Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to protect home network, but still allow internet access to laptop


  • Please log in to reply
5 replies to this topic

#1 awwolfe

awwolfe

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:26 AM

Posted 16 December 2016 - 08:08 AM

I have a home lan with shared folders and a nas which has folders that are not password/user protected. This works for my kids and I to share things and not need to manage accounts/etc.  However, my wife just started a telecommuting job with a work computer that uses our internet to vpn into her companies system. We do not have admin rights to her computer and they do have remote access to her laptop and printer (for maintenance purposes).  My question is: how can I prevent/protect access to my home network from her work (remote), but still allow her computer/printer internet access so that her computer can connect to her office?

 

I am hoping some kind of router configuration might be possible that would block/separate her computer from our lan.

 

Best approach?

 

Thanks,

Tony



BC AdBot (Login to Remove)

 


#2 Kilroy

Kilroy

  • BC Advisor
  • 3,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:10:26 AM

Posted 16 December 2016 - 11:33 AM

Welcome to Bleeping Computer.

 

When your wife is connected to the VPN can she even see your network shares?  A lot of times the VPN software will prevent you from connecting to other things on the network.

 

Unless you have something illegal on your network I wouldn't worry about it too much.  Provided your wife doesn't connect to your network shares from her work computer you shouldn't have any issues.

 

If you want to go full blown security mode you can read this page for how to set up a three router solution.  Your wife's computer would go on the IoT network.  Running multiple routers can cause some strange network issues.



#3 awwolfe

awwolfe
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:26 AM

Posted 16 December 2016 - 02:35 PM

Thanks for welcome and information.

 

Trying to use terms from that page.

 

I have a modem, router (border), then a wifi ap router. The wifi router is connected via a lan ethernet to the border router. Any wifi connected devices can see my local nas. If I go to a 3 router system (as in the information), does the new router (one with computers I want to isolate from my network) need to be in a different subnet or something with that router configured to DHCP? Right now, my wifi router DHCP is disabled, only using the border router for assigning IP.

Thanks,

 

Tony



#4 Kilroy

Kilroy

  • BC Advisor
  • 3,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:10:26 AM

Posted 19 December 2016 - 03:59 PM

The set up of the three router solution is in the More stuff to know about link at the bottom of the page and “Border” – 10.10.1.x, “IOT” – 10.10.2.x, “Secure” – 10.10.3.x.  You could use 192.168.1.x, 192.168.2.x, and 192.168.3.x if you wanted.

 

Have you connected your wife's machine to your network, had the machine connect to the employer's VPN, and then check if she can see your file shares?  Depending on the VPN product and configuration she may not be able to see things on the local network when she is connected via the VPN.



#5 awwolfe

awwolfe
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:26 AM

Posted 20 December 2016 - 03:25 PM

Thanks. I'll try the different dhcp ranges from the router end. I've also found info on vlan (though can not find for my router). Not sure if vlan is basically same result as ip grouping/subnet.

 

It does seem that her computer is not able to see our LAN, but that would be a software solution (one that I don't have access to admin or know/trust). I'd rather have a hardware solution that I can manage. I'm sure it is overkill, as you stated, not like we have anything of value to other people. But family photos/videos would be gone if someone accessed and deleted them or if virus some how made it across the networks. I have no idea nor trust their system to remain virus free. The likelihood of anything malicious on their end is remote, but why expose my system if can avoid.



#6 Kilroy

Kilroy

  • BC Advisor
  • 3,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:10:26 AM

Posted 20 December 2016 - 03:36 PM

Not all routers or switches support VLANs.

 

If the photos are important you should look into a backup solution, possibly with an online backup provider.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users