Soekris access point
IEEE 802.11b WLAN access point / bridge / router / media converter
Hardware
Soekris Engineering Net4501 is a i386-compatible single board computer with
- AMD ElanSC520 CPU (133 MHz 486-class CPU)
- Three DP83815 10/100 ethernet chips
- Serial console for management
- 64MB of RAM
- Compact flash slot for mass storage
Additional hardware
- Soekris Engineering vpn1201 crypto card
- D-Link DWL-520 wireless card
Software
The Net4501 board is running a stripped down version of
OpenBSD. The OS supports
- IEEE 802.1q VLANs
- Ethernet, WLAN and VLAN bridging
- Stateful packet filtering (pf)
- Static, dynamic and hide NAT (pf)
- Packet filtering (pf) in bridge mode (invisible firewall)
- WLAN access point features Ad-hoc, iBSS and a true BSS mode
- Rock solid, standards conforming IPsec implementation
- IKE authentication with X.509 and preshared secrets
- Online certificate enrollment using SCEP (*)
- Hardware based acceleration for DES, 3DES, and MD5 via vpn1201
- SNMP v1/v2c/v3 agent (standard mib-II and snmpv3 mibs) (*)
- DHCP server
(*) Not in base OpenBSD distribution
And here's the dmesg from a currently running system.
Future work
- IEEE 802.1x authenticator support
- Web interface for pf and isakmpd
- mini_httpd is small enough and has SSL and CGI support.
- CGIC can be used to write CGI modules (Yes, apache+perl+php is too bloat..)
- Command line interface (nsh looks very promising)
Related sites
Last updated Jan 25, 2003
Home