Hello All,

I've been running an FC3 router/firewall for a while now. This box uses pppoe to connect to my ISP over eth0 and runs dhcpd for clients coming in over a switch on eth1 (192.168.1.0/24).

Routing, firewall rules and additional services are running fine.

Now I want to add a third NIC (wireless) to expand my home network. The way i see it is to create a new network (192.168.2.0/24) for this card and add the firewall rules and routing entries and all is taken care of.

The issue I'm trying to prepare for is securing access through this new network. Can I use RSA keys? MAC Addresses? What-ever-works to specify which hosts are allowed to associate with the router and get served and IP address? Where should I take care of this (dhcpd?).

Next in line is the subject of encrypting the communication between the different authorized hosts on this new network (192.168.2.0/24).

And of course, where can i find some good resources about this subject?

Recommendations are appreciated and thanx in advance

Moved: This thread is more suitable in Wireless Networking and has been moved accordingly to help your thread/question get the exposure it deserves.

Securing dhcp won't really do much since anyone could easily set a static IP address. It would be better to secure the wireless access at the wireless access point by mac address and an encryption key.

Regarding the encryption, you could have a look at something like the "hostapd" project, which enables very secure encryption types (e.g. WPA2). IMHO, encryption should really be your first priority, it's the best defense against intrusion attempts.