How can I setup 2 networks so that my wireless users can't access wired users?

RavinDJ

Supreme [H]ardness
Joined
Apr 9, 2002
Messages
4,440
How can I setup 2 networks so that my wireless users can't access wired users?

All of my computers are wired... but, I would like to give my retired neighbor (he's 64 years old) wireless access. But, I don't want him or anyone else access to my shared files b/w desktop/laptop. So, should I put it on a different subnet? Do I need a 2nd router? Right now, I have the BEFSR41 with a WAP11 AP on 192.168.1.245 with the router on 192.168.1.1 (both are 255.255.255.0 subnet).

Thanks!
 
I would setup a DMZ, you can do this by using two physical routers or something like smooth wall with multiple nics. If I were you I would setup smooth wall on a crap old box and install 3 network cards into the old computer. Hooking your cable modem to one of the network cards in the smoothwall box will be like pluggin in your cable modem to the wan port on the back of your router. I would plug your wireless router into to the next nic on your smooth wall box. If your neighbor is the only one using the wireless do the following. Enable WEP, don't broadcast your ssid, filter by mac address, and limit the total number of connections to 1. That should keep your wireless rather secure. With the final network card in the smooth wall box attach either a standard switch or even another router. Smooth wall has built in DHCP support and it will allow you to set a range of ips.Hard wire all your home computer to the switch and your in business.

check out www.smoothwall.org
 
Some other methods..Sonicwall routers have a mode where wireless users can log in as guests...and not access the rest of the LAN

Or get a switch that supports VLANs...uplink from your router, and create a couple of VLANs with the router as a member of both.
 
I'm doing pretty much the same thing with 2 nat routers in my linksys minirack.
http://www.grc.com/nat/nat.htm
Just by the way nat routers work they'll keep all wireless activity off your wired network unless your wired network requests a connection through it. Follow that link and there are all kinds of pretty pictures describing the setup.
 
Back
Top