Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Setting a different subnet for Wireless clients

    Off-Topic & Non-Support Discussion
    2
    2
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      strike101
      last edited by

      Private Lan = 192.168.0.x , one of my PC needs to have an open share ( read and write access for workstations )

      problem Is that we also give wifi access to other people , sometimes they got infected systems which automatically infects the server…. ( last week got infected by w32.Sality.AT)

      is there a simple way so that clients who connects thru the wifi gets a different Ip range ? without using additional NIC ?

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        To do it properly you have to put the guests on a different interface+subnet. Then they can infect each other as much as they like, and you can control what they can access on the main LAN (or block all access to the main LAN). For that you have to have another NIC or a VLAN-capable switch (to securely use a NIC  to share 2 interfaces/VLANs).

        You can do messy things with subnet masks, so that some groups of devices on the LAN don't actually talk to each other successfully. But anyone with their own device can set their own IP address/mask to get around that. So it can be a poor-mans kind-of solution that helps stop casual user devices from messing your real network. But it is never secure against people who actually intend to attack you.

        Of course the other advice is don't have open writeable shares!

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.