Hi, Currently I have a modem and a router connected to it that 's providing me the broadband I...

[G+_Volkan Paksoy]

Hi,

 

Currently I have a modem and a router connected to it that's providing me the broadband Internet. I also have 2 idle routers and I want to use them to create separate networks. My idea is to separate my main machine from the other ones. So that for example I can connect my main machine over Ethernet and disable wireless on that router completely. And can still use my phone and tablet to connect over wireless to the other router.

 

Would that be possible over one connection? And would it provide any measure of security for my main machine?

 

Any thoughts/ideas/pointers are welcome.

 

Thanks,

V.

[G+_Eddie Foy]

What is your goal?  Keep the wireless and wired devices from seeing/talking to each other?  If so, just enabling guest wifi (with a PW) would do that without all the extra complication.  Segmenting 'because we can' isn't something I'd do, not without a need.  (for a home environment)

Trying to keep the kid's computer(s) from 'hacking' into yours? (good permissions and security would work fine there.  Most vulns with PoC's these days are not remote execution, but user 'installed' malware.)

[G+_Volkan Paksoy]

Eddie Foy Thanks for the reply, Eddie. My main goal is to separate wired and wireless devices as you mentioned. Also I wanted to make use of my 2 routers. I thought a physical separation would provide better security. I may be wrong though. Also I thought with 2 additional routers I can have 3 completely separate networks which would give me more Ethernet ports (becoming an issue with lots of Raspberry Pis and other IoT stuff).

 

If nothing else it's good to know if it's possible and how it can be done.

 

Thanks again for the response.

 

Cheers,

V.

[G+_Eddie Foy]

Its possible. But for more ports a simple switch would use less power and offer up to 48 ports, but a 24 should suffice most homes with  room to grow.  (its better not to downlink multiple switches)

 

Router-wise you'd probably go from modem > Router1, then branch between them to the other 2 routers.  Set up static routes, and roll.

 

Just seems a long way to go for the end results.

[G+_Volkan Paksoy]

Thanks. Main goal is to have separate networks. I'll look into guest networks and if it doesn't provide what I'm looking for I'll try branching to other routers as you mentioned.?

 

I'd appreciate any pointers on setting up multiple routers over one line.

[G+_Ben Reese]

You will gain a little security from segmenting your networks, but it's not likely that your phone or tablet would infect your desktop.

You mentioned Raspberry Pi though. Are you thinking of adding many IoT devices to your network? I have heard it recommended to segment your network used by IoT devices so if they get hacked (many have poor security) they don't affect your computer or anything like else on the network.

[G+_Volkan Paksoy]

Yes, having IoT devices is one of the reasons. Also I thought if someone broke into my wireless network by cracking the password at least my main machine would be inaccessible.

 

I checked my router and it doesn't support guest networks so I guess I have to do it the hard way. 

[G+_Ben Reese]

Which router do you have? Does it support DD-WRT?

[G+_Volkan Paksoy]

The main one I use is installed by BT (Home hub 3.0). The 2 idle ones are Linksys WRT54G (has DD-WRT on it) and Netgear DGND3300v2.

I'd prefer to able to make use of existing hardware but I can buy new stuff if need be.

[G+_Eddie Foy]

DD-WRT supports guest (think they call them (w)VLANs) network.  See if you can put it on your main router.

[G+_Volkan Paksoy]

hmm ok, I'll try to make that one the main router. Thanks.

[G+_Volkan Paksoy]

Thanks for the response, Tom. That sounds like good advice. I will try that, Also will download the episode for full details. I guess I shouldn't have stopped listening to SN ;-)