Friday, August 24, 2018

how do I properly secure an outdoor access point?

Hello,

so I have an outdoor AP (TPLink TL-WA7210N) on my barns wall. The barn is 30meters away from the main house.
The AP is connected via ethernet cable that is digged into the ground to my switch (CISCO 2960) in the house.

My scenario would be:

How do I secure my AP so that only traffic coming from the AP's MAC-address will be allowed to flow through?

I want to avoid that someone just disconnects physically the AP and connects his own device to the ethernet cable, gets an IP address assigned via DHCP and is then sitting in my internal network.

My idea was to configure and enable port security on the interface on the switch and only allow 1 MAC-address (the one of the AP).

But this doesn't work, as it seems that the AP operates as a switch too and not as a router.
I have found out, that the switch learns all mac-addresses of all wireless devices that connect to the AP.

How is this done properly?



No comments:

Post a Comment