(E-Mail Removed) wrote:
> I currently have a fixed wired installation at home. The broadband
> comes via a cable modem which is attached to a NAT router which then
> carries connections to various rooms in the house. There are a couple
> of Windows desktop machines and a Linux web/file/mail server connected
> at all times. I've configured the NAT router so that only the web &
> mailservers are open to the outside world.
>
> The wife now wants WiFi - not just for ourselves, but to allow visitors
> to surf on their own PCs.
>
> Now, if I just attach a wireless access point to the NAT router, I'm
> going to make all our internal windows/samba shares visible to any
> attached computer, right? (The samba shares are all user/password
> protected, the windows shares I'm not too sure about). Plus I don't
> like the idea of our internal network traffic being potentially
> sniffable.
>
> But if I put another NAT router between the cable modem and the
> existing NAT router, and attach the wireless access point to this (the
> new NAT router) then I've screwed any chance of share access to our own
> (non-visitor) wireless PCs.
>
> So, what's the solution here? Do I need 2 wireless access points? One
> for internal users and one for visitors? Or is there some fancy
> technology to let me achieve what I want with just the one?
>
> Thanks in advance for all advice.
>
> Best regards, Ralph.
>
1 WAP
1 Router
Give all home users Static IP's, allow DHCP for visitors over small IP
range.
S/ware firewalls on all Home machines with home users in a "Trusted"
zone which allows sharing and all other IP's in a "Blocked" zone.
Make sure wireless system is encrypted and "Key" is changed frequently
(bear in mind that visitors allowed to use your network will have it's
details stored on their machines when they leave)
Make sure all "Shares" are password protected.
NBT
Similar Threads
Linear Mode
