How to add wi-fi to pfsense in an anti-KRACK way ?



  • i am aware of the latest vulnerability in WPA2

    what are the options for adding wi-fi to a pfsense box which won't introduce a KRACK vulnerability?

    so far it seems the options are:

    • add a patched ARM-router with wi-fi
    • add a patched access point
    • add a wireless network card to pfsense

    any others?

    would i be able to simply connect something like this to pfsense, to enable wi-fi, with pfsense handling the wi-fi handshake:
    http://s7.vzw.com/is/image/VerizonWireless/belkin-n600-dual-band-plugin-wifi-range-extender-F9K1122-iset?$acc-lg$&fmt=jpeg
    ?

    thanks!


  • LAYER 8 Global Moderator

    Is this AP you going to be using a wifi client itself, ie wireless uplink vs a wire?

    AP are only open to this krack is if they are using wireless uplink, ie they are a wifi client themselves.  If your AP is connected to the network with a wire - and not acting as a wifi "client" then it is not open to this problem..

    You need to make sure all your wifi clients are patched..

    When using a AP, pfsense has zero to do with wireless.  A wireless extender is something that would be open because it has a wireless uplink.. If you are using any of those in your wifi then yes they should be patched.


Log in to reply