1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Securing wlan with a vpn

Discussion in 'DD-WRT Firmware' started by mr_man, Apr 14, 2005.

  1. mr_man

    mr_man Guest

    Hi all, I'm a relative newbie to the WRT54G. I've only recently discovered the amazing things this router can do. However I've been having a little problem and after a load of searching haven't found a working solution. So I'm wondering if you can point me in the right direction.

    I want to have wireless and wired clients connected to the router. Now what I'd like to do is secure my lan by not having the bridge between it and the wlan. The solution I'm after is when anyone connects to the wlan, they have no access to the lan or wlan. In order to get any useful access they must connect to the router's vpn.

    This would mean that anyone managing to break into the wireless would not be able to see anything else (apart from other wlan clients).

    How can I got about doing this?

    Many thanks for your help in advance
  2. Xyse

    Xyse Network Guru Member

    Well, I haven really try it on WRT54G myself but you could just:

    1)Set up the pptp daemon and chapsecrets
    2)Make sure the pptp is working
    3)Disable all services except pptp under Access Restriction to all PC

    I am not sure about your last question regarding "apart from other wlan" if you just want to prevent wireless to wireless node to have any connections, you might want to try enabling AP isolation
  3. sliderwkw

    sliderwkw Network Guru Member

    yeah... how exactly to seperate the lan and wlan connections and wlan must connect to the router via vpn internally?
  4. 4EverGreen

    4EverGreen Network Guru Member

    If I well understood your question, see the solution here. :thumb:
  5. pfile

    pfile Guest

    i think that setup would turf all traffic between the wlan and the 4 ports on the LAN side. that's not what the OP is looking for.

    it should be possible though, after you break the bridge i guess if you started another pptp daemon to route between the wlan and lan, that might work. i have been wanting to do this for years but have never gotten around to looking at how to do it.

Share This Page