Sign in with
Sign up | Sign in
Your question
Solved

Separate Network for File Sharing

Last response: in Networking
Share
March 10, 2014 12:54:51 PM

Hello Community,

Sorry in advance if this topic has already been addressed (I browsed through the threads, but didn't see one).

The thread title states what I am looking to do. I want to setup a second separate network at home for file sharing/web server that the public has access to. I want to be able to have my home PC's/Laptops/tablets/phones and so on, on my main network, while keeping the file sharing/web server totally separate.

In order to achieve this, would I use a second router and connect it to my "main" router? If so, is it as easy as connecting the router and configuring it like I did for my "main" network? Also, should I turn off DHCP and give it a static IP address? The second router is going to be an Asus RT-N12 so any tips for setting this one up as a second network would be great.

Thanks,

Phalanxs
March 10, 2014 5:27:17 PM

You can do it that way but it because of the double nat it will be easier to reverse it. You would put in the main router and plug the server and the second router into it. You will want to disable the wireless to avoid getting to the network accidentally. On the second router you need to use a different subnet on the lan than your main network.

All that would be left is to forward the ports or whatever to make the server visible on the internet.

The key advantage to this is the server on the main network cannot reach the devices on your home network behind the second router because of the nat. The devices though can open sessions with the server. So if the server would be compromised for any reason they could no use the server to attack your PC.

If you were to run it reverse the server could attack home network and the pc would not be able to access the server without port mapping.

Be very careful a home web server tend to be the most easily compromised because a lot of the function is user written. FTP though is fairly safe.
m
0
l
March 10, 2014 6:56:31 PM

Thank you Bill001g for the information. What you stated is exactly what I am looking for. In the event of my server becoming compromised, it will be isolated to that PC and the attacker would not be able to access my home network.

You said, "You would put in the main router and plug the server and the second router into it. " Just want to make sure I am doing it properly. Here is what I have.

..................................Ports on Home Router.....
Home Network Router (Linksys) |1|2|3|4|
............................Home PC 1<----|......
...........................Home PC 2<---- ...|...
............................Home PC 3<----......|
........................ASUS Router Server<----|

Is the setup above correct?

I am a novice when it comes to networking, so I am sure you know what the next question is!

How do I change the subnet on my second router (Asus RT-N12), where the server is located?

Thanks for your help

Phalanxs.


bill001g said:
You can do it that way but it because of the double nat it will be easier to reverse it. You would put in the main router and plug the server and the second router into it. You will want to disable the wireless to avoid getting to the network accidentally. On the second router you need to use a different subnet on the lan than your main network.

All that would be left is to forward the ports or whatever to make the server visible on the internet.

The key advantage to this is the server on the main network cannot reach the devices on your home network behind the second router because of the nat. The devices though can open sessions with the server. So if the server would be compromised for any reason they could no use the server to attack your PC.

If you were to run it reverse the server could attack home network and the pc would not be able to access the server without port mapping.

Be very careful a home web server tend to be the most easily compromised because a lot of the function is user written. FTP though is fairly safe.

m
0
l
Related resources
March 10, 2014 7:19:54 PM

I just connect the router and received an IP conflict error. I was able to select renew IP which then allowed me to setup the new router. The wireless is also disabled. Would you recommend setting a static IP?
m
0
l

Best solution

March 10, 2014 7:22:17 PM

you want it the reverse with the home pc on the asus

Change the lan to a subnet other use something like 192.168.200.1 255.255.255.0 for the lan.
Share
!