Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN How To

Introduction

There are times when having two separate networks - both sharing the same Internet connection - can come in handy. For example, I recently helped a community center with its network setup. They needed to provide Internet connection to tenants who were renting space, in addition to their own shared Internet. They also shared a number of folders on the network, but weren't too careful about password protecting the shares.

Rather than trying to (unsuccessfully) enforce good file-sharing practices among users who didn't really have the inclination to learn them, I took a more pragmatic approach and separated the tenant and community center computers into their own private LANs.

Separate LANs can also keep your computer(s) safe from worm and malware infestation from your children's (or employees') machines. Let's see how it's done.

The Approach

This approach is essentially an extension of the technique described in the Setting up File and Printer sharing between two routers Problem Solver and has the same effect of blocking file and printer sharing traffic entering the WAN side of each router. The difference in this setup is that we've separated clients into two groups, each behind its own firewall that blocks any data not requested by a client behind the firewall trying to come into the WAN side of its router.

File and Printer sharing doesn't work between the two groups because although data passes through the originating computer's firewall just fine, it's blocked from entering the firewall of the computer in the other group. However, all clients can freely connect to the Internet as long as they initiate the data request, even through the request has to pass through two firewalls to get there.

More LAN & WAN

Wi-Fi System Tools
Check out the new Wi-Fi System Charts, Ranker and Finder!

Featured Sponsors



Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

I need to move over 100k files from each of several directories. Select-all + drag-and-drop sometimes fails. I'd prefer to set a task, but for some re...
Hello all, I recently picked up 2x TP-LINK EAP225_V3 access points, and 1x EAP225_Outdoor. Current idea is to disable wireless on my trusty old N66U r...
Tim joined this forum on May 18th 2008. I assume that means that the forums were setup ten years ago (unless he was on a different platform before tha...
I have a new (less than 1 week old) AC86U and am running 384.5 on it.Fairly plain vanilla config with the exception of adding several static IPs to DH...
I have a pfSense box and need an 8-16 port managed switch to configure VLANS on both a wired network and a wireless AP. I would strongly prefer a POE ...

Don't Miss These

  • 1
  • 2
  • 3