Separating Wireless and wired networks
I have a Linksys WAP11 as well as a Linksys router behind the cable modem. My main PC (Domain Controller) has 2 network cards which I was told I could tap the WAP11 to the 2nd network card for better protection and to create separate network for wireless.
I have a Linksys WAP11 as well as a Linksys router behind the cable modem. My main PC (Domain Controller) has 2 network cards which I was told I could tap the WAP11 to the 2nd network card for better protection and to create separate network for wireless. The question is how?
My home has 5 PCs and all Windows XP/2000 based. 1 PC is Domain Controller and I'd really like to explorer the possiblity of securing my WAP11. I enabled MAC filtering and disabled SSID broadcast. My TrueMobile Dell card doesn't like encryption so I can't enable it. I also have a Linksys WPC11 card but the Dell one has better reception.
Anyway, what I was thinking is to secure the wireless LAN by limiting certain addresses to pass through to the wired LAN. For example, if I have only 1 laptop using wireless, then there should only be 1 IP to have access to the wired LAN, the rest should be ignored.
This way, I can prevent others tapping into my wireless LAN, am I right?
Thanks for your help,
Simon
My home has 5 PCs and all Windows XP/2000 based. 1 PC is Domain Controller and I'd really like to explorer the possiblity of securing my WAP11. I enabled MAC filtering and disabled SSID broadcast. My TrueMobile Dell card doesn't like encryption so I can't enable it. I also have a Linksys WPC11 card but the Dell one has better reception.
Anyway, what I was thinking is to secure the wireless LAN by limiting certain addresses to pass through to the wired LAN. For example, if I have only 1 laptop using wireless, then there should only be 1 IP to have access to the wired LAN, the rest should be ignored.
This way, I can prevent others tapping into my wireless LAN, am I right?
Thanks for your help,
Simon
Participate on our website and join the conversation
This topic is archived. New comments cannot be posted and votes cannot be cast.
Responses to this topic
Talk about paranoid? Do you actually think there is someone living in your neighborhood possesing the knowledge to get inside your system? Not to mention, having the equipment it takes to get inside via wireless? Besides, what do you have on your network that anyone would want, or would want to maliciously tamper with? I understand that security is extremely important, but the whole idea of someone going thru the extreme amount of trouble just so they can they can look at your p0rn and w@rez collection is highly unlikely. Now I would feel differently if this was pertaining to a multi-million dollar company, dozens of employees, and 300 gigs worth of private documents....But sometimes people let security get in the way of actually learning about and having fun with having a 'home' network.
Are all of your clients grabbing IP's via the DHCP in your PDC? If I am correct, and if you're using 2 network cards, you could set up 2 DHCP servers on your PDC and setup the second server to only spit-out 1 IP address thru the card that goes to your WAP11. And on that second DHCP server, just setup that 1 IP to be reserved for the mac address of your laptop. That way, your laptop will still be able to grab all of the resources from the server(WINS, DNS, etc...), and be on its own 'filtered' seperate network. Now I have no idea if it will work, or if it's even possible, but it's worth mentioning none-the-less.
Are all of your clients grabbing IP's via the DHCP in your PDC? If I am correct, and if you're using 2 network cards, you could set up 2 DHCP servers on your PDC and setup the second server to only spit-out 1 IP address thru the card that goes to your WAP11. And on that second DHCP server, just setup that 1 IP to be reserved for the mac address of your laptop. That way, your laptop will still be able to grab all of the resources from the server(WINS, DNS, etc...), and be on its own 'filtered' seperate network. Now I have no idea if it will work, or if it's even possible, but it's worth mentioning none-the-less.
