Alright, here's my scenario. I'll be getting a new laptop in about 2 weeks (or whenever IBM decides to build it and ship it out). I've currently got a 100 Mbps ethernet network with 7 computers connected to it. When the laptop arrives, I thought it'd be cool to be able to use my broadband internet connection all over the house. I work from home occasionally, and it would be nice to be able to get up and move away from my desk every now and then.
Here's the problem. I have a neighbor who's a little...odd. I mean, this guy is seriously a few quarts low, or has a few screws loose, or is a few sandwiches short of a picnic basket, or whatever. He's very antisocial, very quiet, and keeps to himself--I moved into my house about 6 months ago and have tried to introduce myself numerous times, but he doesn't want to have anything to do with me. Perhaps you're beginning to see my dilemma.
If I were to get a wireless router, I would definitely use WEP, use MAC address filtering, turn off SSID broadcasting, change the SSID, change the admin password, turn off DHCP, and allow only a very small range of static IP addresses. However, some of my machines have files on them that I wouldn't want people accessing under any circumstances--we're talking about client records, tax records, bank statements, etc.
Therefore, it seems like the only safe solution would be to have 2 segmented networks. One would be the wired network that I already have in place, and the other would be a wireless network that would only allow for internet access (i.e., no file sharing with the other computers). If I needed to share files to/from the laptop, it would be easy enough to plug in to the wired network. And now for the question: How would I go about doing this? My initial thought was to install a second NIC in one of my Debian boxes and use it as a firewall, but what do you guys think?
Originally posted by Rob83 There are many ways to do it. You just purchase an access point and add it before the router (use a switch), that would the AP infront of the AP causing it be "on the outside" of the router.
Thanks for the suggestion. That was actually one of my original ideas, but I didn't know if it would work or not. It would basically look something like this: internet > modem > wi-fi AP > wired router > 7 wired computers. Would that work?
Originally posted by Simpli-Erica The key is the different IP addresses. You want to be able to have 192.168.0.x for wired, for instance, and 192.168.1.x for wireless. This will keep the two networks segmented.
Thanks for the suggestion! Is that all there is to it? This setup will make it so that people connecting via the AP won't be able to view shared files from the wired computers?