Public wireless access point on a private network

networking wireless-networking wireless-access-point

hopefully someone has an idea on this.

I have a business with a private wired network, but want to provide a public wireless access point for the internet. Users on this AP should not be allowed to see anything on the private network.

I have tested this using 2 routers I have in my house, managed to get 2 networks up like so

Modem -> Router 1 -> Private Computers

            ^-> Router 2 -> Public computers

However, router 2 should be acting as the public AP, but anything on it can still ping anything connected to the 1st router.

I don't have the ability to change the Modem to the public side, so the solution needs to just be able to plug into the private network and just provide a public LAN that is separated from the main (private) LAN.

Basically just looking for a product/router that will allow this. I have my eye on a Netgear fvs318 which I think will do the trick, but I'm unsure, so some advice/help/recommendations would be great.

Thanks!


The cheap solution looks like this:

modem >==< router1 >+----< router2 >==== private network
                    |
                    +----< router3 >==== public network

Router 2 is the "Firewall" between the private network and the public. Unless you want something special like VPN, any cheap SOHO router will do.


You will need to change the routing table on the router or set up a VLAN to segregate the traffic between the networks.

It sounds like you may have a "small business" environment, if so then the most cost-effective solution (and possibly also the solution which is easiest to set up) might be to purchase a DD-WRT-compatible router, install DD-WRT and set up a VLAN to separate the public traffic from the intranet/internal traffic.

These are instructions on setting up DD-WRT and VLANs in what sounds like exactly the configuration that you will want.

More info here, here and on google.


I agree with Cody and I've used DD-WRT for the past few years on a WRT54GL router. (Home use)

However, I just wanted to throw another potential idea out there.

Modem -> Switch -> Router1 -> Private Computers
            ^-> Router 2 -> Public Computers

I honestly don't know how well the above configuration would work, but it would effectively divide the different LANs. If you have the hardware lying around, you could throw it together and see if it works the way you want.

Related

Word 2016 to pdf - ttf comes out as 72 dpi
Window's can't be configured after a system restore
Thunderbird: Error: imap.server.com : server does not support RFC 5746, see CVE-2009-3555
How to block html5 videos system wide
Windows 7 WannaCrypt Patch/Update [closed]
BSOD error on new system
Script for cutting videos based on edit list
Generic way to detect if html form is edited
Can a 'for' loop inside of a 'for' loop use the same counter variable name?
jQuery - Add ID instead of Class
Get last "column" after .str.split() operation on column in pandas DataFrame
In Ruby, is there an Array method that combines 'select' and 'map'?