Kafka - Wireless Gateway

Name: Kafka
Function: Wireless Gateway
Specs:
IBM Thinkpad 770
233Mhz Pentium II
128MB Crucial PC2100 RAM
4GB HDD

I found myself getting increasingly tired of wires, and as I had just got broadband, decided it was time to go wireless. My main router is a Cisco 827, which is connected to a 10/100 switch. The wireless gateway is then connected to the switch on one side, and has a Proxim RangeLAN-DS PCMCIA 802.11b wireless adaptor, which is flashed with the latest firmware I could get my hands on (1.8.0 IIRC), enabling the HostAP mode. I had to flash it under Linux, and then installed OpenBSD 3.7 later on.

I have to confess I had quite a few problems getting this going with the Xircom CreditCard PCMCIA Ethernet adaptor I was using, so have had to use a Netgear FA101 USB adaptor in the end which worked like a charm (though I would rather not use USB, but needs must). The OpenBSD install was fine, and I managed to get OpenVPN installed, obviously I didn't install X. Configuring it properly was somewhat of a pain; I eventually resorted to using a rather good guide, detailing how to setup a Wireless Gateway using both authpf and openvpn (I was originally only planning on using authpf), for an ultra secure wireless network.

The only slight annoyance with this setup is that in order to use the wireless, I have to first authenticate using SSH, then start OpenVPN, rather than it all being automated in the background. I may try and use SSH keys to get the authentication to happen automatically, and then add OpenVPN to my /etc/init.d scripts.

The wireless gateway also runs as a syslog server, collecting logs from my router, and potentially any other servers I put on my network, giving me a central point to monitor the logs. Some people don't like to use the syslog server, as it is potentially open to a DOS attack by an attacker continually sending masses of fake logs to the server, eventually using up all of the disk space, and killing the server. I have my logs on a separate partition though, so this should at least help alleviate the issue.