Turn Linksys WRT54G into access point

I'll preface this by saying that, although I can build computers and program them, I can't NETWORK them. I'm learning. Here's my current setup:

cable broadband internet (coax to) D-Link cable modem (CAT-5 to) Linksys WRT54G (CAT-5 to) parents' PC and (wireless to) daughters' PC

I want more control over my daughter's computer (monitor websites, AIM discussions) as well as share resources (printer, drive space). I also want to do some home development of web applications. Therefore, I'm building a small file/web server. I would like to do the following:

cable broadband internet (coax to) D-Link cable modem (USB to) file server (CAT-5 to) Linksys WRT54G (CAT-5 to) parents' PC and (wireless to) daughters' PC

Is this possible? If so, what do I have to do to the WRT54G in order to make it a basic access point? Any help would be greatly appreciated. Thanks!

Reply to
kevinpublic
Loading thread data ...

If you just want to make it a wire/wireless AP switch and not a router, then you disable the DHCP server on the router and it becomes a switch and not a router likes what's being explained in the link.

formatting link
I would suggest you get yourself a cable modem that uses the RJ45 connection type and replace the USB modem and plug the modem unto the router and let the router do it's of being a FW/router with and the gateway device for the LAN/WAN wire or wirelessly, use Wallwatcher (free) to monitor traffic to from the network, and use all the features the router has to offer in router mode that you talk about above.

formatting link
Duane :)

Reply to
Duane Arnold

Well, the cable modem uses either RJ-45 or USB to connect to a computer. I was going to use the USB just so it would plug into the back of the server and not take up lan adapter card. What I want to do looks a lot like the second picture of the /web/explain/about-NAT.asp page you have a link to.

If I plugged the modem into the router (the way it is now), then doesn't that mean the server winds up sharing the internet connection along with the workstations? It wouldn't have any control over the internet connection, would it?

See what I mean... I'm a newbie.

Reply to
kevinpublic

From what I understand, the 54g is a packet filtering FW/router that can stop inbound or outbound traffic from WAN IP(s) to LAN IP(s) or between LAN IP(s) to other LAN IP(s) if you have to do it. The router if you learn how to set FW rules and understand the device, is what you need acting in full router mode as the gateway device for your entire LAN setup wired and wireless and all your machines should be going through the router. You should use Wallwatcher (free) go find it using Google that works with the 54G router. You may have to change the firmware on the 54g to one of the (free) 3rd party firmwares that provides the syslog so you can review the traffic to and from the network for dubious remote connections or check by IP just what is your daughter accessing over the Internet and block traffic if need be and stop her or block traffic if you determine that one of the machines on the LAN has malware and is phoning home.

You have a router the 54G for home usage, that gives you the absolute control over any traffic that comes to or leaves the network the WAN/Internet or Wide Area Network traffic, which you can also control traffic between machines on your LAN Local are Network or machines behind the router if it came to that, along with other features that come with the 54g. Most routers for home usage cannot provide the FW features that the 54g can provide.

That router provides the protection and tracking based on the second link I provided to you *What does a FW do?*. You should understand and learn how to use your router as no one is going to do it for you to protect your network.

Here is another link that may or may not help you.

formatting link
The buck stops at the O/S(s) as someone could hack the wireless and be all over the top of the machines on the LAN so you should try to protect the machines by hardening the O/S to attack as much as possible if you have one that you can configure.

formatting link
Duane :)

Reply to
Duane Arnold

What OS is intended for the Server?

fundamentalism, fundamentally wrong.

Reply to
Rico

Oh one other thing, if you're going to expose the server which I'll assume is going to be a Web sever either MS and IRIS or Linux and Apache , then you configure the router to open the inbound ports to the LAN IP/machine that needs the inbound port open. Due keep the machine out of the DMZ. You should be using a *static* IP on the router and Linksys has a good Support Knowledge Base on the how to(s). You should watch the logs for dubious connections and with the 54g, you can block that traffic. You should not be into using a personal FW to protect a server that's not a good thing

formatting link
I do hope you will take the proper security measures to secure the O/S and Web server for a machine that's going to be exposed to the public Internet. There are books out there that explain how to do it or you can find it on Google. That machine may pose a bigger threat than anything else that may be happening on your network as it gets hacked to death if not properly secured MS or Linux.

Duane :)

Reply to
Duane Arnold

Snooping is going to be difficult. You'll likely require some sort of proxy and associated configuration skills or a host-based router that can decode traffic with tethereal and grep.

I'd like to recommend a topology more along these lines.

__modem__router__PCs/server

Disable DHCP and connect a LAN port to a switch or router. The WAN port is not used.

Reply to
Dom

Here's how I would go about sniffing the traffic.

[modem]__[wrt54g]---[daughter PC] \\__[unix router]

The link to the daughter PC may be wireless, it doesn't matter. Address all hosts to the same logical network as the wrt54g, except the daughter PC. Address the daughter PC to a different logical network and set the unix router as its default gateway. Address the unix router to both networks. This will proxy all traffic to/from the daughter PC through the unix router. Tethereal with bpf filters and grep may then be used to log the desired information.

Reply to
Dom

In the above configuration, the wrt54g would have to be configured with a static route to reach the network to which it is not addressed via the unix router.

It may also work to address everything to a single logical network, by configuring the unix router as the default gateway for the daughter PC and adding a static route on the wrt54g to reach the daughter PC via the unix router.

Reply to
Dom

As has been said, just stop using DHCP but also, don't plug anything into the WAN port, just use the LAN ports otherwise the device is still having to route between the two interfaces.

David.

Reply to
David Taylor

You need to have:

broadband > modem > router, then router cabled by CAT5 or WiFi'd to ALL other machines.

Set up access policies on the router based on MAC addresses. You can then control what access your daughter has.

Reply to
__spc__

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.