I have two questions regarding the Minitar AP (b) [MNWAPB].

On this page http://members.iinet.net.au/~clark/FreeNet...itar_mnwapb.htm the reviewer notes that the device uses MAC Address Translation.

Does the latest version of the firmware still do this?

I am asking because I have written a Wirless Captive Portal and the wireless client's MAC address is critical to it's security.

I am also enquiring wether the following scenario would work using 2 of these units

I wish to configure these 2 units to connect as wireless realy clients to an existing unit (Netgear WGT625) and effectively extend the coverage, obvoiusly the Channels of each will be 1, 6 and 11 (there are no other APs in range that will affect them).

If you could help me out, I would be most appreciative.
Thanks
Kaden Napper
MSG-ME

Mac trans is Long gone
2.49 and 2.53 its gone

I have recieved this from "Brad Hosking - Minitar Support"



Thanks brad for your reply.

RE: Q1 - When a packet is travelling from the wireless network to the wired network, is it's MAC address replaced with the MAC address of the AP and does this happen the opposite way around as well? This is assuming no security options set on the AP.

RE: Q2 - The Netgear AP does not support any of those modes are there any other options to wirelessly extended the network?

Thanks again for your time.

What Brad is referring to there is MAC address filtering for security. The source-MAC rewrite is gone in the latest firmware's as Hex has suggested. Sorry for the confusion.

WDS mode will only work if ALL AP's in the network support WDS. Unfortunatly if your Netgear doesn't support WDS then the only option you have is the run ethernet between the AP's or replace the Netgear with an AP that does support it.

Also, hopefully you are not relying on MAC address's for security with your captive portal as they are easily spoofed and altered on all modern Wifi cards. It is a very insecure mechanism to rely on and you should be using something along the lines of IPSec or at least some SSL-based login mechanism with dynamic-firewall rules.

S.

hehe yeah i am not relying on it.

Here is the run down, its a captive portal

firewall captures all traffic on port 80 and redirects it to the local webserver, the user is then authenticated over https

a rule is added to bypass the capture and forward traffic to the internet

a popup window is launched and it refreshes every 5 secs, if the window does not refresh in 15 secs (ie out of coverage or shutdown computer) the rule is dropped and the firewall captures traffic again.

I have the system up and running with a single access point, however i think i will buy 3 minitar aps (coz they are so cheap) and make them relay signals with each other.

I am actually looking to see if i can implement that on the hardware of this AP, but that is not a critical thing at the moment.

Thanks for the feedback, i am off to buy a couple of APs.

Thanks
Kaden

I have just recieved my units, plugged them in, rtm and got them up and running and they work perfectly so far!

Good to hear mate. Let us know if you have any questions.

S.

kadennapper do you have plans to sell or release your software because I am interested!

I am unsure of the forum rules regarding this sort of thing, so admins let me know if this is inappropriate.


The software which is designed by me is currently owned by my current employer as I developed most of it using work time.

However I am trying to get them to allow me to release it in an open source type arragement.

Additionally I am investigating the suitability of these MNWAPB AP's for an AP based captive portal

I will keep you posted in this forum if I get any news.

Open Source would be good mate, though I imagine you would be competiting with the likes of NoCatAuth ? Might be more room in a commercial environment for a product like that actually.

But yeah, lets try to keep ontopic :-)

S.