Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Splitting a network - private network and public wifi access


  • Please log in to reply
9 replies to this topic

#1 David Ashcroft

David Ashcroft

  • Members
  • 169 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:28 AM

Posted 23 May 2013 - 12:08 PM

We currently have an internal network which we would like to keep secure, we would like to add in a public wifi network seperate from our current main network, what is the easiest way to do this?

 

I have thought about subnetting, but ideally i would like to avoid this.

 

Is there any such device that we can plug into the network, for example with 3 ports, so i could plug the internet into one port, the link to the internal private network into another, and the public network into another, and then configure this device to allow both private and public on the internet, but to stop the private and public network ports from transmitting any data to each other (if this makes sense)

Thanks!!



BC AdBot (Login to Remove)

 


#2 chrisd87

chrisd87

  • Members
  • 811 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NC
  • Local time:12:28 AM

Posted 23 May 2013 - 02:06 PM

You either have 2 options. Either subnetting/creating seperate vlans or using a firewall to block all traffic that's not on your public/private network. A router will do all of that, but still to my knowledge, you still need to do subnetting to divide up the 2 networks.


"Like car accidents, most hardware problems are due to driver ɹoɹɹǝ."

 


#3 David Ashcroft

David Ashcroft
  • Topic Starter

  • Members
  • 169 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:28 AM

Posted 23 May 2013 - 07:18 PM

I have a Juniper Netscreen 25, i believe it is a firewall, however i have never used it.

 

I have never really understood why people use hardware firewalls, its never something i have really looked into considering most OS's come with firewalls.

 

Would this be the type of purpose a firewall would be used?

 

The firewall has 4 ports on the front, would this be able to be programmed for what i want to do using 3 of the 4 ports available.

 

And out of curiosity, is this was hardware firewalls are used for in most cases?



#4 redneckalbertan

redneckalbertan

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:28 PM

Posted 27 May 2013 - 03:14 PM

Am interested in this as well.



#5 David Ashcroft

David Ashcroft
  • Topic Starter

  • Members
  • 169 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:28 AM

Posted 27 May 2013 - 04:20 PM

Anyone know anything about this, would really appreciate the help...

 

Thanks! 



#6 hispaladin

hispaladin

  • Members
  • 245 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Middle of a corn field
  • Local time:12:28 AM

Posted 28 May 2013 - 08:58 AM

I would like to ask why you want to avoid subneting?  In my company I am setting up public access points at all our locations with a secure wired network as well as secured wifi and then providing a more "public" wifi (set with weak security just to keep random neighbor kids off).  I am doing this by setting a DMZ wifi access point with a totally different sub net so that there is no connection nor do the public computers know off hand what the secure subnet would be.  We are using Sonicwall router\firewalls to do this but I know it can be done with other hardware.



#7 smax013

smax013

  • BC Advisor
  • 2,329 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:28 AM

Posted 01 June 2013 - 06:19 AM

We currently have an internal network which we would like to keep secure, we would like to add in a public wifi network seperate from our current main network, what is the easiest way to do this?
 
I have thought about subnetting, but ideally i would like to avoid this.
 
Is there any such device that we can plug into the network, for example with 3 ports, so i could plug the internet into one port, the link to the internal private network into another, and the public network into another, and then configure this device to allow both private and public on the internet, but to stop the private and public network ports from transmitting any data to each other (if this makes sense)
Thanks!!


Is this for home use or at a business?

If it is home use, then the easiest way to do it would be to get a router that has a guest network function. A definite example is an Apple Airport Extreme router (not necessarily recommending it, but rather offering it as an example since I know it has a guest network since I use an Airport Extreme) or a Time Capsule (same basic thing as the Airport Extreme except with a built-in network drive) or even an Airport Express. I believe here are some more (non-Apple) examples:

http://www.newegg.com/Product/Product.aspx?Item=N82E16833320088
http://www.newegg.com/Product/Product.aspx?Item=N82E16833122434
http://www.newegg.com/Product/Product.aspx?Item=N82E16833146006

The above might still work for a business environment depending on how big the business is/how many people will use the network...but you might need to go with a more complex setup. I do believe that there are also enterprise grade routers/firewalls that have built-in guest network access, but I don't know for sure.

#8 David Ashcroft

David Ashcroft
  • Topic Starter

  • Members
  • 169 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:28 AM

Posted 12 June 2013 - 06:45 PM

Ok, i have subnetted the network, ive have never done subnetting on my own so i will explain what i have done to make sure it will work.

 

The main routers IP address which has wireless built in (for private use) is 192.168.1.254, the network address is 192.168.1.0 the subnet of the this private network is 255.255.255.0

 

I have created a new subnet on the main router with the network address of 192.168.2.0, subnet of 255.255.255.0. I will assign a static IP address to the new wireless access point of 192.168.2.1 and i will setup the wireless access point to be a DHCP server assigning IP addresses from 192.168.2.2 to 192.168.2.254.

 

Will this keep both the private and public network wireless and private network separated?

 

Also, when i setup the new subnet on the router, it asked for the default gateway which i set to 192.168.1.254 (the main router) is this correct?

 

Ill be testing this tomorrow anyway but i thought id get some input. I will let you all know if it works.

 

Thanks in advance :)!


Edited by David Ashcroft, 12 June 2013 - 06:45 PM.


#9 David Ashcroft

David Ashcroft
  • Topic Starter

  • Members
  • 169 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:28 AM

Posted 13 June 2013 - 04:54 AM

May need to rethink, enabling the DHCP server on the AP was a really bad idea, the AP started firing out IP addresses to computers in the public range, i thought the AP would only give IP addresses to things connecting directly to it, i was very wrong and caused chaos... Not good:')



#10 tahafisaka6

tahafisaka6

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:28 PM

Posted 03 December 2013 - 09:54 PM

I know this is an older post, but I know that cisco routers such as the E1200 have both private and guest wifi.  so you can have you network wired and have wireless connections to that side of the network, but for users whom you only want to allow internet access for you can give them the guest sign-on information.  






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users