Solved

Secure Wifi Internet Access from existing LAN

Posted on 2011-09-29
7
371 Views
Last Modified: 2012-05-12
Hello,   I have no ability to setup VLAN's as this is a very basic network.    All servers and computers are on a single subnet.

For example lets say 192.168.100.x

Now I purchased a Wifi router with the thought that I could allow wifi internet access only on another subnet.

for example wifi clients 192.168.1.x

This does work as it is setup with the 192.168.100.x network as the WAN interface.

The issue is I am able to access the 192.168.100.x network from the 192.168.1.x wifi network.    

It does have firewall capabilities and I could try setting up rules to block but is there an easier way to do this?

0
Comment
Question by:Zoldy2000
7 Comments
 
LVL 17

Accepted Solution

by:
Garry-G earned 500 total points
ID: 36814461
Usually, firewall or packet filter rules are the simplest way to do something like this ... or rather, almost the only way, unless you have the possibility of adding another VLAN with its own internet uplink, or a VRF, or other features.
So, just configure a deny-rule that forbids any traffic from 192.168.1.0/24 to 192.168.100.0/24 except maybe for the default gateway, and you should be good ...
0
 
LVL 5

Expert Comment

by:TechnicallyMaybe
ID: 36814539
It depends on what features your wifi router has.  Who is the manufacturer and what is the model # of the router?
0
 
LVL 2

Author Comment

by:Zoldy2000
ID: 36814615
I don't have it with me as I am not on site to give you the model number.

What feature are you thinking of that would make a difference.

The manufacturer is UBNT
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 5

Expert Comment

by:TechnicallyMaybe
ID: 36814726
For example my router has a guest network feature that uses a totally seperate SSID and prevents access to the internal SSID and wired devices.
0
 

Expert Comment

by:jmgallo
ID: 36815888
I have done something similar with one of my clients. They had an existing firewall/router which did in fact provide wifi which you could set on a different network rather the existing LAN...the wifi in it stopped functioning properly.

I had an old Linksys wireless router on site. I ran the linksys wan port to another port on the comcast modem and configured it and turned on wifi with DHCP. that kept the wifi entirely seperate from their existing wired network.

0
 
LVL 5

Expert Comment

by:TechnicallyMaybe
ID: 36817334
Great thinking!
0
 
LVL 2

Author Comment

by:Zoldy2000
ID: 36817373
what was the purpose of that last comment?
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PEAP authentication 7 55
URL question:  WWW versus WWW1 in address line 4 74
WLC 5508 controller configuration 4 98
Sonicpoint Ni capabilities 5 18
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Working settings for French ISP Orange "Prêt à Surfer" SIM cards for data connections only. Can't be found anywhere else !
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question