[opensource] DD-WRT bridge and OSU wireless
swaneybr at cse.ohio-state.edu
Mon Feb 22 12:14:20 EST 2010
First off, I think OIT not only doesn't support routers for things like
this, but strictly forbids them. You might get in a lot of trouble if
you try to bridge osuwireless on something like that. I know ResNet
does, but I'm pretty sure that applies everywhere. This is because your
setup puts you in a position where to effectively perform a
man-in-the-middle attack on anyone in range connecting to "osuwireless".
Unless you have explicit permission from OIT to bridge a wireless
connection with a router, I would stop right now. Also, everything said
on this mailing list is logged and publicly archived, so if something
happened, they could just see your inquiry on our website. I'm going to
give a brief explanation of what I see going wrong; what you do with it
is up to you.
As for your configuration, the biggest problem I see is you have it set
to "WPA Personal". I don't know much about DD-WRT specifically, but WPA
personal is a completely different setup from WPA enterprise, which is
what you want. Therefore, DD-WRT is asking you for all the wrong
settings. What you will want is WPA enterprise, TKIP, PEAP, and
MSCHAPv2. In those settings, you will need enter a username and
password, and probably select a certificate (authority) instead of
entering a pre-shared key (PSK). I do not know the key renewal interval
Furthermore, if you're trying to create an osuwireless SSID, OIT has
their own specific (undocumented) settings you would need to configure.
I think you will need a signed certificate for it to work, but I don't
know the specific settings as to how many certs exist per device.
Instead of trying to connect to osuwireless and share it, you'd want to
consider connecting to a wired connection like most osuwireless routers.
S James S Stapleton wrote:
> I wasn't sure where to go for assistance on this one, and I figured
> since my question involves a popular open source app, and an OSU
> network, this might at least be a good place to check. I doubt 8-help
> covers DD-WRT bridges since they aren't in the web documentation.
> Does anyone have experience using a router with DD-WRT installed as a
> wireless bridge to the OSU network? I have a router (ASUS WL5200GC)
> that I got DD-WRT on, and the firmware is "v24-sp2 10/10/09 micro".
> The set up seems ok. I can navigate through the web interface, it
> asked me to set a user name and password first logon. However, there
> are many options in the setup not listed in the howto page. I was
> hoping, if someone had some work done on this, they could share it.
> The documentation seems to indicate needing a lot of knowledge about
> the server setup for the wireless router you are connecting to. My
> setup doesn't work right now. I'm testing someplace where wireless is
> rarely used, and I'd like to have this configured before I go to some
> place it is used a lot, so I don't accidentally interfere with someone
> else's wireless connection.
> What I've tried so far (??? indicates things I'm suspicious about).
> <This indicates a configuration page>, [this indicates a setting I've
> <wireless->wireless security>
> Security Mode: [WPA Personal[
> WPA Algorithms: [TKIP]
> WPA Shared Key:  #???
> Key Renewal Interval (in seconds):  #???
> ??? Should I enable MAC RADIUS client, since some setup guides mention
> using "WPA RADIUS" ???
> <wireless->basic setting>
> Wireless Mode: [client]
> Wireless Network Mode: [mixed]
> Wireless ssid: [osuwireless]
> Sensitivity Range (ACK timing):  #2000 is the default, WIKI
> suggests using 0 on a bridge except for long distances.
> Network Configuration: [bridged]
> <setup->basic setup>
> Connection type: [DHCP]
> -Jim Stapleton
> Opensource mailing list
> Opensource at cse.ohio-state.edu
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 5284 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.cse.ohio-state.edu/pipermail/opensource/attachments/20100222/77ddf6c2/smime.bin
More information about the Opensource