[SATLUG] stupid WAP question

redpill toddwbucy at grandecom.net
Thu Jul 1 19:15:28 CDT 2010


> 1) Which firmware (tomato, dd-wrt, openwrt) do you recommend and why?
personally I favor PFsense or Untagle as opposed to firmware upgrades
> Currently I have dd-wrt and openwrt I think, on two WAPs.
> 
> 2) Is there a way to have WLAN traffic NOT go through firewall
>    when traversing to a wired port?
> 
>    Basically I just want a box that bridges the WLAN and the link to my
>    firewall.
> 
>    I want to be able to have two-way traffic from the firewall to wifi clients,
>    and from clients to firewall (and out to internet).
> 
>    I also want to be able to manage WAP from the firewall link (my LAN is
>    connected to the firewall, not directly to WAP).
> 
> 3) Related to 2, is there a way to have it not go through NAT,
>    so that the firewall sees the real IPs, and not the WAN IP of the WAP?
> 
what you need to do is turn off the dhcp on the WAPs and connect your
WAPs to the LAN through WAP's switch ports. (as opposed to connecting to
the WAN port on the WAP).  You will still need to setup your WAP
security through the WAPs but the IP addrs will be assigned by your LAN
DHCP server and therefore should be protected by your LAN firewall.

Todd



More information about the SATLUG mailing list