using a proxmox-host as a WLAN-bridge and security

MOS6510

New Member
Mar 12, 2023
1
0
1
I use a little NUC with an integrated Wifi-module as a proxmox-host. On the proxmox-host runs a "home assistant"-VM.
Because a "shelly EM"-sensor is too far from my Wlan-router, i placed my NUC nearer to the shelly EM, to have a better Wifi-connection from my NUC to the sensor.
The NUC is connected over LAN to my router.

Like this:

|Laptops/Smartphones/Sensors| - - WLAN1 - - |Router(with DHCP-Server)| ---LAN--- |NUC (with "home assistant"-VM)| - - WLAN2 - - |shellyEM-Sensor|

My Goal is to communicate from the "Home Assistant"-VM with this shellyEM-sensor and all the other sensors connected to my router.
And i wanna access all devices (shelly EM included) from every PC/Laptop of my Home-Network beeing all devices in the same subnet.

My solution on the proxmox-host is:

apt update
apt full-upgrade
apt install hostapd
nano /etc/hostapd/hostapd.conf


interface=wlp2s0
bridge=vmbr0
driver=nl80211
country_code=DE
ssid=augen
hw_mode=g
channel=6
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=*****************
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP

systemctl unmask hostapd
systemctl enable hostapd
cd /etc/systemd/network/
nano vmbr0.network


[Match]
Name=vmbr0

[Network]
DHCP=yes

nano vmbr0.netdev

[NetDev]
Name=vmbr0
Kind=bridge

nano eno1.network

[Match]
Name=eno1
[Network]
Bridge=vmbr0

systemctl enable systemd-networkd
nano /etc/network/interfaces


auto lo
iface lo inet loopback

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet dhcp
bridge-ports eno1
bridge-stp off
bridge-fd 0

This works till now well.
But i am a Linux-beginner and not a network expert.

My question is:

Is this a secure implementation of the Wlan-bridge or is there a vulnerability?
 
Last edited: