The pfSense Store

Author Topic: how to add wi-fi to pfsense in an anti-KRACK way ?  (Read 224 times)

0 Members and 1 Guest are viewing this topic.

Offline krack-question

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
how to add wi-fi to pfsense in an anti-KRACK way ?
« on: November 09, 2017, 04:25:23 pm »
i am aware of the latest vulnerability in WPA2

what are the options for adding wi-fi to a pfsense box which won't introduce a KRACK vulnerability?

so far it seems the options are:
 - add a patched ARM-router with wi-fi
 - add a patched access point
 - add a wireless network card to pfsense

any others?

would i be able to simply connect something like this to pfsense, to enable wi-fi, with pfsense handling the wi-fi handshake:
http://s7.vzw.com/is/image/VerizonWireless/belkin-n600-dual-band-plugin-wifi-range-extender-F9K1122-iset?$acc-lg$&fmt=jpeg
?

thanks!

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14479
  • Karma: +1342/-200
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: how to add wi-fi to pfsense in an anti-KRACK way ?
« Reply #1 on: November 17, 2017, 04:31:31 am »
Is this AP you going to be using a wifi client itself, ie wireless uplink vs a wire? 

AP are only open to this krack is if they are using wireless uplink, ie they are a wifi client themselves.  If your AP is connected to the network with a wire - and not acting as a wifi "client" then it is not open to this problem..

You need to make sure all your wifi clients are patched..

When using a AP, pfsense has zero to do with wireless.  A wireless extender is something that would be open because it has a wireless uplink.. If you are using any of those in your wifi then yes they should be patched.
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.3.4_p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)