Howto Add DHCP WiFi Router and subnet to existing network

Posted on 2009-12-25
Last Modified: 2012-05-08
I have an existing home network with old reliable sonicwall tele3 with 4 VPNs configured.  I have a Linksys WAP54G providing wifi access.  The tele3 is basically a 5-IP license... and I've managed to stay at 5 connections for some time... since it only counts the IP's that route outbound thru the firewall.  DHCP with short licenses has been flexible enough... but no more.  With all the wifi devices in the house (Wii, DSI, laptops, etc) I need to figure out a better configuration.

What I'd like to do is replace my WAP with a wireless router... and give it a static IP on the wan side (dedicating 1 of my 5 IP's for all wifi devices) and then configure DHCP on the WAR for all my devices.  It would be great if the WiFi network could still access the printers on my wired network but I'm a little foggy on that part.

I would replace my tele3 - but it just seems like there are no modern equivalents that do what it does without spending an arm and a leg.  I depend on the point-to-point VPN tunnels I have but only 1 computer needs access to those remote networks.

For wireless... I'm currently using B/G.  wireless devices include my wife's laptop, kids two dsi and wii, etc)
On the wired side... 3 computers, 2 network printers.

My LAN network settings are:

I think my questions boil down to:
Product suggestion for a wireless router that will NAT and DHCP.  Looking for a solid B/G performer.
Subnet suggestions for the wifi network
Caveats to having the wifi network NAT thru my wired network (and NAT again thru my Sonicwall TELE3) to the outside world thru my Time Warner Broadband.

Thanks in advance
Question by:Shawn_SanDiego
    LVL 32

    Assisted Solution

    You may be in luck with a firmware upgrade on your WAP54G.

    If your hardware version is 1.0, you could consider flashing the firmware to DD-WRT.  

    With this, you could create separate subnets and vlans etc.  Check it out and see if it is for you
    LVL 3

    Author Comment

    I've looked into the idea of flashing my access point... but that's not an option.  I'm going to get a wifi/router from a friend and see if I can get something working using trial and error.

    The real problem I think I'll have is that the wifi subnet will be private IP's and the wired subnet will be private IP's - and I don't think the wifi router will be able to "see" the other private network.  Maybe no wifi router can accomplish this... unless I use a firmware option like DD-WRT or Tomato

    I'm not opposed to getting hardware to do this... I think the Linksys WRT54GL is pretty popular for wifi modders... but I don't want to spend $$ unless I know it will work.

    I suppose an alternative is to look for an unsecure network in the neighborhood... and just set the Nintendo's to use that.  "thanks neighbor!"
    LVL 3

    Author Comment

    Let's try this again.  I purchased a Lynksys WRT54GL router for testing.  So far... I can't seem to get what I want.
    Let me recap.  I have a sonicwall firewall TELE3 that has a license for 5 IPs.  The main reason I need the SW is because it has my point-to-point VPN tunnels - and that's critical.
    Over time... I've added a number of hosts... so the 5 IP limit has been a struggle.  The SW only seems to care about IPs that route out the WAN port... so things like network printers don't take up a license.
    I have 2 wired hosts and 1 wifi laptop that are the primary devices... but I also have a handful of devices that use wifi and dhcp (like Wii, DSi, etc) - and often run out of IPs.
    What I want to do is have the WRT54GL act as a router for my wifi devices.  Basically... I want to assign the WRT an IP and have it serve up DHCP addresses to all my wifi devices.  I'm thinking that it will then NAT all the wifi devices.
    The problem is... this doesn't seem to work... exactly.
    When I get a host configured on the WRT... and get an IP... I can see the VPN networks... but I can't seem to route beyond.  I can also see my network printer.
    The networks are:
    SonicWall: /
    WRT: / GW:
    PC Host on WRT:
    can access network printer :
    It would seem like this is possible... since ISPs due pretty much the same thing... carving up addresses for multiple users... and those users can have multiple hosts NAT'ing thru their one IP.  However... I know I must be oversimplifying something somewhere.
    Can someone point me in the right direction?
    LVL 32

    Assisted Solution

    You need to have another router that will masq the MAC addresses of the other devices.

    Since you now have the WTG54GL:
    • connect it's WAN port to theSonicwall's LAN port
    • Configure the default gateway for the WRT to be the LAN IP of the Sonicwall
    • Connect the sonicwall to the ISP
    • Disable DHCP on the Sonicwall
    • Connect the devices on you home LAN to the WRT ONLY.  THis will cause the Sonicwall to see only the MAC address of the WRT device.
    LVL 3

    Accepted Solution

    OK... I got this figured out.  Some time ago... I added a firewall rule to block outbound traffic for any LAN IP that wasn't in the DHCP.  Removed the rule... and my DRT54G worked exactly as I had hoped.  It is NAT'ing all my wifi devices... and I put the kids imac on this LAN too.  I end up with two private networks behind my Sonicwall.  The 10.x.x.x network is my main PC and the network printers.  This allows me to keep my computer accessible over the VPN.

    I appreciate the input from nappy_d - so you get the points.  So far... the default firmware works for me... but I got the WRT54GL specifically because it is so popular with custom firmware options.


    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Suggested Solutions

    I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
    Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now