Ok, here's my question. I'm going to add wireless networking to my LAN
using an Orinoco PCMCIA card and an Apple Airport. However, the Airport
offers weak encryption, and if ALL of my data is going to be flying
through the air thanks to an ethernet-to-wireless bridge, I sure as hell
want everything (up to the 'net connection) encrypted like crazy.
Here's my setup.
The LAN is a 5-node 100baseTX network. There are 3 hard-wired W98 PCs
hooked up. There will also be the Airport hooked into node 4, with a
single PC laptop using the Airport. The 'net connection is a Redhat
Linux box on node 3 that is running IPMASQ to share the bandwidth. (The
'net is on a separate ethernet card for security/firewall reasons.) All
of the other computers use the Linux box as a TCP/IP gateway to get out
to the world.
Now... I want all of the data that goes out to the 'net over my LAN to
be as encrypted as possible, since the Airport (which will now broadcast
my every move) has only 64-bit WEP encryption. The way I understand it,
the easiest way to make this happen is to make the Linux box a VPN
server, and have each of the W98 computers connect to the 'net using
VPN. That way, at least my data is double-encrypted - once by the
hardware's 64-bit WEP, and again via VPN with some sort of encryption
My question is... is this the best way to do it? Also, does anyone have
a link to an EASY walk-through on how to do this? Also, I'm more than
interested to see if there's other better ways to do what I want to do.
The main function here is, everything that's LAN-only traffic is
trivial... but anything that goes to the 'net via the Linux box I want
as secure as possible - and I'd much rather have a solution that works
on the PROTOCOL level, so the encrypting/decrypting is invisible for
compatibility with older 'net apps. But like I said, I'm open to
anything that you may think is better.
Thanks for any help you can provide.