Using 2 routers to provide wifi and protect my network

Posted on 2007-03-21
Last Modified: 2013-11-12
I am using a standard router with a 192.168.1.X range. I would like to put a sub router on the system and allow people to connect wirelessly without compromising my network. If I use 192.168.11.X as a sub range and let the sub router pull internet through the WAN port will I achieve my goal? Or are there ways that someone with some knowledge could still rout through and connect to my .1 network?
Thanks Jim
Question by:cbspectre
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 88

Accepted Solution

rindi earned 125 total points
ID: 18766441
How are the routers connected to the LAN? I'd connect the internet router's wan port to the internet modem, and there you can use any subnet you like. Then connect the network router to a LAN port of your wireless router (make sure you get one that has LAN ports additionally to the WAN port and the wireless). That way you can't connect on the LAN side via the wireless router's clients.

Author Comment

ID: 18766812
Connections are as follows
Internet --> Netgear WAN port| Lan Port of Netgear (192.168.1.X) --> WAN port of Buffalo router (192.168.11.X) Internet is accessible from the Buffalo but cannot see the Netgear LAN easily. I can type in from my PC and log into the Netgear. I just want to be sure that the Buffalo connected clients cannot get to the Netgear connected clients. I dont think they can but if so I would like to know how so I can shut it off.
thanks Jim
LVL 88

Expert Comment

ID: 18766950
Put it the other way round, first the router that should only see the internet, and then the other one. With your current configuration someone could change the ip settings of the networking interface to static, and use a netmask like and may then be able to see everything of 192.168.x.x.
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.


Author Comment

ID: 18772721
If I password protect the Buffalo router (Assuming no hard reset, and they could not change the IP range) could someone still bypass it through the wireless?
LVL 88

Expert Comment

ID: 18772933
All they'd need to do is change the ip properties in their wireless card on the PC. They wouldn't have to do anything on the router, so if that is password protected or not wouldn't change anything. OF course you should still password protect it.

Author Comment

ID: 18783868
I tried what you said. I was able to set my Buffalo connected laptop with DHCP providing the 11.X Numbers to 1.X setting the Gateway and DNS to the 1.X router IP and could get to the internet. I couldnt get to the internal shared recources. I tried to access server shares and got messages about being inaccessable. Is that becaouse the router is handling the 1.X calls and not the PC? If this is true I am ok as is. But I do see your point on using the routers the other way. No one could back route in that case. Thank you for your assistance.
LVL 88

Expert Comment

ID: 18784477
your welcome.

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SAP HANA vulnerability threat report. 2 113
Bandwidth cap???? 8 99
Strange router problem - can't access 14 108
Samsung Tablet no Internet but does connect to WiFi 7 52
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question