Wireless network set up

[els]

I'm trying to set up wireless network on a separate subnet (192.168.30.x) while keeping protected network as 192.168.10.x (I have DMZ network as well which is on 192.168.20.x). I know I could use a linux box as a router but I need a simple stand alone router that would fit in the structured wiring panel. As far as security goes, I already disabled SSID broadcast, enabled MAC filtering and WPA. I also wrote a simple .NET service that will check the access list on access point every x minutes and alert me if there is an unauthorized access (call me paranoid if you like).

I've tried dlink di-604 as a router between wireless and protected (wireless AP was connected to WAN port on the router) however its routing capabilities are very limited; I can't really access anything on the protected network from the wireless side.

Suggestions would be greatly appreciated. I'm not really a network guy, I'm more of a developer so I picked up network stuff on my own. Thx.

 

[JackMDS]

If you can access the protected Network from the out side so can the Hacker. The
whole point of the double Routing is to block the outside Wireless from the
Protected Network.

If you need to connect and transfer files you can open port 5900 and use
Ultra@VNC for remoter control and file transfer.

Link to: Ultr@VNC (Remote Control for your Network/Internet) - Installation, and Settings

Link to: Network Segregation - Adding security to Wireless Network (or to any peer to peer Network).

:sun:

 

[els]

Actually, I already have a firewall appliance. It has two separate ports - one for protected and another for dmz. I want to add lan to lan (wireless to wired) but both on separate subnets (in protected zone). I added dlink di-604 in protected - wireless access point was hooked up to the wan port on dlink but the problem is its routing capabilities are limited. I tried to set rule on dlink router to allow clients on wan to see any clients on lan (specified ports) but it didn't work. It's designed to be an internet router, not lan to lan router.

I tried to do a simple diagram here but it didn't work out...basically I want to add wireless network in protected zone (still behind the firewall appliance) but on a separate subnet.

 

[irwincur]

I was just looking to do the same thing. Should not be that difficult. You can always just setup another router on a different subnet, however have it look for a static or DHCP address from your current network to get out - the gateway. Should work fine. I have setup many subnets within LANs like this.

 

[els]

Dlink di-604 didn't work quite well. I have Netgear wg602 access point. It makes sense to have a router between two subnets (192.168.1.x and 192.168.2.x). My next question is obvious what router should I get? It has to be small enough to fit in the structured wiring panel and would allow me to open specific ports without having to specify a single host (which seems to be the case with dlink di-604). The router will be connected directly to the "protected" 8-port switch in the panel - DSL router and firewall are located in a storage room on one end of the house and it's not ideal place for access point so that is why I'm keeping access point in the panel since it is more of a central location.

 

[Changlinn]

hmm I think you are better off looking at a software router, like smoothwall or ipcop, what your trying to do is really only available on advanced and expensive hardware routers.