adding a second router to a LAN to segregate personal from business

Posted on 2012-08-13
Last Modified: 2012-08-13
We have a LAN that is a router and a couple of hubs and there is one internet modem connected to that. In order to allow personal computers to have internet access, but not have LAN access, I have been linking a second router via one of the hubs ports so that  we could have a separate network and all share the same internet modem. I would like to know about security.  The reason for the second router is simply so that others can use the internet without being on our company LAN.  Hopefully I am making sense. This is a small home based company and the LAN is for the SBS and workstations. The second router is for personal computer use.  By doing it this way, am I keeping the personal computers separate and segregated from the company LAN?
Question by:wfcrr
    1 Comment
    LVL 56

    Accepted Solution

    Unfortunately not, if I understand the topology as you described it. The problem is that by plugging into one of the ports on the hub, you still have full layer-2 connectivity and someone with talent can manipulate that....even if that person is remote or has compromised one machine in some way.

    You can solve this situation with VLANs if your network equipment supports it. Or you can segregate your entire network at the layer-3 level with a better router or by putting a routing-capable OS at your network edge with multiple discreet legs...something like untangle would work.

    But as it stands now, you have some planning to do.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
    If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now