We have Two computers, a wireless router and want to allow wireless internet access. How do we keep the wireless users out of the server and workstation?
- posted
17 years ago
We have Two computers, a wireless router and want to allow wireless internet access. How do we keep the wireless users out of the server and workstation?
You get a personal firewall/personal packet filter on the workstation and block all LAN IP(s). (LAN IP(s) are those IP(s) that can be used or issued to machines connected to the router wired or wireless. You set rules with the PFW/PPF to block all LAN IP(s), except for the two machines on the LAN you want to share resources with each other.
For the server, you'll need a server class software FW on that machine.
Here are some other tips to protect the Windows O/S from attack on the LAN, assuming the machines are Windows XP, Windows 2K, Win 2K3. or Vista.
On 23 Apr 2007 05:11:34 -0700, dbasedos wrote in :
You need wireless-to-wired isolation, ideally by getting a wireless router with that feature. (See hotspot routers in the wikis below.)
An alternative is to setup VLAN separation in DD-WRT firmware running on a suitable wireless router platform.
Yet another alternative is to use three low-end (cheap) routers:
+----------+ | Wired | | Router | +--+----+--+ | | +-----+ +------+ | | +-----+----+ +-----+----+ | Wired | | Wireless | | Router | | Router | +----------+ +----------+That puts everyone on "double NAT" which generally works well, although it can break some (older) network apps.
This answer was cut and pasted from an earlier post to this newsgroup by me. Your question is also answered in the wikis below. Please always check to see if your question is already answered _before_ posting it.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.