TechSpot

I want to connect 2 Wi-Fi routers to create 2 separate networks

By NeilM
Aug 27, 2010
Post New Reply
  1. I have a Linksys WR54GS router as my main router attached to the internet. I run a Bed & Breakfast and I give my guests free access to the internet via WiFi. My problem is, I also use that network for my business and personal computers and I am afraid that a tech savvy guest could hack into my files. I thought that if I connect a second WiFi router, I could set up a second network which my guests could use to access the web thru my main router.

    Does anyone have a clue if this is possible?
     
  2. raybay

    raybay TS Evangelist Posts: 10,716   +6

    It mostly depends on the company that is your internet provider... With their sayso, you can do it easily... just be sure the channels are widely different, and that you can control them through your client setups so the customer understands what and where.
     
  3. jobeard

    jobeard TS Ambassador Posts: 13,446   +324

    protected subnets

    yes it's possible ...

    Basically the subnet router#1 for shared usage is attached to the modem and the protected subnet router#2 attaches to router#1

    Each router has one default route and no static routes which then forces all outbound traffic on router#1
    to the modem and away from router#2. Without a route, subnet#1 can not access subnet#2


    Code:
    modem====(wan)router[B]#1[/B](lan#1)-----(wan)router[B]#2[/B](lan ports) - - - private systems
                |       192.168.1.1                192.168.2.1
                V
               shared access systems
    
    You can use WiFi on either or both routers; just set different SSID, Channels, and encryption codes

    When setting the config's (both of them), be sure to set a new password which will disallow Internet access to the settings!

    Get router#1 running first and test Internet access, then move on to router#2

    *Caution* Always change router configurations using ONLY a wired connection!

    On router #1
    • set the router address specifically to 192.168.1.1
      which serves as a note as to which router you're connected to
    • set the DHCP range to 2-10
    • save the settings
    • now setup any wifi changes as applicable
    • and change the admin password
    • when you save this time, the router will restart and you WILL loose the connection

    On router #2
    • set the router address specifically to 192.168.2.1
    • set the DHCP range again to 2-10
    • set the WAN side address to 192.168.1.100 (notice it's above router#1 item (b)
    • set the MASK to 255.255.255.0
    • set the gateway to 192.168.1.100
    • set the DNS to 192.168.1.100
    • save the settings (which likely will drop your connection due to the router address change)
      just reconnect and continue
    • setup the WiFi settings
    • change the admin password and save again

    Test router#2 connections with the browser. Good results prove you're getting proper routing through router#1 AND that any DNS requests are being resolve.

    Now test isolation; connect one system to both routers
    from a system connected to router#2
    ping 192.168.2.1 (must succeed)
    ping 192.168.1.1 (should succeed)
    ping 192.168.1.2 (should fail)​
    from a system connected to router#1
    ping 192.168.1.1 (must succeed)
    ping 192.168.1.2 (should succeed)
    ping 192.168.2.1 (should fail)
    ping 192.168.2.2 (should fail)​
    We can enhance the protection on all systems attached to router#2 with firewall rules, but let's deal with that latter...
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.