I am needing to take an existing network and segment it into two divisions. One will be for personal use and one for a home-based pc repair business. I am just trying to ensure that I don't transfer viruses or something across my network or malware infested computers don't retrieve information across the network. Should I really be worried about this and if so, how do can I protect myself?
How to segment a network
- Thread starter acrajchel
- Start date
- Oct 31, 2003
- 5,213
- 0
- 36,960
Yes, you are correct that this is a real concern.
One solution would be to setup a guest network on your router, and than connect any pc's you are working on only to the guest network.
One solution would be to setup a guest network on your router, and than connect any pc's you are working on only to the guest network.
On a cable modem you can hook 2 routers too it but the ISP will need to help and likely charge you for the second IP. If you just want to keep the networks separate you can hook the routers behind each other. Normally this is not recommended because it makes it hard to share but exactly what you want in this case.
What you do is get a router that can filter traffic parental controls may be good enough. So lets say the router that is connected to the modem uses network 192.168.1.x for its lan. You would assign say 192.168.1.250 for the WAN address of router 2 and assign say 192.168.2.x for that routers lan. at this point both networks can use the internet. By default the 192.168.1.x network can not access 192.168.2.x network because of NAT. The reverse though is not true. The 192.168.2.x network can access 192.168.1.x. This may be good enough in some cases. If it is not you would put a filter rule in the second router that prevents traffic from 192.168.2.x going to any 192.168.1.x IP...other than maybe 192.168.1.1 if you wanted to mange the main router from behind the second router.
What you do is get a router that can filter traffic parental controls may be good enough. So lets say the router that is connected to the modem uses network 192.168.1.x for its lan. You would assign say 192.168.1.250 for the WAN address of router 2 and assign say 192.168.2.x for that routers lan. at this point both networks can use the internet. By default the 192.168.1.x network can not access 192.168.2.x network because of NAT. The reverse though is not true. The 192.168.2.x network can access 192.168.1.x. This may be good enough in some cases. If it is not you would put a filter rule in the second router that prevents traffic from 192.168.2.x going to any 192.168.1.x IP...other than maybe 192.168.1.1 if you wanted to mange the main router from behind the second router.
TRENDING THREADS
-
-
-
Question how to remove toolkit.telemetry.cachedClientID on FireFox
- Started by 131rg45w412
- Replies: 10
Facebook
Twitter
Instagram