LISTSERV - PCBUILD Archives - LISTSERV.ICORS.ORG

PCBUILD Archives

Personal Computer Hardware discussion List

PCBUILD@LISTSERV.ICORS.ORG

	LISTSERV Archives
	PCBUILD Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Isolate wireless and local lan on same router
From:	Andrew Castiglione <[log in to unmask]>
Reply To:	Personal Computer Hardware discussion List <[log in to unmask]>
Date:	Tue, 17 Jul 2012 10:50:53 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (81 lines)

Hi!

Have you had look at Tomato firmware for that router?

Better than the Linksys/Cisco firmware.

Cheers!

Andy

-----Original Message-----
From: Personal Computer Hardware discussion List [mailto:[log in to unmask]] On Behalf Of [log in to unmask]
Sent: Monday, July 16, 2012 9:36 AM
To: [log in to unmask]
Subject: Re: [PCBUILD] Isolate wireless and local lan on same router

  This device probably cannot do what you ask without some help.  

  Most "SOHO" (Small Office/Home Office) routers these days include both wireless and 1, 4 or 8 wired (Ethernet) ports.  But the way this is implemented is that "under the covers" ou really have a 2-port router (one interface to connect to your ISP and the other to your local
network) and, within the same case, a *switch* (also occasionally called a "bridge") which functions like a smart hub connecting the wireless interface and those wired LAN ports into a single network.

  I think your simplest solution is to use two devices.  One connects to your ISP and provides wireless and wired ports.  The second, which should NOT provide wireless, plugs into a LAN port on the first, and provides your wired LAN ports.  (I have a NetGear 8-port gigabit switch which looks a lot like their routers, but you want this second device to actually do routing, and preferably firewalling as well, so that would NOT be an appropriate "second device"...)
  Each of these devices will have one "uplink" port that could receive its configuration via DHCP, and each device will serve DHCP to its client ports.  So you'll have two networks with separate address ranges and DHCP "scopes".

Device "1"

  "WAN" port to ISP
  "LAN" address 192.168.1.1, mask 255.255.255.0, providing addresses
192-168.1.2 through 192.168.1.200 to DHCP clients (wired and wireless)
-- these clients will receive 192.168.1.1 as their "default gateway address", which you might need to configure.
  (I've left addresses 192.168.1.201 through 192.168.1.254 unassigned, in case you need to host a server or two on your network.  These are private addresses, but if you get static addresses from your ISP, the router can be configured to make them reachable from the Internet.)

Device "2"

  "WAN" port to a LAN port on device "1" -- this could rely on DHCP, or you could configure it to use 192.168.1.254 and mask 255.255.255.0
  "LAN" address 192.168.2.1, mask 255.255.255.0, providing addresses
192.168.2.2 through 192.168.2.200 to wired clients only -- these devices will see/use 192.168.2.1 as their default gateway address.  Again the router may fill this in automatically, or you might have to configure it.
  (I've left addresses 192.168.2.201 through 192.168.2.254 unassigned, in case you need to hook up a networked printer or storage drive on your network.  These are private addresses, and behind the second router it may be a bit challenging to make them reachable from the Internet.)

  Oh -- These small routers generally have NAT (Network Address
Translation) enabled by default -- check that it is, and if it isn't the enable it.  THIS is what keeps outde devices from initiating connections to devices on the inside even if the router isn't also doing firewalling.

  As Mark Rode has indicated, it's possible to do all of this in a single device from a company like Cisco.  But that single device will probably cost you several times as much (even if you buy used or on
eBay) and you'd want a Cisco-certified tech to set it up for you.  I'd recommend that approach if your ISP connection were a T1 line or one of their higher bandwidth offerings.  They do make models which can connect to DSL, and it's possible that the business has other security needs that would justify the expense.

David Gillett, CISSP CCNP


-------- Original Message --------
Subject: [PCBUILD] Isolate wireless and local lan on same router
From: Brad Feuerhelm <[log in to unmask]>

Hey all,

I have an WRT320N wireless router.

I want to isolate the wireless part from the local LAN. The wife runs a business from home and has customers come here. Which she want to be able to have customers or family members access internet but not have access to the local LAN. I know this can be done with two routers but can it be done with one router?

Right now we are using the wired LAN and not the wireless, except for the wife's tablet. But she doesn't use it much. So everything is located

on the local LAN. So I do want to get the wireless setup so nobody can access it while they are accessing the internet. I do at the moment have

it setup so you need a key to access. But if I give out that key then they have total access to the LAN network.

If it can be done I will need some hand holding to do it I think. My network knowledge is fairly basic in nature.

If you need more info let me know.

Thanks

Brad Feuerhelm


         PCBUILD maintains hundreds of useful files for download
                     visit our download web page at:
                  http://freepctech.com/downloads.shtml

                         PCBUILD's List Owners:
                      Bob Wright<[log in to unmask]>
                        Mark Rode<[log in to unmask]>

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG