DHCP/Wireless

All,

I'm looking for a bit of advise here. My network consists of Server

2003 handing out DHCP addresses to clients within my network. I also have a netgear wireless router serving my wireless clients howerver the DHCP address comes from my Server 2003 dhcp server.

My problem: I have my wireless network not broadcasting the SSID, MAC addresses for the wirless cards assigned and 128 bit WEP keys. I'm really tired of the poor performance when copying data to/from wireless clients to servers. I've read a few topics on the internet that have claimed that wep encryption can decrease performance by 50% over wireless.

Is it possible to handle my wlan a little bit different? Maybe turn wep off and turn VPN encryption on with server 2003?

I'm open to any ideas here. JJ snipped-for-privacy@earthlink-nospam.net

Reply to
merc
Loading thread data ...

"merc" wrote in news:1105926452.772974.310950 @z14g2000cwz.googlegroups.com:

Well a VPN connection between client and the server machine is another encryption method of the traffic and prevents eavesdropping on the TCP/IP connection just like WEP for the air waves. WEP does slow the traffic down on copying of data files along with wireless in general. A VPN connection would be OK to replace WEP. IPsec is on the Win 2K3 server and Win2K, XP Pro and Home workstations and can be used over wireless. Now, how much using IPsec is going to speed up things is another story.

Duane :)

Reply to
Duane Arnold

Hey Duane,

Anything better than my 3.5mb (on a 11/54/108 wireless) transfer rate would be great. As I have a basic admin knowledge on Server 2K3, could you give me an idea what I would have to do on the network side?

I've already got DHCP enabled and Remote Routing enabled for VPN access. Is there a way I can tell my DHCP server to not hand out IP addresses unless they are authenticated?

JJ

Reply to
merc

"merc" wrote in news:1106014170.522853.26160 @z14g2000cwz.googlegroups.com:

That's going to have to come from someone with more experience than I. There are a couple of Top Guns floating in the NG on the Admin knowledge. Maybe, they will step in here.

formatting link
The links will give you some help as IPsec is very powerful tool.

You should be able to find articles on Google and Dogpile.com on how to enable and setup IPsec for VPN on the Win 2k3 Server and the client machines such as those that have been discussed.

Sorry, I don't know about issuing DHCP IP(s) to authenticated users, except for the possibility of a Domain controller in the picture. I do know that you can implement the Authenticated User Group account on a NT based O/S share using NTFS. That would mean you remove all accounts from the share and apply the Authenticated Group account on the share with the appropriate permissions and only Authenticated users can access the share. What you could also do is remove the Everyone or Guest account off all folders/directories on NTFS so that they cannot be compromised by someone using the account.

You should look into securing the Win 2k3 O/S from attack like securing the file system, registry, and other things from attack etc. The buck stops at the O/S. There should be plenty of articles out on Google or Dogpile.com.

Duane :)

Reply to
Duane Arnold

so any poor bastard near you unfortunate enough to pick the same channel won't be able to figure out where the interference is coming from?

Anyone who _wants_ to see your SSID can do so, broadcasting or not.

Reply to
Beretta

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.