Help with Router and Switch Question Please

[CounTDookU23]

At work we have Ethernet at each work desk. This was fine for my one computer. But now I share my workspace and customers were asking for wireless when they sit in the showroom.

So here is what I did.
- I ran the ethernet into the proper connection port on back of switch.
- Ran 3 lines from the switch to 3 computers in the room. (hardwired)
- Used the 4th port on switch to give the wireless router a line for wirless broadcast.
This is perfect for me..... all the connections work fine.

The only problem is that using the Netgear instructions to reach the configuration menus does not work. I think it has something to do with the fact that the router is not using the line directly from the wall..... instead fed from the switch.

I tried to eliminate the switch altogether...... but for some reason when I plug the router directly to the wall all the computers on my network disappeared. I tried Public, Home and Work. But no other machines in our office would appear. This did however allow me to reach the configuration menus on the router.

Is there a way to access the router menus even when its getting a line from the switch?
I just want to be able to configure it on the fly..... instead of having to reconfigure the wiring just to get in to the menus.

 

[af22]

sounds like you are running a separate wireless network within the wired network.

Basically, you need to disable DHCP and the router functionality of your wireless router.

Do not plug the cable into the "WAN" port on the wireless.

 

[Mackintire]

Unless he has a special "wireless guest configuration isolation" setting. doing what you suggest is going to open the network to the public....which is usually a BAD thing.



My suggestion. Connect your desktop directly into the wireless router to configure it.

Make sure the DHCP is set to auto.

Configure the wireless however you would like.

Plug the network cable into the WAN port of the wireless router.

Disconnect your desktop from the wireless router and connect it back to its normal position.

The only issue you will have, is that you will have to either physically connect your desktop to one of the wireless router's LAN ports to configure it OR wirelessly connect to the wireless router to configure it.

So this is still not a completely secure system. You 'll need to have Vlan capability on your main ethernet switch or more complex equipment to really be completely secure.

But for a non professional type deployment, your equipment and the above advice is fine.

 

[CounTDookU23]

Thanks folks. I will give that a shot. Thank you very much!

 

[jjeff1]

Take that wireless router, and unplug it.

Unless you've properly designed the network, you're allowing anyone access to all your computers on the network, even people sitting in their cars in the parking lot at 3am.

You need to fully understand what it is you're doing (from a liability standpoint, not technical).

I highly recommend you configure the network properly so that no one who uses that guest wireless network has any access to your internal network.

Even if you have your boss sign off on your current configuration, he won't understand what he's signing and you'll still face potential blame when things go wrong, or when someone perceives things to have gone wrong.

tl;dr version - next time someone gets a malware infestation on their work PC, it'll be all your fault.

 

[Electrofreak]

^ Agreed. It's far too easy to set something up that will work, but is going to (not much "probably" about it) bite you in the ass.

Think of setting up open wireless as running a bunch of cat5 cables out the front door in every direction with signs on each that say, "Use our Internet and access our network in any way you please!"

Sure, 9 out of 10 people will use your internet to check the news, and won't bother checking to see what other network resources might be available. But it's that 10th person that will make your life Hell.

If you want to do it right, you'll need to set up a separate Vlan so they can't access the private network, and probably a firewall so that they don't use your connection for some malicious purpose (which is still never a guarantee). Captive portal is also a really good idea so that anyone using the wireless sees a warning and disclaimer.