How can I setup 2 networks so that my wireless users can't access wired users?

Discussion in 'Networking & Security' started by RavinDJ, Oct 27, 2005.

  1. RavinDJ

    RavinDJ 2[H]4U

    Messages:
    3,927
    Joined:
    Apr 9, 2002
    How can I setup 2 networks so that my wireless users can't access wired users?

    All of my computers are wired... but, I would like to give my retired neighbor (he's 64 years old) wireless access. But, I don't want him or anyone else access to my shared files b/w desktop/laptop. So, should I put it on a different subnet? Do I need a 2nd router? Right now, I have the BEFSR41 with a WAP11 AP on 192.168.1.245 with the router on 192.168.1.1 (both are 255.255.255.0 subnet).

    Thanks!
     
  2. winuxgeek

    winuxgeek Limp Gawd

    Messages:
    437
    Joined:
    Mar 31, 2005
    I would setup a DMZ, you can do this by using two physical routers or something like smooth wall with multiple nics. If I were you I would setup smooth wall on a crap old box and install 3 network cards into the old computer. Hooking your cable modem to one of the network cards in the smoothwall box will be like pluggin in your cable modem to the wan port on the back of your router. I would plug your wireless router into to the next nic on your smooth wall box. If your neighbor is the only one using the wireless do the following. Enable WEP, don't broadcast your ssid, filter by mac address, and limit the total number of connections to 1. That should keep your wireless rather secure. With the final network card in the smooth wall box attach either a standard switch or even another router. Smooth wall has built in DHCP support and it will allow you to set a range of ips.Hard wire all your home computer to the switch and your in business.

    check out www.smoothwall.org
     
  3. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    Some other methods..Sonicwall routers have a mode where wireless users can log in as guests...and not access the rest of the LAN

    Or get a switch that supports VLANs...uplink from your router, and create a couple of VLANs with the router as a member of both.
     
  4. GtrMan

    GtrMan n00bie

    Messages:
    10
    Joined:
    Jun 18, 2004
    I'm doing pretty much the same thing with 2 nat routers in my linksys minirack.
    http://www.grc.com/nat/nat.htm
    Just by the way nat routers work they'll keep all wireless activity off your wired network unless your wired network requests a connection through it. Follow that link and there are all kinds of pretty pictures describing the setup.