On Sun, 3 Sep 2006 12:51:41 -0400, "Bill Kearney" wrote: : : > Hi, is it possible to create distinct networks (2..3) using a single : > router and IP connection? : >
: > We currenty have a wireless LAN working and plan on renting some rooms : > to students who want to hook up to the web. Because the foreseeable : > stay will be short, we do not want to add an additional ADSL line. : >
: > To preserve security, I thought of adding dedicated LAN networks and : > assign them to each student. Would that work? Is there a simple : > work-around? : : If you're going to ask questions about a router, at least say what MODEL : router! : : Some routers like a Linksys WRT54GS can load a 3rd party firmware. Those : firmware often include the ability to setup virtual LAN (vlan) : configurations, along with iptable routing restrictions. Then you'd also : have to setup the necessary DHCP or other static address info. But bear in : mind this is targeted toward the WIRED ports on the switch, not wireless. : It might be possible to perform more fine-grained control over multiple : client machines over the single wireless link but it'd be a bit complicated : to manage. You could also put separate wifi access points on the wired : ports. This would be "better" but would also present some wifi : configuration issues like overlapping channels and coverage. But putting : them on their own WPA-secured access point, separate from your other one, : and then setting up a VLAN controlling that access point's connection would : probably handle it. Not for the unexperienced but not impossible either, : provided you've got the right equipment.
The (relatively) new Linksys WRT54GP handles up to eight wireless VLANs. You can, for example, assign a separate WPA passphrase to each SSID. I've deployed four of these routers so far and found them to work well. The only tricky part is setting up the trunk for the wireless VLANs. I guess you'll need a managed switch, and that could run into some money. (Sorry to be vague, but our network engineer handled the trunk setup for me.)
You can read about the WRT54GP on the Linksys Web site. Oddly (IMO), what they emphasize is the router's native POE capability, not the VLANs.