Chapter 6. Configuration Examples
Connecting Remote Wired LANs
Unencrypted Point-to-Multipoint
To connect two or more wired LANs that are physically remote from one another, the simplest
configuration is as follows:
1. Attach a BreadCrumb device to each LAN using the BreadCrumb devices’ ethernet interfaces.
2. Configure the LAN-connected BreadCrumb devices to use Bridge Mode reachback over ethernet.
3. Add intermediate BreadCrumb devices as necessary to cover the distance between/among LANs.
4. If you do not want support for wireless clients using the BCWN, disable the Access Points on each
BreadCrumb radio.
Note: This will prevent wireless clients from using the BCWN to transmit data, but will not prevent wireless
monitoring of traffic. For encrypted point-point links, see the Section called Encrypted Point-to-Point.
5. For further security, enable ACLs and/or WEP to prevent other devices from accessing the BCWN.
Note: This will only protect your traffic from inadvertent or casual monitoring. For encrypted point-to-point
links, see the Section called Encrypted Point-to-Point.
Encrypted Point-to-Point
Two wired LANs that are physically remote from one another can be connected with all wireless traffic
encrypted using AirFortress, provided that the following conditions are met:
1. The two wired networks use different address ranges.
2. Neither of the two wired networks uses the 10.0.0.0/8 address range.
For example, Network A could use 192.168.1.0/24, while Network B uses 192.168.2.0/24.
The simplest configuration for this scenario is possible when one of the networks (Network B) is a
consumer of services provided by the other network (Network A). That is, Network B initiates
connections to Network A, but Network A does not initiate connections to Network B.
43