[plug] Internet Kiosk/Gateway
William Kenworthy
billk at iinet.net.au
Fri Jan 25 20:48:26 WST 2008
On Fri, 2008-01-25 at 12:15 +0200, Tim White wrote:
> The organisation I'm with atm, is looking at providing students with
...
>
> I'm yet to see the machine it'll be running on, but it's most likely
> going to be a single NIC, with the router on the physical network (so if
...
If you have access to the infrastructure:
If the router/switch can do it, look for dot1q vlans to overcome the
single NIC limitation - linux works fine with them (with cisco switches)
for me. I am using a single NIC machine to route 4 networks including
ADSL and wireless links - no real performance hit noticed by users even
transferring large MM files. Not going to be too many script kiddies
connecting their own machine and being able to get it to work (!)
Also look at switch port based access control - you can tie it to a MAC
address or possibly use remote authentication depending on the available
sophistication.
If you dont:
One item I used on a recent trip to Thailand was an openvpn link back to
my home machine so I could safely use open hotspot wireless points. You
could do the same with the kiosks - vpn them back to your proxy and
block everything bypassing the vpn. You then "own" the network -
problem solved!
vpn's can have problems with low bandwidth circuits (I think the whole
of Thailand uses a single dialup modem to connect to Oz!!!) so some work
to tune everything may be needed if thats a consideration
BillK
More information about the plug
mailing list