Network security with shared wifi

The people next door have just asked if they can use my internet access via wifi for a few months. Leaving the legal issue of my responsibility for their internet usage aside, my biggest concern is them being able to access data on my network. I have a Windows 2003 server, with hopefully enough security to keep casual hackers away, but I don't know about the intranet side. I've also got various XP/Vista machines connected, some via AD logons, and some from local workgroups. The wifi cnnnection uses WPA/PSK on a Netgear DG824N router.

Other than removing Everyone permissions from my network shares, what would I need to do to lock down access from the inside?  Presumably this is a fairly common requirement from hotels/coffee shops with open wifi access.
LVL 12
ProactivationAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lamaslanyCommented:
"Presumably this is a fairly common requirement from hotels/coffee shops with open wifi access."

Not really - in such cases the shared wireless network typically resides on a seperate network segment with wireless isolation to prevent wireless devices connecting to each other.
0
lamaslanyCommented:
PS:  Can you confirm the model of your router - there seems to be a DG824M and a DG824N
0
Rob WilliamsCommented:
If you are running ISA, I assume all of your clients are 'behind' the ISA server. Consider adding a new wireless access router for "the people next door" on the public/WAN side of your ISA. This way they can make use of your connection, only need to spend $50 for a router, and your network is as safe from them as it is from me.
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

ProactivationAuthor Commented:
lamaslany:
Sorry, typo - it's a Netgear DG834N

RobWill:
No ISA, just a Win2k3 that I've just reinstalled, so it's fairly out-of-the-box, with some ports and default system usernames changed (admin, guest, etc).

I've got some other routers kicking around (Netgear DM602, WGT624, Thomson TG585v7). Any way of hooking them up without ISA, any cheap/free alternatives, or should I install the 180-day eval?
0
Rob WilliamsCommented:
>>"No ISA"
Sorry I assumed that as you have placed the question in the ISA (MS Internet Security & Accel) topic area.  :-)

You can accomplish the same with 2 or 3 routers.

Option 1             Internet
                               |
                          router 1
                               |
              router 2 ------router 3
               LAN 2               LAN 3

Option 2             Internet
                               |
                          router 1
                               |
              router 2 -----------|
               LAN 2               LAN 3

Option 1 both LANs are totaly isollated
Option 2 LAN 2 is isolated form LAN 3 but LAN 2 clients can see LAN 3 (next door)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Rob WilliamsCommented:
Thanks Proactivation.
Cheers !
--Rob
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Hardware

From novice to tech pro — start learning today.