Client Repeaters

[NetSaber777]

So I have a router, and my folks have another router... I'm looking to setup my laptop outside the range of their initial router, and I'm doing it on a budget. We've got a linksys and I was planning to throw DD-WRT on it. My question is simple, but I expect an overly complex answer. :)

Can I hide my router with my laptop's MAC and IP address, and create my own leach network on the side. I believe it's called a client bridge, but I want a second opinion.

Here's the catch, I don't know if our security for our business is going to be an issue. We're using SecureW2: SecureW2 EAP-TTLS. I have my own login information for it, but can I give the DD-WRT router my login information to complete the client bridge? Is it possible?

[Infiltrator]

From what I understand, you want to create two subnets and be completely isolated from one another.

How far apart are the two wireless routers?

Edited February 22, 2012 by Infiltrator

[NetSaber777]

From what I understand, you want to create two subnets and be completely isolated from one another.

How far apart are the two wireless routers?

Exactly, I'm looking to add only an extra 20 feet or so. I can't move the host router.

[NetSaber777]

I also cannot touch the settings on the host router (curveball).

[digip]

Try http://lifehacker.com/5563196/turn-your-old-router-into-a-range+boosting-wi+fi-repeater if that is what you are after, but if you want two separate subnets, let the second router bridge to the first and get an IP on its outer interface from the first router, then you can have your own subnet on the second router via nat. If strictly a repeater, I believe you share the same subnet as the first router.

If the first router is doing the SecureW2 EAP-TTLS setup, not sure if you can connect the second router to it. They might need a client/server/certificate handshake/exchange, and I don't know if that would work or is possible with DD-WRT side. Might need a physical workstation with two wireless cards to bridge them vs a router if it would have to be both a client and server of this SecureW2 setup. This is what I am referencing - http://www.securew2.com/node/2

[NetSaber777]

Try http://lifehacker.com/5563196/turn-your-old-router-into-a-range+boosting-wi+fi-repeater if that is what you are after, but if you want two separate subnets, let the second router bridge to the first and get an IP on its outer interface from the first router, then you can have your own subnet on the second router via nat. If strictly a repeater, I believe you share the same subnet as the first router.

If the first router is doing the SecureW2 EAP-TTLS setup, not sure if you can connect the second router to it. They might need a client/server/certificate handshake/exchange, and I don't know if that would work or is possible with DD-WRT side. Might need a physical workstation with two wireless cards to bridge them vs a router if it would have to be both a client and server of this SecureW2 setup. This is what I am referencing - http://www.securew2.com/node/2

Thanks man, I'm starting to get that feeling. I gotta figure out the handshake, maybe someone has figured out a plugin or something for DD-WRT(wishful thinking).

Still open to ideas.

[hexophrenic]

I know I am a little paranoid, but this seems like a how do I implement a rogue access point somewhere other than my parents house. You should be very careful about what you are asking and doing so as to not get yourself into trouble if that is the case. I mean, how many parents really run EAP-TTLS at home or have equipment that natively supports it? If that is not the case, good luck with it. I suspect if your parents are implementing at that level, they may have other mechanisms with which to catch you.

[digip]

I know I am a little paranoid, but this seems like a how do I implement a rogue access point somewhere other than my parents house. You should be very careful about what you are asking and doing so as to not get yourself into trouble if that is the case. I mean, how many parents really run EAP-TTLS at home or have equipment that natively supports it? If that is not the case, good luck with it. I suspect if your parents are implementing at that level, they may have other mechanisms with which to catch you.

If his parents run a business from home (like I do) and for whatever reason require secure access to their network, then yes, they may be doing this at home, but I see your point. Most homes aren't rolling certificate/radius types of access and while it does sound fishy, whatever he does is on his own accord and if he gets arrested, well, that is all on him.

[hexophrenic]

As someone who has also ran a business out of their home, though, I always segmented personal and business use internet through different providers when possible, or on at least isolated networks. Either way, it seems that the separation is intentional and if his/her parents were okay with it then they would probably be helping out. Each to their own, but we gray the ethical lines at times, unnecessarily occasionally.

[NetSaber777]

Thank you all for the concern. It does sound very much like a rouge access point (reading my own posts makes me sound way outta place). We have a router literally built into the wall of our business/house (worst architectural design ever...of all time...). Given my natural "curiosity", they don't want me touching it, since I've had a string of bad luck with bricking old routers exploring DD-WRT. Everyone on the network uses the SecureW2 so that we can all know who is doing exactly what. I'm trying to transfer the appearance of my laptop as a client to the router, keeping the WPA encryption. Then use the router to throw my connection the little extra distance to my room.

[Infiltrator]

I was wondering about that too, why would someone use someone's else network for doing their business. I would not want someone else snooping on my business traffic. I'd definitely subscribe for an ADSL line, rather than using/sharing it with someone else.

Something doesn't sound too right in this whole story.

[NetSaber777]

It's impossible. Client repeats must have mutual consent from the AP, so I'm dead in the water. This functionality is required in router firmware (including DD-WRT) apparently due to FCC regs on signal noise and security.

Thanks for your time.

[Infiltrator]

It's impossible. Client repeats must have mutual consent from the AP, so I'm dead in the water. This functionality is required in router firmware (including DD-WRT) apparently due to FCC regs on signal noise and security.

Thanks for your time.

It would be a wise idea, to subscribe for your own line, it would be more convenient for you, and plus you won't have to worry about much configuration.