The Downside to VPNs
The primary concern for wireless users when a VPN is in place is roaming between APs. Any solution that relies on higher level encryption has the potential to break when users roam across APs. For example, IPSec (Layer 3) will break if a user roams to a new AP and is assigned a new IP address. While there are some third-party solutions for this problem, another recommendation (if physically possible) is to use a single subnet and connect all of the APs to a single switch or hub.
By centralizing the DHCP function (as opposed to each AP independently handing out IP addresses), you will ensure IP address consistency when you roam from one AP to another. Clearly, there are scalability issues with this solution, but it may be ...
Get How Secure Is Your Wireless Network? Safeguarding Your Wi-Fi LAN now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
