[Imc-makerspace] How hard is it to partition a network to be split between private and public?
Erich Heine
sophacles at gmail.com
Thu Sep 29 09:18:57 CDT 2011
Also, the mesh wifi group meets tonight at Makespace Urbana, from 7-9. Feel
free to stop by and check out what they've got going on, and maybe they can
help you with this a bit too!
Regards,
Erich
On Thu, Sep 29, 2011 at 9:14 AM, Brian Duggan <bcdugga at gmail.com> wrote:
> Hey Charles,
>
> This is a common desire for many organizations as they consider the
> benefits of providing free access to the community. This is also
> possible within the context of a mesh wifi network. The network
> configuration is pretty straightforward, provided the organization has
> the hardware and firmware to do it.
>
> Almost all off-the-shelf hardware is capable of this configuration
> nowadays, but the default firmware varies greatly from device to device.
> I've never seen a consumer-grade device that gave the user this kind of
> control.
>
> I'll describe this in terms of OpenWRT on a moderately-capable piece of
> hardware, since that's what the mesh wifi group has been using. This
> will be a high-level description. I or anyone from the mesh wifi group
> can provide more details, if needed.
>
> Step 0: Create a new subnet and bridge interface for the public wifi
> network
> Step 1: Create a new virtual wifi access point and add the public wifi
> network to it
> Step 2: Configure dnsmasq to lease addresses over the new network
> Step 3: Configure the firewall to forward packets between the wan
> network and the public wifi network.
>
> When you're done, the device will advertise two access points: one for
> the public network and one for the private network. The public network
> should work just like the public network and provide Internet access.
> The parts of this that keep the public and private networks from
> communicating with each other are the lack of a route between the
> networks and the lack of a forwarding rule for the networks in the
> firewall.
>
> Hope that helps,
> Brian
>
> On 9/29/11 9:34 AM, Charles Schultz wrote:
> > Good morning,
> >
> > I am heading to a Tech Planning meeting this evening with the Champaign
> > School District's IT Team. To date, the senior administrator has been
> > very hesitant to touch wireless, much less open it up to the public. But
> > having public wifi available at schools seems like a WIN-WIN to me. How
> > hard is it to setup a network such that the school children are
> > protected (mostly worried about viruses, not so much about side-by-side
> > attacks or trojans), yet the public has free access? If I were to
> > propose this idea to the Planning Team, could I lean on a few community
> > volunteers for implementation/advice?
> >
> > Thanks for your time,
> >
> > --
> > Charles Schultz
> >
> >
> > _______________________________________________
> > Imc-makerspace mailing list
> > Imc-makerspace at lists.chambana.net
> > http://lists.chambana.net/mailman/listinfo/imc-makerspace
>
> --
>
> _______________________________________________
> Imc-makerspace mailing list
> Imc-makerspace at lists.chambana.net
> http://lists.chambana.net/mailman/listinfo/imc-makerspace
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/imc-makerspace/attachments/20110929/4f55fd1e/attachment.html>
More information about the Imc-makerspace
mailing list