[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


Point to Point Wg602V4 Access  - Wireless... Am lost

Posted on 2011-09-08
Medium Priority
Last Modified: 2012-05-12
Help, I have been trying to get two Wg602's to work as
desired, all day... Hopefully some can help.

We have a new office that is across the road (about 20
feet).  We want the new office to use our Internet
access, BUT we don't wan the new office to communicate
within our own office.  Therefore, we are treating
the new office as an 'external' client.  The new
office will have it's own router/dhcp.

For arguments sake (or sake of illustration) please
consider the following:

We have four external addresses from our I/P provider
Here are our settings

I/P Provider Gateway:
  Office #1         
  new Office#2 
  {spare I/Ps )     / xxx.005 / xxx.006

We have 2 of these WG602s.  According to documentation,
we thought that we would want to be a Wireless Point-to Point.
I/P Gateway: xxx.01
      + ---> WG602yxxx.003  
                      +----> Wg602x  (across the road)
                               +-----> NewOffice/Router

So I set WG602y to have an external I/P address of
xxx.003   I set up w602y & w602x to have each other's
remote MAC address.
I can ping and get a reply from the .003 Wg602y.
For the time being, instead of a router, I simply
plugged a laptop into the Wg602x device.
I have tried the following combinations.
A. _ Set Wg60x - to have 3rd External I/P xx.004
     and have gateway of xx.003.  Had Laptop be xxx.0005
     Results: Laptop couldn't get out or see anything.
              Could ping xxx.004
B._ Set Wg60x to have new "internal I/P address"
        Set gateway as xxx.003
        Set laptop to  internal i/p address too.
     Results:  pretty much the same.

What are the settings I need to have??? Help...
I have wasted an afternoon on this, and office#2
employees are getting angry.  hence reason for 500 points.
Question by:ebtsup
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 26

Assisted Solution

by:Fred Marshall
Fred Marshall earned 900 total points
ID: 36507293
It seems like you have plenty of public IP addresses so you could assign one of them to the new office as you've described.  That would not be a problem.

I have a little trouble following what comes next in your description - so that's likely a good place to start.
I have no idea what the MAC address fiddling is about..... where you say:
I set up w602y & w602x to have each other's remote MAC address.
If you mean you entered the remote device's MAC address in the wireless box-to-box link.. yes.  That's needed.
I'm going to assume that the WG602V4s are strictly for linking the two buildings for now .. no wireless clients.

If you're going to meet the objective then you need a link between the offices.
Since you're going to assign them a public IP address then you can do one of two things:
1) Put their router in their building and link at the public IP subnet address space.
2) Put their (or a)  router in your building and link in their private subnet address space.

It's not clear to me that the Access Points have to have IP addresses assigned to them except for management purposes.  For this reason alone you may want to have them in private address space so they are a bit more secure.  The point here, I think, is that all the APs need to do is 1) link and 2) act like switches with no IP stuff like NAT or the like as a router would have.

Does the group in the other building NEED a public IP address at all?  Do you?  i.e. except to connect to the internet?  i.e. no public servers?  In that case it's pretty easy I should think.

So, if these assumptions are correct, here's what I'd do:

1) Have an "internet switch" that's connected to your ISP connection (router or modem is likely).
2) plug in all things needing their own public IP address into that switch.

SO, you might plug one of the wireless access points into that switch .. operating in public address space.
The other AP will be in the other building in that same space.
So then you connect a router with the selected public IP address on the Internet/WAN side to the ethernet port on the AP.  The LAN side of this router will have whatever LAN subnet you want for the other building.

3) As one of the things needing their own public IP address, plug a local router into the switch on its Internet/WAN side.  Give the LAN side an IP address of your local building LAN subnet.

Don't connect the AP to the Internet Switch.
Connect the AP to your first router's LAN (this will be *their* LAN) and don't use a router in the other building at all just a switch off the remote AP.
Then, plug another router Internet/WAN side into the first router LAN.
The LAN of the 2nd router will be the local LAN.

The only issue with this is that the locall computers can see the computers across the street (but not vice versa).
To deal with that issue, add another router in series with the remote LAN connection.

See the diagrams attached.


Author Comment

ID: 36507560
To clariy the WG624 are Wireless Access Points.
We are wanting to use to connect to new office.
In the instructions for these NetGear W624's - it says to connect them as point-to-point that they need to have MAC addresses.

So to illustrate:

 OFFICE #1                                                                                                             NEW OFFICE #2
+==========================+            Physical ROAD for motorcars   +====================+
I/P Gateway: xxx.01
      + ---> WG602yxxx.003      ~~~~~~   Wireless Connection to  ~~~  +----> Wg602x  (across the road)
      |                                                                                                                     |
      |                                                                                                                    +-----> NewOffice/Router
     +-- OFFICE # ROUTER

I have no idea what the MAC address fiddling is about..... where you say:
I set up w602y & w602x to have each other's remote MAC address.
If you mean you entered the remote device's MAC address in the wireless box-to-box link.. yes.  That's needed.
I'm going to assume that the WG602V4s are strictly for linking the two buildings for now .. no wireless clients.
NetGear WG602 - requires that I have an I/P address with a gateway in the I/P setting
..and Correct there are no other wireless clients at this time.

But to answer you other questions, the other group, really doesn't need public addresses, we just wanted to ensure that they couldn't get on our network  {..and why that is.. I have no idea }

On the NetGear'ssettings, it allows for Wireless Pot-to-Point bridging..  -- which is what I have set to.
Also have Repeater with Wireless Client Association.

Accepted Solution

weedhell earned 1100 total points
ID: 36564805
well you should simplify things:
1- Adsl/cable modem router------ let's say this equipment it's in network range no matter your private isp ip it will be only a door the WAN port all other doors will be in a private network...
let's call that network the configuration network since you will configure the access points to fit that network...soo you will have isp router with access point number 1 with and access point number 2 with ip (make sure your dhcp in ISP router is set to give addresses over
this way you have one big network where you can access all users since there are only one till now...
To protect office one from intrusions you just need to connect the isp router to a Wan port in a broadband router configured in for example this way you can access to office 2 but office 2 can't access to office 1 if you don't want office 1 to access to office 2 either you can connect another broadband router with a diferent range like with a cable to your access point connected via wds

Now security if you want to restrict the access to part of your network you just have to keep this in m

Expert Comment

ID: 36564851
security... if you want to restrict the access to part of your network you just have to keep this in mind... nothing is safe in computing engineering, since you can sniff the packets before they get to internet, man in middle attacks  are commonly seen in this kind of network.  but that's the same in all wireless networks.

Featured Post

Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question