In part the reason CAcert exists is because very early on I realised how much a waste of time many of the security features that existed in the devices at the time (and even now still to a large extent).
Later on 802.1x came into the picture, but that has numerous complications with prerequisites with requiring you to setup RADIUS depending how you decide to go about configuring everything.
It’s worth noting that over the last few years the prices on access point routers have been dropping to the point that they can be now had in Australia for about the AU$100 price point (about US$50-70), the other interesting thing to note is that a number of companies making these devices ended up using linux on them rather then writing a custom OS which in turn lead to them being forced to release source code under provisions in the GPL.
This is where things start to get very interesting because on one hand we have cheap off the shelf small form factor devices and on the other we have th complete source code and tools to make customised firmware versions. These two events lead some smart cookies to take the sources and build up some amazing functionality along the way by taking software in the world of linux software.
So a long story short this is good news for people looking to better secure their wireless network and in such an easy and simplistic manner, via OpenVPN and these embedded devices, OpenVPN is a great choice because it seems as good as IPSec in terms of security, unless you happen to have state secrets to guard and I’m sure there are better options available from commercial vendors.
I’ve just spent the last couple of days experimenting with a Linksys WRT54G and managed to string together a guide on setting up a wireless access point router with OpenVPN and getting a linux laptop to talk to it as well.