Solved

Secure Wifi Internet Access from existing LAN

Posted on 2011-09-29
7
363 Views
Last Modified: 2012-05-12
Hello,   I have no ability to setup VLAN's as this is a very basic network.    All servers and computers are on a single subnet.

For example lets say 192.168.100.x

Now I purchased a Wifi router with the thought that I could allow wifi internet access only on another subnet.

for example wifi clients 192.168.1.x

This does work as it is setup with the 192.168.100.x network as the WAN interface.

The issue is I am able to access the 192.168.100.x network from the 192.168.1.x wifi network.    

It does have firewall capabilities and I could try setting up rules to block but is there an easier way to do this?

0
Comment
Question by:Zoldy2000
7 Comments
 
LVL 17

Accepted Solution

by:
Garry-G earned 500 total points
ID: 36814461
Usually, firewall or packet filter rules are the simplest way to do something like this ... or rather, almost the only way, unless you have the possibility of adding another VLAN with its own internet uplink, or a VRF, or other features.
So, just configure a deny-rule that forbids any traffic from 192.168.1.0/24 to 192.168.100.0/24 except maybe for the default gateway, and you should be good ...
0
 
LVL 5

Expert Comment

by:TechnicallyMaybe
ID: 36814539
It depends on what features your wifi router has.  Who is the manufacturer and what is the model # of the router?
0
 
LVL 2

Author Comment

by:Zoldy2000
ID: 36814615
I don't have it with me as I am not on site to give you the model number.

What feature are you thinking of that would make a difference.

The manufacturer is UBNT
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 5

Expert Comment

by:TechnicallyMaybe
ID: 36814726
For example my router has a guest network feature that uses a totally seperate SSID and prevents access to the internal SSID and wired devices.
0
 

Expert Comment

by:jmgallo
ID: 36815888
I have done something similar with one of my clients. They had an existing firewall/router which did in fact provide wifi which you could set on a different network rather the existing LAN...the wifi in it stopped functioning properly.

I had an old Linksys wireless router on site. I ran the linksys wan port to another port on the comcast modem and configured it and turned on wifi with DHCP. that kept the wifi entirely seperate from their existing wired network.

0
 
LVL 5

Expert Comment

by:TechnicallyMaybe
ID: 36817334
Great thinking!
0
 
LVL 2

Author Comment

by:Zoldy2000
ID: 36817373
what was the purpose of that last comment?
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Fortigate 100D NTP Issue 4 80
How to set DHCPv6 options on a Sonicwall? 13 144
DHCP Server 14 88
Issue with Cisco 4402 and 1142 LAPs 1 9
In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question