[Dshield] Wireless MAC Authentication options.

David Vincent support at sleepdeprived.ca
Tue Jun 21 03:49:34 GMT 2005

Have a look at the SonicWall TZ 170 Wireless appliance.  With a couple 
repeaters to cover your area, it might do the trick.  802.11g/b, 
supports MAC authentication (i don't envy the person inputting that 
data), out-of-the-box separation of the wireless lan and the wired lan 
(you can use the VPN client to allow authorized users through the 
firewall into the wired network etc.), dmz and opt interfaces for 
expandability...lots more.

we've got a few at work and they work great.  i did have some issues 
with advanced configuration (specifically 1-1 nat and then getting 
bi-directional port mappings working) using their enhanced OS, switching 
back to the standard solved everything.



Chris Mitchell wrote:

>I do realize you can spoof a MAC Address, this should provide internet
>access for the students.  The main reason I was thinking about the MAC
>authentication is I want something that is transparent to the students, I do
>not want them to have to remember a user ID and password.  Some type of
>appliance would work also, bandwidth caps and traffic filtering would be
>nice to ensure one student does not hog there pipe, or start using a P2P
>client for movies or apps.
>-----Original Message-----
>From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org]
>On Behalf Of Holmes, Alan
>Sent: Monday, June 20, 2005 11:15 AM
>To: 'General DShield Discussion List'
>Subject: Re: [Dshield] Wireless MAC Authentication options.
>Not an answer to your question here, but I trust that you are using other
>methods of authentication in addition to MAC authentication as it's really
>easy to beat MAC authentication.
>Alan Holmes
>Chris Wrote:
>I have recently been contracted by a client of mine to implement a wireless
>network for a small school (500 students).  I would like opinions on MAC
>Address Authentication methods.  This is a Windows based network, and the
>solution should be fairly simple so that it is manageable by the client. Any
>input is greatly appreciated.

More information about the list mailing list