Jump to content

securing primary network when 2 wireless routers are connected together

iron man is anemic

By iron man is anemic
in Security

 Share

Recommended Posts

iron man is anemic Newbie

iron man is anemic

Posted
Posted

Hello, im a noob when it comes to alot of advanced networking and linux things so please forgive my ignorance, but here is what im trying to do. I have my main d-link dgl-4500 wireless router hooked up via lan cables to my ps3, cable modem, media PC, and wireless to my laptop. When we tried to connect my roomates ps3 to my wireless network it would timeout due to how its configured and the ps3 being picky with wireless networks. Since his ps3 was in another room its not economical to run a lan cable to my router, so i connected his wireless router (a netgear WGR614) to mine (lan port of d-link to wan port of netgear) since i knew his ps3 will connect to his router just fine. While this setup works, what im worried about is someone gaining access to my network via his wireless router, as he is able to view my networked computers and gain access to the web configuration of the d-link router. I have my d-link router configured to be hidden with a 64 character sudo random password and WPA2 personal using the AES cipher, as to prevent unauthorized access to my network, but his is alot more simplistic (ie: discoverable, short password, default configuration password), as to keep the compatability with all of his devices he runs (ie: macbook, ipod touch, ps3, etc...). Is there a way to limit the access of the netgear router to internet only so it doesnt comprimise the security of my network, or will i need a purely wired router as an intermediary to completely seperate the 2 wireless networks? If you cant tell im a bit paranoid about my security.

Link to comment
Share on other sites
iron man is anemic Newbie

iron man is anemic

Posted
  • Author
Posted

i thought about the virtual lan, but my router doesnt support it. I think what im just going to end up doing is getting a Ethernet router and connect both wireless routers to it via there wan ports so they truly are independent of each other, but share a common Internet connection.

Ive been looking at the d-link dgl-4100, it is a GamerLounge model and would complement my dgl-4500 quite nicely. Plus i could use the GameFuel to prioritise between the two different networks since we both are gamers, but wont necessarily gaming at the same time. so one of us would be able to be gaming and not be affected by the other persons web browsing/downloading.

And i believe it would be possible to be able to attach a NAS to the dgl-4100 to allow sharing of files and common storage between the two networks, as everything after the wan port would be accessible by both sides.

Another reason why i like my network seperate from the network, is so i can do R&D without effecting the bandwidth of the overall network, just my corner of the network would be affected by anything i am working on. and the same for my roomate, if he has anything he is working on it wont affect me.

Questions, comments, complaints anyone?

Link to comment
Share on other sites
iron man is anemic Newbie

iron man is anemic

Posted
  • Author
Posted
I don't know if that would work, worth a shot tho.

I've never connected one router via the WAN port to another via a LAN port before.

Well thats how i have my current configuration setup, and i can tell you it works. but the only problem im having with it, and was the reason for this original post was the second device that is connected from its wan to the primary devices lan port has full access to the entire network while it doesnt go upstream since the first router drops all unsolicited data coming into the wan port. thats why i am wanting to use a 3rd device as a man in the middle so to speak. it would allow both wireless routers access to the internet without the possability of cross talk thus not compromising the security of my side of the network. And any devices connected to the middle device would be accessable by both networks, so you could setup a network storage device in the middle router allowing sharing of files between the two networks without having to allow traffic to cross directly from one side to the other.

To break it down it would work like this:

1 over all network with 2 sub networks, sub network A & B

sub networks A & B arent able to directly comunicate to each other due to the firewalling capabilities of the routers due to there configuration to each other as to preserve there individual security, but will share a common internet connection

any devices (I.E. NAS, Servers, media pc's, etc...) connected at the "bridge" router will be accessable by both sub networks.

Since 3 routers will be connected together in a Y wan to lan configuration: sub A wan to main lan, sub B wan to main lan. anything not asked for a specific computer inside the "firewalled" sub network will be dropped.

The only thing i would need to make sure of is that all 3 routers use different ip ranges, or else things could get hairy real quick i think.

I think this configuration could drasticly reduce the load on the overall network as all local traffic would be isolated to one sub network while the rest is unaffected.

It makes sense in my head but i could be 10000000% off on how this will work and if it will work at all.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...