hi
thanks for all the responses. I have done some more reading and it seems
that the virtual interface is the way for me. I don't really want to
bring USB into the picture and my access point is too cheap and nasty to
support any of those features that Jean-Pierre suggested.
While reading about virtual interfaces, i encountered this page about
iproute2 suite of commands
http://archives.neohapsis.com/archives/sf/linux/2002-q1/0095.html
This is all new to me, but it sounds like I can simply assign a second
IP (on a different subnet) to my internal NIC.
Could I then not just use this second subnet for the wireless AP and all
its clients?
Then I would bridge this second IP address on eth1 to the TAP device IP
as I previously described, and those clients that didn't have openvpn
installed and were just using my wireless after cracking WEP wouldn't be
on the bridged network, but on the separate wireless subnet, and the
firewall would drop all packets???
But how do I set up a DHCP server on the eth1 interface to hand out IP's
from 2 different ranges on two different subnets?
And how do I know which range and subnet a particular client IP will be.
Or should I just forget about this 2 IP's per physical interface idea
and implement virtual interfaces as originally suggested.
thanks
Daniel
ps. I am having trouble replying to the list and having the message
appear, so apologies if there is a double post.
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|