. The first would be to act as a
> standard node in the mesh network, but the second would be to also act as a
> base node for a private network.
> >
> > Essentially, I am looking to set up the network so that particular nodes
> can be both secure and open if that makes sense. It would allow users to
> both connect to anyone on the mesh network (as well as repeat the signal)
> but also be able to set a secure network at home that only someone with a
> password can access (just like a standard home secure network).
> >
> > Is this possible? If so, how'd you do it? And has anyone here had
> success doing it?
> >
> > Thanks for any help
> >
> >
> > _______________________________________________
> > Commotion-discuss mailing list
> > Commotion-discuss at lists.chambana.net
> > https://lists.chambana.net/mailman/listinfo/commotion-discuss
> >
>
> --
> Dan Staples
>
> Open Technology Institute
> https://commotionwireless.net
> OpenPGP key: http://disman.tl/pgp.asc
> Fingerprint: 2480 095D 4B16 436F 35AB 7305 F670 74ED BD86 43A9
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> Commotion-discuss mailing list
> Commotion-discuss at lists.chambana.net
> https://lists.chambana.net/mailman/listinfo/commotion-discuss
>
>
> ------------------------------
>
> End of Commotion-discuss Digest, Vol 28, Issue 5
> ************************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-discuss/attachments/20150223/7d2f04ee/attachment.html>