09-18-2002 06:33 AM - edited 02-20-2020 10:15 PM
I am looking to deploy a PIX with the inside interface facing outside to allow for DHCP addresses to be assigned to Wireless clients. I will be deploying ACL's to restrict access on both interfaces, but am looking for confirmation that there will be no information "leakage" with having the higher security level interface providing access to the dirty side.
09-19-2002 01:09 PM
Matthew,
For the sole purpose of deploying the DHCP services on the firewall you are willing to jeopardize your security? How do you make sure that only authorized wireless users are provided with an IP address? Be very careful in deploying such a setup. They call wireless LANs not for nothing 'a wire on a parking lot'.
You might want to look into Cisco LEAP offering regarding wireless access.
09-19-2002 01:32 PM
I hadn't explained the design fully, insofar as once the DHCP server has assigned an IP address, the wireless user can only gain access to the network through a correctly configured VPN client, with the appropriate one-time password. My design has been to address the "wire on the lot" situation!
Any thoughts on my original query?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide