Split network without VLAN

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

DiGiTY

Thread Starter
Joined
Oct 16, 2006
Messages
343
I need to split a client's current LAN into 2 LANs so that the staff's office computers and devices are not accessible to the residents/guests. They currently have a modem+router device that gets it's public IP via DHCP, a couple of switches and a wireless access point that both staff and residents connect to (same SSID). The catch is they don't have static public IPs and the modem+router device MUST keep the current LAN IP network schema (10.1.10.0/24) or the ISP won't provide technical support.

Any ideas?
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,482
That is ridiculous. The ISP has no business in dictating what private addressing you are running. As long as you're running a non-routeable private address, the ISP shouldn't care if you use a 10.x.x.x, 172.16.x.x, or a 192.168.x.x. I'm currently running about 25 different subnets in my home network. The only thing they can reasonably dictate is the type of router you use. As most tier 1 phone support reps are no better than the scripted responses they read. The only way to achieve the isolation you seek is to utilize VLANs in addition to running multiple BSSIDs.
 

DiGiTY

Thread Starter
Joined
Oct 16, 2006
Messages
343
Well, they're not dictating, they're just saying, in my opinion, a custom config is out of scope for what they're trained to handle and/or makes it difficult for them to guarantee quality support and service. Anywho, none of the following setups won't work in my situation?:

Idea #1

Code:
modem (10.1.10.0/24, firewall disabled)
   |--- router (192.x.x.x, staff network)
         |--- WAP (SSID: ACME)
   |--- router (172.x.x.x, residents' network)
         |--- WAP (SSID: ACME Guests)
Idea #2

Code:
modem (10.1.10.0/24)
   |--- router (10.1.11.0/24, staff network)
         |--- WAP (SSID: ACME)
   |--- router (10.1.12.0/24, residents' network)
         |--- WAP (SSID: ACME Guests)
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,482
The scenarios you've listed assumes the router in question can support multiple physical router interfaces or has the ability to support virtual router interfaces. Since I don't know what router you're talking about, I can't say one way or another.

With the wireless part, as long as the AP supports multiple SSIDs then what you propose is the way to do it. But you'll need a VLAN support on any switch that is in the pathway between the AP and the router along withe router nedding to support the features I've listed above. Again I don't know what switches and AP you're talking about.
 

DiGiTY

Thread Starter
Joined
Oct 16, 2006
Messages
343
This would be a temporary thing (hopefully) so everything is consumer grade networking equipment (stuff you pick up at Best Buy or Staples). Until they can buck up the cash for a real network upgrade (including static public IPs and managed switch), I have to work with what they currently have.

Needless to say none of their equipment is business or enterprise class so no multiple interfaces features and no guest wireless features.

Any other ideas?
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,482
Actually, I do have an idea. You'll need two wireless routers. You set one up like you normally wouldand connect it to the ISP modem. The other you would configure similarly but you would put the WAN port of this router into the DMZ of the first router. Based on the info I have from you it wouldn't matter which group of users you would set on which router.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top