Need dd-wrt configuration to isolate wireless router from local LAN...
Drew Van Zandt
drew.vanzandt at gmail.com
Thu Dec 11 16:15:59 EST 2008
Method (1): Put the wireless router outside the wired router.
Method (2): Add something like:
iptables -I INPUT -d 192.168.1.0/255.255.255.0 -j DROP
and (to allow the wired router as a destination):
iptables -I INPUT -d 192.168.1.1 -j ACCEPT
You might need to do that second method to the nat table instead of the
default table, that's all from memory so the syntax is probably not quite
right.
--DTVZ
On Thu, Dec 11, 2008 at 3:53 PM, Alex Hewitt <hewitt_tech at comcast.net>wrote:
> This might not have an easy answer but I want to setup a wireless router
> inside an existing LAN. I want to be able to let users connect to the
> wireless router but not be able to access systems on the LAN that the
> wireless router will be installed on. So the scenario is:
>
> Internet Connection
> .
> .
> Existing router (192.168.1.1)
> .
> .
> Wireless router (192.168.2.1 or any private network)
>
> A user connecting to the wireless router would get an address such as
> 192.168.2.100 and they could ping or otherwise see machines on the
> 192.168.1.* network. I've got dd-wrt v2.4 micro edition running on a
> WRT54G V5 wireless router. The main router is a LinkSys RV042 model. Is
> there a simple way to stop users connected on the wireless router from
> accessing systems on the main LAN? One way to achieve this would be to
> add a switch between the ISP's equipment and the RV042 but I'd like to
> make sure that any wireless connections couldn't chew up too much
> bandwidth.
>
> -Alex
>
> _______________________________________________
> gnhlug-discuss mailing list
> gnhlug-discuss at mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20081211/e6704c38/attachment.html
More information about the gnhlug-discuss
mailing list