Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Dual Routers, 1 dsl

Status
Not open for further replies.

FireTec

IS-IT--Management
Jul 7, 2004
20
US
I have 2 Linksys wrt54gs Routers, 1-Speadstream 4200 modem configured as a bridge. The first router is configured as ppoe and retreaves a static from isp. It has 3 ports opened to internal address of 1.2 for wan access to a video recorder. I need to add wireless capabilities for the lobby customers but not allow them to access the first routers lan addresses. Thank you for your responce...John
 
Don't know if you can do what you want with those products you have. What I would look at instead is a router/firewall appliance with a DMZ port. This way you can have traffic completely isolated from touching your internal LAN traffic altogether.

The other thing I would look into is keeping away from SOHO equipment in a mult-user environment. Sounds like your a business since you make the statement "lobby customers". SOHO products are typically good for 2-3 users tops, their hardware just isn't designed for many users.

I like Sonicwall's security appliances and you can get one that has control over their access points. Best thing is talk to them directly or a trusted vendor to work you out a good solution. Your going to pay a little more for business class product, but it will save you money and time in the long run.

Let me know if I helped.

Thanks.
 
Let me add this, you could double nat (having one router nat and then having the router behind it nat again)
You could out your wireless on one of the first router's switchports, then say connect port 2 to the other router putting your private lan behind it. So something like this:

Internet--Speedstream--Router1-----------
| |
| |
| |
Wireless Router2--Private LAN

So I guess I'll retract my first statement above and say that it is do-able, it's just not standard, and administratively, a pain to keep up with.

But I re-enforce my previous statements about doing this the correct way with a business class product for both firewall and wireless.
 
Sorry, my little drawing didn't translate well. Let's try that again.

Internet--Speedstream--
|
|
Router1---Wireless
|
|
Router2---Private LAN

So if you are getting a public address bridged from the Speedstream, your Router1 WAN interface would have an address of 72.x.x.x (or whatver public address), then Router1 would NAT to something like 192.168.1.0/24 for it's switchports, so then the Router2 WAN interface would be 192.168.1.X and NAT again to something like 192.168.2.0/24 for it's switchports. Whatever port you needed open ad forward to whatever internal IP address, it would have to be done twice (2 NAT's, 2 times the fun).
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top