1. Home
  2. Wireless Networking
  3. 2 networks, 1 wireless router

2 networks, 1 wireless router

Hi,

Wondering if anyone can help with this. I have a common area at work in which I would like to grant wireless access. The problem is I would like to grant access to both employees and guests -- with the employees getting access within our firewalled network, and guests getting access in our "DMZ" area, outside our firewalled network. The employees would be routed to our network by MAC address, and the guests would enter a password to get to our DMZ. Can this be done with 1 wireless router, or is it absolutely necessary to buy 2? Do they make wireless routers with

2 network interfaces?

Thanks for any help you can provide,

B
Reply to
sozobon
Loading thread data ...

I don't think you're going to find any wireless solution router or firewall appliance that has two wireless network interfaces, one facing the DMZ/untrusted zone and one facing the LAN/trusted zone, like you'll find in an Ethernet solution. It seems you'll need a wireless router solution in the DMZ. I myself wouldn't even have a wireless solution in the trusted zone, but that's just me.

Duane :)

Reply to
Mr. Arnold

My work uses a DLINK ap that gives the employees access to a restricted zone while guests are only given access to internet. At home i use a vpn gateway between a public wireless network and my internal. Allowing people access to internet and a server but not the workstations on my internal.

It's easy to copy a mac address but most people suggest its the best option....

Reply to
AdamO

snipped-for-privacy@gmail.com hath wroth:

No. If you have two physically seperated networks (different wired LAN's), then there is no single wireless device that can provide wireless bridging to both LAN's at the same time. In such an arrangement, two wireless access points (not routers) are usually used.

I'm not sure exactly what you have in the way of a LAN topology, but your might want to read about Sonicwall security zones.

formatting link
are not exactly what you ask, but are often used to provide seperate secure and insecure wireless connections on a single wireless router. Also, you might consider using a VPN for secure access to the inside secure LAN.

Reply to
Jeff Liebermann

A few questions:

1) What type of AP?

2) What type of authentication?

3) What sort of authentication server on the backend?

Depending on the answers to these, I can come up with a solution pretty easily.

Chris

- - - - - - - - - - - - - - - - - - - - Christopher M. Hutchison, CEO NetSteady Communications, Ltd.

Phone: 614-255-5575 Mobile: 614-853-0091 Skype: wifi_chris

formatting link

Reply to
NetSteady

Thank you all for your help and input!

AdamO: Thanks for the DLINK suggestion. I'm waiting to hear back from them.

Jeff: Thanks for the link on Sonicwall security zones. That sounds like it may be a practical solution.

Christopher: Forgive my lack of knowledge, but I'm not sure if I want to go backend server and APs, or a wireless router. I had planned on using WEP on the router for authentication to the DMZ, and restrict those users to WWW (port 80) only. I hope that answers your questions.

And for what it's worth, we're a non-profit institute with a small IT staff (and budget).

Thanks again for the help,

B
Reply to
sozobon

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.