bswiftly
asked on
secure internet connection to basement suite in my house
I have a basement sutie in my new house, and am offering internet as an included utility.
I am a software developer so literate to some extent with networking, but I just want to know the best way I can secure this. If I change my workgroup to some cryptic password - could that secure it enough?
I have the following setup: I have a tower PC that I am using as basically a file storage box. 3 mapped drives that I connect to wirelessly via my laptop. These can NOT be accessible to my tenant.
Currently I have a D-Link Wireless N router (the white one - model escapes me at the moment).
Can I do this just with the workgroup change? Do I need hardware?
I'm also thinking of limiting bandwidth which I think I'd need a pretty expensive switch. If there is a way to determine bandwidth on a specific port, that would be great! This is the secondary question, the first one is the one i really want the answer to.
Thank you !
I am a software developer so literate to some extent with networking, but I just want to know the best way I can secure this. If I change my workgroup to some cryptic password - could that secure it enough?
I have the following setup: I have a tower PC that I am using as basically a file storage box. 3 mapped drives that I connect to wirelessly via my laptop. These can NOT be accessible to my tenant.
Currently I have a D-Link Wireless N router (the white one - model escapes me at the moment).
Can I do this just with the workgroup change? Do I need hardware?
I'm also thinking of limiting bandwidth which I think I'd need a pretty expensive switch. If there is a way to determine bandwidth on a specific port, that would be great! This is the secondary question, the first one is the one i really want the answer to.
Thank you !
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Usually with routers you apply the ip address to the interface. Looking at the documentation for this device it looks like you are unable to segment the LAN ports into separate subnets. So the only option would be to use the access rules to deny connections from that device to anything else on the network besides the internet. That would mean they would have to be on the same subnet.
Another option is since the router is an N router you might be able to set up multiple wireless networks with seperate SSID's. I know some 802.11n devices allow you to configure multiple networks so you could have a N network for yourself and a G network for the other user. Then with the access rules you can deny there access to your network. You would have to check to see if this is configurable on the router (I have not had a chance to play with N routers).
Another option is since the router is an N router you might be able to set up multiple wireless networks with seperate SSID's. I know some 802.11n devices allow you to configure multiple networks so you could have a N network for yourself and a G network for the other user. Then with the access rules you can deny there access to your network. You would have to check to see if this is configurable on the router (I have not had a chance to play with N routers).
ASKER
k thanks. I'll give that a shot.
so do you know what type of hardware I would need to limit bandwidth ?
so do you know what type of hardware I would need to limit bandwidth ?
I know some routers support throttling per host, also there is a ton of software out there that will limit the users bandwidth.
ASKER
software ? So, where does that software run if they're plugged directly into the router? Do I have to build a linux box or something with some free software on it and run their internet connection through that?
No the software im talking about needs to be installed on the clients computer.
ASKER
Oh, well thats kind of a catch-22 now isn't it? haha.
Yeah i dont think your tennants will agree to you installing software on their computers. Even if you do they can easly unistall it. So probably not a good solution
ASKER
ok I am getting emails from the website saying I still have an open question.
I'm looking for an answer to this... as I can't solve the problem via my current wireless router, I want to know what hardware I would need (a couple specific options) to limit the bandwidth.
thanks
I'm looking for an answer to this... as I can't solve the problem via my current wireless router, I want to know what hardware I would need (a couple specific options) to limit the bandwidth.
thanks
IF you purchase a commercial grade router (ie Cisco or Junipur) you would be able to set Quality of Service up to accomplish this. But those would be expensive solutions. I am not finding any home routers that say they limit bandwidth per device but i did find this solution.
Purchase a Linksys WRT54G (or similar supported router) and then install DD-WRT on it. From reading up on it this will allow you to limit the bandwidth based on IP. This might be a solution.
http://www.dd-wrt.com
Purchase a Linksys WRT54G (or similar supported router) and then install DD-WRT on it. From reading up on it this will allow you to limit the bandwidth based on IP. This might be a solution.
http://www.dd-wrt.com
ASKER
Thanks for your help. I will close this question.
I've recently updated my firmware on my router and it has the ability to log web traffic, so it will just have to be something I keep an eye on if my traffic spikes. I can also add policies and block websites by MAC address or IP.
Thanks.
I've recently updated my firmware on my router and it has the ability to log web traffic, so it will just have to be something I keep an eye on if my traffic spikes. I can also add policies and block websites by MAC address or IP.
Thanks.
ASKER
When I go into the router (its a DIR-655) it only gives me one spot where I can enter the subnet mask - is this what I need or do I just assign the tenant to a separate IP address?