I want to secure my home network in such a way that all of my computers are seperate from the other computers in the house. My initial idea for this was to place all the computers that I do not control into a subnet that is seperate from mine and then create a static route so that I could connect to those computers, but they could not connect to mine. I don't know if this is possible or if it makes sense, but it was my initial thought on the subject.
Here is what I have to work with:
1x Motorola Surfboard modem
1x WRT54G wireless router with DD-WRT firmware.
1x BEFSR41 wired router
2x 8-port switches
Currently, the WRT54G is my gateway to the internet. All of my computers are connected to an 8-port switch which is connected to port 1 on the WRT54G. All of the computers I do not control are connected to an 8-port switch connected to port 2 on the WRT54G. A friend of mine suggested that I connect all of my computers to the BEFSR41, use NAT and then connect the BEFSR41 to the WRT54G. I don't like this solution because I currently use some of the advanced features of the WRT54G with DD-WRT to eliminate the need to use port forwarding and I don't want to use port forwarding on the BEFSR41.
Additionally, I want to be able to manage both routers from any machine on my switch, but I do not want any of the other computers that I don't control to be able to manage the routers.