DHCP is provided to wireless machines through the ISC DHCP server; if your distribution doesn't have a package for it (which would really be unusual), grab it from http://www.isc.org/.
Because of the difference in the network numbering schemes between OpenVPN and IPSec, we will present a DHCP configuration for each case.
authoritative; # We are (or should be) the only DHCP server default-lease-time 600; # Ten minutes max-lease-time 3600; # One hour subnet 10.42.1.0 netmask 255.255.255.0 { # Do not hand DHCP leases out to machines we don't know. deny unknown-clients; # Add one host entry for each wireless machine that will be using the # network. host <hostname> { hardware ethernet <mac-address>; } # Change the starting and ending IP addresses as you wish # to allow more or fewer hosts. range 10.42.1.10 10.42.1.20; # The broadcast address of the physical network. option broadcast-address 10.42.1.255; # The default gateway for packets. option routers 10.42.1.1; # Your DNS server(s). option domain-name-servers <dns_1>, <dns_2>, ... ; }
authoritative; # We are (or should be) the only DHCP server default-lease-time 600; # Ten minutes max-lease-time 3600; # One hour subnet 192.168.1.0 netmask 255.255.255.0 { # Do not hand DHCP leases out to machines we don't know. deny unknown-clients; # Add one host entry for each wireless machine that will be using the # network. host <hostname> { hardware ethernet <mac-address>; } # Change the starting and ending IP addresses as you wish # to allow more or fewer hosts. range 192.168.1.10 192.168.1.20; # The broadcast address of the physical network. option broadcast-address 192.168.1.255; # Your DNS server(s). option domain-name-servers <dns_1>, <dns_2>, ... ; }
If you are running other services (WINS, NTP, etc.) on your network, add options for them as well; a complete list of options can be found in the online documentation.
When starting the server, use the -i option to tell it to listen only on the interface connected to your 802.11 access point; for example, if the AP is connected to eth1, invoke the server with -i eth1.