[Leaplist] an ipcop question

[Bryan J. Smith]

Hank Lambert <hank at hanklambert.com> wrote:
> I use WPA,

Just want to mention that I do WPA/WPA2 with AES-only, no 
TKIP.

> mac filtering, and have the SSID disabled.

Unfortunately, SSID disabling seems to cause issues with
several devices of mine (especially non-PC, but even an
Intel WLAN card).

> What I don't do is have the ritter provide the IP address
> for the wireless clients, I have IPCop hand out the addresses,
> but have it assign a static address applied to a specific mac
> address.

Same here.  Good policy.  I use an AP (not a 'Ritter) as well.

> I know that having the wireless clients on a different
> subnet is more secure, now I have more to think about ;)
> How do you control IP tables on the ritter? Is that a
> feature of dd-wrt?

You can manually add rules.  There is a specific file to
append rules in, although you have to take care in how
they are inserted.  I haven't looked at it in a few years
though, but I'll try to drag it up.

I'm considering adding one that blocks Internet access until
they establish their OpenVPN connection.

-- 
Bryan J Smith          Professional, Technical Annoyance
b.j.smith at ieee.org    http://www.linkedin.com/in/bjsmith
--------------------------------------------------------
I don't have a "favorite Linux distro."  I use, develop
and support community efforts, often built around Linux.
Technology and solutions are my focus, not dragging in
assumptions, marketing and other concepts which dominate
non-community developed software, which I left long ago.

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.