Ray Tackett
(Top Gun)
10/28/16 05:08 PM
WAN Only?

I know how to lock devices out of my router completely. I know how to lock
devices on the local netword (LAN) out of the internet (WAN), which I do with
my local backup servers.

Is there a way to lock a device out of the LAN and still let it use WAN? For
example, I have a guest in the house who wants a wireless WAN connection.
Fine, but if there's a way to keep the guest's device from seeing other LAN
devices, I'd like to implement it.

In case it helps, my router is a Verizon-provided Actiontec.


Mase Taylor
(Top Gun)
10/28/16 06:14 PM
Re: WAN Only?

If you are using a workgroup, can you exclude the guest from the workgroup, thus preventing access to the other devices?

Russell Holton
(AVSIG Member)
10/28/16 06:35 PM
Re: WAN Only?

Quote:

Is there a way to lock a device out of the LAN and still let it use WAN? For example, I have a guest in the house who wants a wireless WAN connection.
Fine, but if there's a way to keep the guest's device from seeing other LAN devices, I'd like to implement it.




It all depends on the feature set of the router. I have seen home routers that allow WiFi devices to have access to the Internet, but no access to the wired LAN. I think that's what you're looking for.

I'm not sure as I've seen one that can set that at the device level.


Ray Tackett
(Top Gun)
10/28/16 07:29 PM
WAN Only?

I am using a workgroup because I don't want to keep a domain server sucking
power all the time. The workgroup name would be unknown to the guest. Good
point, but devices may still be visible via "ping 192.168.1.xxx" where xxx is
greater than 001.


Ray Tackett
(Top Gun)
10/28/16 07:29 PM
WAN Only?

I'll check for that feature. I have only one LAN/workgroup device which uses
WiFi routinely. I can cobble up a cable for it, though. I have plenty of
space on the switch.

Thanks.


sreyoB yrraL
(AVSIG Member)
10/29/16 11:55 AM
Re: WAN Only?

Use two routers.

The first one "Router A" (connected to the cable/DSL modem) provides the "Public" wifi. The second one "Router B" is connected to LAN port of the first router and provides the LAN. The firewall in Router A protects both sub-networks from attacks from outside the house. The firewall in Router B protects the LAN from anything connected to Router A's sub-network.

As has been mentioned, some routers have this functionality (for a separate public sub-network) built in.


Ray Tackett
(Top Gun)
10/29/16 02:05 PM
WAN Only?

Thanks. Now I need to consider whether that much paranoia justifies the cost
of a router :)


sreyoB yrraL
(AVSIG Member)
10/29/16 03:26 PM
Re: WAN Only?

You don't need a fancy one.

https://www.amazon.com/NETGEAR-RangeMax-...eywords=routers


John O'Shaughnessy [FCM]
(Top Gun)
10/30/16 12:18 AM
Re: WAN Only?

Quote:

Is there a way to lock a device out of the LAN and still let it use WAN?




Yes, but...

Most consumer routers don't support it.

Most consumer devices consist of a router/switch/firewall/WiFi Access Point. Getting all of those features in a single box, often for under $100 is really quite impressive compared to the equipment required to put that together 20 years ago.

What you need is the capability to add a second LAN network that can be routed to the WAN (and vice-versa) but not routed to the other local LAN network. Some router firmware can handle that. I'm not familiar with your device, and whether it can do that.

The only other hope is to check to see if your router supports a separate "Guest" network. Often that is a pre-canned method to do the same thing.

ASUS routers, for example, support this. https://www.asus.com/support/faq/1009857


John


Terry Carraway
(Top Gun)
10/30/16 06:35 AM
Re: WAN Only?

Do you have Comcast with their router?

If so, you already have a public wifi, whether you want to or not. :)


Ray Tackett
(Top Gun)
10/30/16 10:26 AM
WAN Only?

No. I have Verizon Fios. Comcast gave me a lot of grief in 1987 and I
haven't heard anything good about them since.


Terry Carraway
(Top Gun)
10/31/16 03:07 AM
Re: WAN Only?

It seems very area dependent. Some areas Comcast seems to be better, and in other areas FIOS seems better.

I don't have a choice, out in the country, no fiber.

But Comcast just upped my speed to 200 MBS. :)


Ray Tackett
(Top Gun)
10/31/16 09:43 AM
WAN Only?

Verizon seems to have replaced its script-driven Indian "support" with
competent Americans, which was a nice surprise. I hadn't called for support
in a long time because of previous dismal experience.


Terry Carraway
(Top Gun)
10/31/16 12:08 PM
Re: WAN Only?

I have never had Indian support from Comcast.

And they have been very helpful and competent.


Paul Millner [OAK]
(Top Gun)
10/31/16 08:13 PM
Re: WAN Only?

Quote:

I have never had Indian support from Comcast.

And they have been very helpful and competent.




Ah! You've never had to configure a cable card, eh?

Got to the point I developed a cheat sheet to tell the CSA what they needed to do next... cause they didn't know...

Paul


John O'Shaughnessy [FCM]
(Top Gun)
10/31/16 11:14 PM
Re: WAN Only?

Quote:

Quote:

I have never had Indian support from Comcast.

And they have been very helpful and competent.




Ah! You've never had to configure a cable card, eh?




Two things -- I learned about the Comcast Cable Card Hotline. I don't know if it still exists, but the one time I called it (last December) the support was fast, in English, and correct!

Also - when dealing with Comcast and others of their ilk, I take a stiff shot of tequila, then use the on-line chat. That way, I can multi-task (and take more shots) as I deal with their support people.

As much fun as it is to bash the cable providers, I have to admit that my Comcast (and predecessor) service has been very good. Expensive, but stable and reliable. A couple of weeks ago I noticed some channels (not all) getting pixelated. As this had happened before, I started to trace the cable. Of course, my friendly neighborhood rabbits had nearly chewed completely through the cable. The center core and just a little bit of the braided shielding was connected. I initiated an online chat. Ran through some questions, convinced them that the bad cable was the likely culprit, and had a technician visit scheduled for the next day (a Saturday). The guy who showed up had been with Comcast and the predecessors since 2000. As you might imagine, he was quite good at his job. He replaced the cable and then scheduled the next crew to come out and bury the cable. They showed up on schedule about 4 days later. I told them about the rabbits, and they put two layers of thick PVC shielding, topped off with silicone caulk, on the exposed parts of the cable as it enters my house.

Overall, while I do grumble about the cost, I've been a satisfied cable customer since 1989.

John


Bill Bridges - 9S1
(Top Gun)
10/31/16 11:50 PM
Re: WAN Only?

Quote:

Overall, while I do grumble about the cost, I've been a satisfied cable customer since 1989.






I've always been satisfied with Time Warner, but they don't do out in the country. Since I moved out here I've got satellite TV and wireless internet from a local provider beamed off a water tower several miles away. I also use their VOIP which was easier and cheaper than messing with Ma Bell. I'll go back to cable when my electric Co-op starts providing it out here. :)

Bill



Contact Us AVSIG

Powered by UBB.threads™ 6.5.5

Logout   Main Index    AVSIG Aviation Forum