I have a suspicion that this is a stupid question. Hopefully that means a short, simple answer. The objective is to a combine a bridge/transparent firewall with an unmanaged switch / access point.
So, one machine running a dhcp server. This one definitely needs an IP.
A cable goes to a second machine, a firewall, which doesn't need an IP.
If another cable joins this firewall to an access point, to which various laptops connect, does the AP itself need an IP?
The appeal to a bridge firewall is that since it doesn't have an IP, it's rather difficult to attack it directly. I'd like to set up a small box with a wired nic, and a separate wireless nic, as an access point with basic firewalling rules built in. This is also possible. However I'd also like it to lack an IP, in order to make it difficult to compromise the AP itself in the same fashion as the transparent firewall.
Is this idea sound, if unusual?
Cheers
So, one machine running a dhcp server. This one definitely needs an IP.
A cable goes to a second machine, a firewall, which doesn't need an IP.
If another cable joins this firewall to an access point, to which various laptops connect, does the AP itself need an IP?
The appeal to a bridge firewall is that since it doesn't have an IP, it's rather difficult to attack it directly. I'd like to set up a small box with a wired nic, and a separate wireless nic, as an access point with basic firewalling rules built in. This is also possible. However I'd also like it to lack an IP, in order to make it difficult to compromise the AP itself in the same fashion as the transparent firewall.
Is this idea sound, if unusual?
Cheers
Last edited: