User Tools

Site Tools


doc:howto:wide.area.wifi

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
doc:howto:wide.area.wifi [2013/10/28 04:19]
trazor
doc:howto:wide.area.wifi [2013/10/28 08:22] (current)
lorema this is rather a "recipe" than a how-to
Line 1: Line 1:
 +====== Wide area Wi-Fi coverage ======
 +
 ===== Introduction ===== ===== Introduction =====
 +This HOWTO requires proficienciy in an [[wp>​OpenVPN]]-based [[wp>​Virtual private network]] (cf. [[doc/​howto/​vpn.server.openvpn.tap]]/​[[doc/​howto/​vpn.client.openvpn.tun]] and [[doc/​howto/​vpn.server.openvpn.tap]]/​[[doc/​howto/​vpn.client.openvpn.tap]]),​ Networking configuration on [[wp>Red Hat Enterprise Linux|RHEL]]/​[[wp>​CentOS]],​ [[wp>​Shorewall]] (cf. [[doc/​recipes/​shorewall-on-openwrt]]).
  
-This HOWTO requires proficienciy in OpenVPN, RHEL/CentOS Networking, Shorewall. +In the proposed scenario a big area must be covered with Wi-Fi access and no Access Point alone can provide that kind of reachability. Three different ​Wi-Fi networks are configured ​for different ​access levels. Traffic from these networks will be isolated and controlled by a central Linux box running Shorewall. A wired Ethernet backbone will carry traffic from the Access Points (three in our example). The encapsulation protocol for different network traffic will be OpenVPN with no cypher(encryption can be enabled ​ with one liner '​cypher'​ statement if required). The author has successfully ​done a similar setup using 802.1q (VLAN) encapsulation. L2tp is a another reasonable alternative for traffic encapsulation ​(cf. [[doc/​networking/​network.interfaces]]).
- +
-In the proposed scenario a big area must be covered with Wi-Fi access and no Access Point alone can provide that kind of reachability. Three different ​wifi networks are needed ​for diferent ​access levels. Traffic from these networks will be isolated and controlled by a central Linux box running Shorewall. A wired Ethernet backbone will carry traffic from the Access Points (three in our example). The encapsulation protocol for different network traffic will be OpenVPN with no cypher(encryption can be enabled ​ with one liner '​cypher'​ statement if required). The author has succesfully ​done a similar setup using 802.1q (VLAN) encapsulation. L2tp is a another reasonable alternative for traffic encapsulation. +
- +
-The following is a diagram of the solution:+
  
 +The following is a simplified scheme of the network structure of the solution described here:
  
 {{:​media:​wide_area_wifi_howto.png|}} {{:​media:​wide_area_wifi_howto.png|}}
Line 14: Line 14:
  
 ==== Acess Point Configuration ==== ==== Acess Point Configuration ====
- +  ​* Flash OpenWrt ​Attitude Adjustment on your router (i've used the venerable tp-link 1043nd)
-  ​* Flash OpenWRT ​Attitude Adjustment on your router(i'​ve used the venerable tp-link 1043nd)+
   * Connect it to internet and do "opkg install openvpn"​ from console   * Connect it to internet and do "opkg install openvpn"​ from console
   * Setup hostname, date, timezone and password as you wish   * Setup hostname, date, timezone and password as you wish
doc/howto/wide.area.wifi.txt · Last modified: 2013/10/28 08:22 by lorema