Wireless Access Point: Security from LAN?

Trey C

Trey C

Posts: 8   +0
I have an old DLink router. If I set it up on my home WiFi network as an access point with WPA2 security, will that protect me from other LAN hosts from sending requests to my devices? Is there a way to create a separate LAN (which would run through the same gateway modem) that would isolate my devices from other devices which have access to my home WiFi network?

I use a VPN for security from devices outside my home nework.
 
So you are trying to block access to your PC from others on your LAN. Yes. You can connect another router through it's WAN port to your existing network and provide a level of segmentation on the LAN. However to avoid conflicts make sure your second router is on a different IP scheme than the first. eg. if first LAN is 192.168.1.0/24 change second router to 192.168.2.0/24. Also make sure that the wireless SSID and password are different than the first router. This should give you what you are looking for. Be aware though that this will not fix any backdoors that could have been installed on your system before segmenting the network.
 
Well Done Gabriel !! Each router will be isolated from the other - - meaning sharing will not cross subnet boundaries. Even then it CAN be made to work, but that kills the isolation you are looking for.

As always, for both routers:
  • be sure to use the latest firmware
  • change the default admin password
  • disable port 8080
 
  • Like
Reactions: Gabriel Pike
As long as it works you should be good. I have seen occasions where IP conflicts can happen but it the router can handle it then it does not matter.
 
The router IP is in the WAN side setup. Typically we use AUTO, but in your case you want Manual IP as noted above.
 
I suppose then that my router doesn't support this functionality. It's pretty old. It's a DLink DIR-628. If I were to google for a device that does support this functionality what would I search for? LAN-WAN router??
 
Pg 22 shows setup
(Remember, connect only Router to PC LAN side and nothing else)
  1. change My Internet Connection: Dynamic IP to Manual
  2. set router address 192.168.2.1
  3. Mask to 255.255.255.0
  4. set DNS 8.8.8.8 & 8.8.4.4
  5. (I assume you've set a new admin pwd and disabled remote admin already)
  6. (and the wifi is also setup)
  7. save settings
Now you can wire the primary router into the WAN slot on the new router

You can not PING 192.168.2.1, you can 192.168.1.1 and you can connect to the WIFI

The wifi connected device can access google.com/
 
jobeard said:
Pg 22 shows setup
(Remember, connect only Router to PC LAN side and nothing else)
  1. change My Internet Connection: Dynamic IP to Manual
  2. set router address 192.168.2.1
  3. Mask to 255.255.255.0
  4. set DNS 8.8.8.8 & 8.8.4.4
  5. (I assume you've set a new admin pwd and disabled remote admin already)
  6. (and the wifi is also setup)
  7. save settings
Now you can wire the primary router into the WAN slot on the new router

You can not PING 192.168.2.1, you can 192.168.1.1 and you can connect to the WIFI

The wifi connected device can access google.com/
Click to expand...


My Internet Connection refers to the router set up and not my PC IPv4 properties, right?
 
The error dialogue box I'm getting when I do the above is

WAN Gateway IP 192.168.1.254 must be within WAN Subnet
 
You must log in or register to reply here.

Similar threads

A
ExpressVPN disables security feature that was leaking DNS requests to third-party servers
Replies
2
Views
136
return
return
A
Consumer Reports finds dangerous security vulnerabilities in cheap doorbell cameras
Replies
11
Views
278
Watzupken
W
Cal Jeffrey
Airbnb bans indoor security cameras from rentals
Replies
7
Views
123
kiwigraeme
K

Latest posts

Back