Walden's config is spot-on, but Gary, I have a question for you.
Certainly WEP cannot be considered secure but I hadn't heard that WPA
can no longer be trusted.  Perhaps I'm a little behind in reading about
wireless.  Can you cite an article? 

John A. Jones, CISSP
Americas Information Security Officer
Jones Lang LaSalle, Inc.
V: +1-630-455-2787  F: +1-312-601-1782
john.jones@xxxxxxxxxx

-----Original Message-----
From: Walden H. Leverich [mailto:WaldenL@xxxxxxxxxxxxxxx] 
Sent: Wednesday, March 16, 2005 4:11 PM
To: PC Technical Discussion for iSeries Users
Subject: [PCTECH] RE: Communicate from a laptop

I'm not sure I follow. Ignore the internet for a moment. Within the
office you have two "group" of machines, those that are hardwired and
those that are wireless. Ignoring security, it would be fine for them to
all be on one big happy subnet, including the iSeries. So far so good?

However, we can't ignore security, right? So what I'm proposing is put
the wireless people on their own subnet and bring up a VPN connection to
the "real" subnet. This way they can access "protected" resources over
the VPN and still be wireless. 

Now, as for the internet, you could either force them to come over the
VPN and then out through the same interface as the hardwired people, or
you could provide another route to the internet for the wireless people.

Make sense, or did I miss something?

-Walden

------------
Walden H Leverich III
President & CEO
Tech Software
(516) 627-3800 x11
WaldenL@xxxxxxxxxxxxxxx
http://www.TechSoftInc.com

Quiquid latine dictum sit altum viditur.
(Whatever is said in Latin seems profound.)
  


-----Original Message-----
From: Gary Kuznitz [mailto:docfxit@xxxxxxxxxxxx]
Sent: Wednesday, 16 March, 2005 15:09
To: PC Technical Discussion for iSeries Users
Cc: Walden H. Leverich
Subject: RE: Communicate from a laptop

Moved from Midrange List

Hi Walden,

Thanks for your input.  My iimmediate need is to protect the wireless
transmission in the office.  I can easily setup a VPN tunnel between 
the laptop --> over wireless --> to a remote office.   Which covers 
the wireless part easily.  The problem is when I need to surf the
internet to other locations. Like when I need to transmit to other
people that don't have VPN setup.  At these times I'd like to have the
wireless protected.

Thank you,

Gary Kuznitz

> Gary,
> 
> We use W2K as our VPN server (no surprise there, right? <G>) so what
we
> did in this situation was deploy a second subnet for all wireless 
> access. That subnet, while it has a private IP range (10.100.12.x) is 
> still considered by us to be a public network, so there's no direct 
> connect between the wireless subnet and our internal network. However,

> the VPN server is connected to that subnet. So when you're wireless
you
> need to bring up a VPN connection just as if you were anywhere on the 
> internet, and the connection is the same one you'd bring up from home
--
> into the same VPN server you'd access from home. 
> 
> What I'm getting at is, do you need a separate VPN server for the 
> wireless stuff, or can you setup your current VPN server to handle 
> another subnet?
> 
> -Walden
> 
> 
> ------------
> Walden H Leverich III
> President & CEO
> Tech Software
> (516) 627-3800 x11
> WaldenL@xxxxxxxxxxxxxxx
> http://www.TechSoftInc.com
> 
> Quiquid latine dictum sit altum viditur.
> (Whatever is said in Latin seems profound.)
> 



--
This is the PC Technical Discussion for iSeries Users (PcTech) mailing
list To post a message email: PcTech@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/pctech
or email: PcTech-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives at
http://archive.midrange.com/pctech.



This email is for the use of the intended recipient(s) only.  If you have 
received this email in error, please notify the sender immediately and then 
delete it.  If you are not the intended recipient, you must not keep, use, 
disclose, copy or distribute this email without the author's prior permission.  
We have taken precautions to minimize the risk of transmitting software 
viruses, but we advise you to carry out your own virus checks on any attachment 
to this message.  We cannot accept liability for any loss or damage caused by 
software viruses.  The information contained in this communication may be 
confidential and may be subject to the attorney-client privilege. If you are 
the intended recipient and you do not wish to receive similar electronic 
messages from us in future then please respond to the sender to this effect.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.