HIPAR
join:2005-11-10
Tannersville, PA
| [Connection Sharing] Isolating WiFi from Wired
I need to configure a network with several wired computers that can share files between them and send/receive email and access the internet from a DSL modem. Also, there must be a WiFi access point for wireless users providing them only internet and email via the DSL modem; it must be isolated from the wired net to prevent visibility to shared resources.
Must be a common problem. How is this done?
--- CHAS |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
| I am familiar with the ZyXEL NBG334W router which has a guest WIFI feature. Its a wifi DHCP serving circuit that is separate from the private LAN and only has direct access to the internet.
You can probably do this with some of the LInksys routers as well, that accept third party firmwares. |
|
tubbynet
Just a green in a sea of blue and red
Premium
join:2008-01-16
Mesa, AZ
 ·Sprint Mobile Broa..
 ·Cox HSI
 ·FrontierNet Intern..
| reply to HIPAR
This can also be done with a VLAN-capable switch and router. If you set up two VLANs, one for guest access and one for "wired" access, and tag those VLANs into the router's ethernet port, you have the same solution. Prolly a little more expensive than what Anav  is proposing (I know Cisco gears will do this, but...they are pricey). However, you can sometimes pick up some cheap Cisco gear on eBay and get it working from there. I am not sure if any of the "enterprise grade" stuff from Linksys, Netgear, or DLink will perform the same thing.
--
"Don't hate the media, BECOME the media..." ~Jello Biafra |
|
HIPAR
join:2005-11-10
Tannersville, PA | reply to HIPAR
Thank you both for sharing your expertise.
--- CHAS |
|
fox7
join:2001-02-12
Culver City, CA | reply to HIPAR
HIPAR:
You could also 'Double NAT' and the wireless people and just not give them permissions to the share resources.
'Doulbe NAT' is running the wireless router out of the router that the wired network is on.
fox7 |
|
HIPAR
join:2005-11-10
Tannersville, PA
| I was wondering if that kind of arrangement would work.
Let's see if I understand. I guess what I would do is connect the DSL modem to the the wireless router whose LAN base IP is set to say 192.168.10.1 and connect one of its wired ports to the WAN connection of a daisy chained wired router whose base LAN IP is say 192.168.20.1 with that router set to get it's input IP automatically from the preceding router.
I have enough equipment available so I'll set it up on the bench for a test.
--- CHAS |
|
janderso1
Jim
Premium,MVM
join:2000-04-15
Saint Petersburg, FL
| reply to HIPAR
It is possible to use two routers without doing double NAT if at least one of them allows you to disable NAT.
»Wireless Security »How do I isolate wired from wireless while both share one Internet connection?
--
Jim Anderson |
|
fox7
join:2001-02-12
Culver City, CA
| reply to HIPAR
HIPAR:
Yes! I kind of overlooked your configuration. I was thinking wired first, then wireless into that, but your way the wireless first then the wired, there is no way the wireless could get to the wired network, because the wired router would be protecting it. Good point!!
fox7 |
|
RR55
@sbcglobal.net
| reply to HIPAR
Get a VLAN capable router like the Linksys RV082 would be a better and easy solution for your needs.
The RV082 let you have up to 8 port-based VLAN. You could set up VLAN #1 for family business, VLAN #2 for kids, and VLAN #3 for guests, and etc. In this way, whatever connected to VLAN #1 cannot communicate with whatever connected to VLAN #2. Simple and easy.
The only thing is RV082 is not cheap. It is about $275 for a new one, but you get what you paid for. |
|
HIPAR
join:2005-11-10
Tannersville, PA | reply to HIPAR
Wow, now I have more options to ponder. Again I appreciate your help and expertise.
--- CHAS |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
| Not really, only three!
- two router method but via Janders instructions(the viable way to do this)
- the NBG334W
- a linksys unit that can hold third party firmware.
Spending more money then you have to of course is always an option, but then there would be a gazillion options, including buying an ISP!
--
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"
LlamaWorks Equipment |
|
RR55
@sbcglobal.net | Let the OP decides how many options to consider and which one is the best one for him.
I am not a sales for Linksys and I don't use this forum for profit. |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
| said by RR55 :
Let the OP decides how many options to consider and which one is the best one for him.
I am not a sales for Linksys and I don't use this forum for profit.
OMG, do you mean the OP has his/her own brain and is actually allowed to decide for him/herself?? What is this world coming too. Next things is OPs will think they can decide their marriage partner, as if they have the wisdom to choose correctly!!
I'm sure HIPAR is quite able to independently make the right decision for his/her situation and pocketbook. By implying anything else is insulting.
--
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"
LlamaWorks Equipment |
|
HIPAR
join:2005-11-10
Tannersville, PA | reply to HIPAR
I'll take it from here. Thanks all.
--- CHAS |
|
