Netgate SG-1000 microFirewall

Author Topic: how to add wi-fi to pfsense in an anti-KRACK way ?  (Read 344 times)

0 Members and 1 Guest are viewing this topic.

Offline krack-question

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
how to add wi-fi to pfsense in an anti-KRACK way ?
« on: November 09, 2017, 04:25:23 pm »
i am aware of the latest vulnerability in WPA2

what are the options for adding wi-fi to a pfsense box which won't introduce a KRACK vulnerability?

so far it seems the options are:
 - add a patched ARM-router with wi-fi
 - add a patched access point
 - add a wireless network card to pfsense

any others?

would i be able to simply connect something like this to pfsense, to enable wi-fi, with pfsense handling the wi-fi handshake:$acc-lg$&fmt=jpeg


Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15520
  • Karma: +1440/-207
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: how to add wi-fi to pfsense in an anti-KRACK way ?
« Reply #1 on: November 17, 2017, 04:31:31 am »
Is this AP you going to be using a wifi client itself, ie wireless uplink vs a wire? 

AP are only open to this krack is if they are using wireless uplink, ie they are a wifi client themselves.  If your AP is connected to the network with a wire - and not acting as a wifi "client" then it is not open to this problem..

You need to make sure all your wifi clients are patched..

When using a AP, pfsense has zero to do with wireless.  A wireless extender is something that would be open because it has a wireless uplink.. If you are using any of those in your wifi then yes they should be patched.
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-3100 Delivered 3/19 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)