Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Win PCs over wireless

    Scheduled Pinned Locked Moved WireGuard
    4 Posts 3 Posters 690 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 4
      4o4rh
      last edited by

      I have a few win PCs connecting over wireless connections.
      My understanding is wireless connections can be hacked very easily?

      Should I secure the PCs with a VPN to the pfsense box to mitigate against potential wireless issues?

      If so, I should be seamless to the user i.e. i think the win10 as a inbuilt vpn connection, or would it be better to setup a wireguard connections?

      NogBadTheBadN johnpozJ 2 Replies Last reply Reply Quote 0
      • NogBadTheBadN
        NogBadTheBad @4o4rh
        last edited by

        @gwaitsi Thought about WPA Enterprise which would require the user to have a certificate and valid id on the Radius server ?

        Andy

        1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator @4o4rh
          last edited by johnpoz

          @gwaitsi said in Win PCs over wireless:

          wireless connections can be hacked very easily?

          Yeah if your stupid about it ;) But wpa2/3 with good psk isn't wep that could be hacked in minutes..

          wpa2 and now wpa3 are quite secure if setup correct with unique ssid and strong psk (say 20 characters) Its a one time thing that has to be entered... But sure if you want to go above and beyond could setup eap-tls auth.. Where require a cert to auth with, etc. Can be done pretty easy with the freerad package and AP that support enterprise mode.

          as @NogBadTheBad suggests

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          4 1 Reply Last reply Reply Quote 0
          • 4
            4o4rh @johnpoz
            last edited by 4o4rh

            @johnpoz I'm using WPA2 Personal. Although the OpenWRT supports WAP3, i don't believe the laptops support it. Need to double-check. But thought it is not secure during the initial handshaking. Not really au fait with it, but am paranoid about security - All access points support WPA3 just checked

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.