Clicky

I would like to configure two routers, one that remains private, the other that’s public, while both still have Internet access. The public network does not have access to the private network, but the private network does have access to the public network. What would be the best way to get this done?

asked 11/08/2011 01:09

scennimo's gravatar image

scennimo ♦♦


10 Answers:
You could hook up the "private" router with two ethernet ports, one for the private lan, one for the external, then do PAT (port address translation) on that router. Or you could use a small firewall (e.g. ASA 5505 or FortiGate 60C) with a three zone config - external, DMZ and internal, blocking any access from outside or DMZ to the inside, while allowing the other direction.
link

answered

Garry-G's gravatar image

Garry-G

Does either of your routers support VLAN?
link

answered 2011-11-08 at 09:12:36

wwwb0n3zcom's gravatar image

wwwb0n3zcom

My main router is the Linksys E3000. I have two others packed away, Siemens and a Netgear. I curently do not have the model names. They all support VLan. I was thinking about using the Netgear. What i want is to access an appliance and only that appliance on the second network. I do not want to be able to access any other part of my network when I am on the second network. This is why I wanted a second network. I don't necessarily want the second to be public. I just want to make sure that nobody can get to my primary network from my secondary and still have internet access.
link

answered 2011-11-08 at 09:13:52

scennimo's gravatar image

scennimo

Personally - I would flash the Linksys E3000 to DD-WRT and use VLAN support. You could then use firewalls to block/grant access between the VLANs.

Some links to read:
http://www.dd-wrt.com/wiki/index.php/VLAN_Support

http://www.dd-wrt.com/wiki/index.php/Switched_Ports

http://www.dd-wrt.com/phpBB2/viewtopic.php?p=521880
link

answered 2011-11-08 at 10:11:34

wwwb0n3zcom's gravatar image

wwwb0n3zcom

wwwb0n3z…, I appreciate your comment and the links regarding flashing the E3000, but I do not want to go that route. I am looking for something easier with the possibility of not trashing my router. Thanks
link

answered 2011-11-08 at 11:17:25

scennimo's gravatar image

scennimo

The other router that I would like to use is the Netgear FVL 328 ProSafe VPN Firewall Router.
link

answered 2011-11-08 at 12:28:21

scennimo's gravatar image

scennimo

I found the following online and it works like it says it should. The problem is that i need it the other way around. This one has Router2 as being able to see both networks. I want Router1 to be able to access both networks and Router2 not able to access Router1. I do not want to change Router1, (my current settings) at all.  How would I change what is below to be the way I want it? Thanks

Router1 (LAN Side):
IP: 192.168.0.1
SM: 255.255.255.0
DHCP Enabled = Yes
DHCP Scope: 192.168.0.100 to 192.168.0.199

Router2 (WAN Side):
IP: 192.168.0.2
SM: 255.255.255.0
Default Gateway: 192.168.0.1

Router2 (LAN Side):
IP: 192.168.1.1
SM: 255.255.255.0
DHCP Enabled = Yes
DHCP Scope: 192.168.1.100 to 192.168.1.199
link

answered 2011-11-08 at 12:41:21

scennimo's gravatar image

scennimo

You miss a lot when not flashing router with proper software
dd-wrt or openwrt will allow unlimited access points per antenna as one example.

link

answered 2011-11-09 at 17:21:54

gheist's gravatar image

gheist

The following site outlines how to do so using inexpensive routers:
http://blog.lan-tech.ca/2011/05/23/create-an-isolated-network-using-one-isp-connection-and-modem/
link

answered 2011-11-13 at 06:27:08

RobWill's gravatar image

RobWill

router2 can be an isolated switch as well, or if you decide to reflash firmware - you can make it an access point + some ethernet ports a non-routed network.
link

answered 2011-11-23 at 11:18:32

gheist's gravatar image

gheist

Your answer
[hide preview]

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Tags:

×59
×25

Asked: 11/08/2011 01:09

Seen: 186 times

Last updated: 11/27/2011 08:33