Xyon (xyon) wrote,

  • Mood:
Our network has a new addition of a wireless authentication gateway running OpenBSD using authpf.

The good news: we got it to bridge (as opposed to NAT) yesterday.

The bad news: When we make the default behaviour to not allow wireless traffic to leave the wireless subnet nothing works. When a user authpf authenticates the logs don't show the packets being dropped, and tcpdump from the wired network shows them getting to their destination, but the icmp echo replies/tcp acks are not making it back through, and we can't figure out why.

I think that using the 10% smarter rule we might not be able to solve this problem.

"In order to use any type of device successfully, one must be at least 10% smarter than said device" -- the 10% smarter rule.
  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.