Cheapest isolated office WIFI solution needed

F

FlashSA

Honorary Master
Joined
Oct 19, 2007
Messages
10,788
Reaction score
2,892
Need advice for the cheapest way to get this implemented. I currently have a Huawei B525 LTE router handling all wifi and internet at the office. It is connected into our LAN which also has our server and workstations etc. Several staff have wifi access for their cellphones to use this internet over WIFI.

Now I want to get those private cellphones away from accessing the LAN portion of the network and thereby protect the server and data.

Is there a reasonable WIFI AP that I can buy that will give me AC WIFI and isolate the smartphones from the LAN, only giving them internet access from the B525 Router?
 
AfricanTech said:
I would have thought that a Ubiquiti Unifi AC / AC Lite would do the job.

It's much easier to work with for the non professional and it's a doddle to setup a separate network for cellphones.
Click to expand...
Not cheap though
 
I'd recommend just getting a network Admin to help you out. It won't be cheap but considering you want to protect your data the price should really not be an issue...
 
Eric said:
Get a TP-Link cheapie regular router from Incredible or Patrick at The PC Shop and - one with WiFi and a WAN port. Connect the WAN port to a LAN port of your Huawei. Put it on another LAN IP range and set it up with DHCP for the WAN port / internet. Make it a DHCP server as well and give the WiFi a different SSID / network name. That should only allow internet to devices connected to the new SSID.
Ping me for more info if you need.
I'm in EL.
Click to expand...
Eh,no,not really


The default route would allow traffic to enter their LAN and reach the servers etc they want isolated

If you did the inverse however then you'd hide your internal network behind the 2nd router
 
Eric said:
Eh, no.
Different LAN IP ranges.
Huawei: 192.168.1.x
2nd router: 10.0.0.x

Cellphone on 2nd router gets 10.0.0.2/24 IP. How is it going to access 193.168.1.x? *Cough*
Click to expand...
Rofl
Dude,just stop it's getting a bit too much

Any traffic directed to ip range 192 would go to the default route to WAN as its not in its range,at which point router1 will happily send the traffic to the LAN on router1 (192 will be in its internal route)

You are only hiding autodiscovery to a degree,but its a leaky method that is about as secure as using newspaper to waterproof a boat
 
PsyWulf said:
Rofl
Dude,just stop it's getting a bit too much

Any traffic directed to ip range 192 would go to the default route to WAN as its not in its range,at which point router1 will happily send the traffic to the LAN on router1 (192 will be in its internal route)

You are only hiding autodiscovery to a degree,but its a leaky method that is about as secure as using newspaper to waterproof a boat
Click to expand...
And how do I know? I've done this exact setup,and shared a printer from the parent network to the second network like that. You only need the IPs of what you are looking for on the parent network
*Magic*
 
PsyWulf said:
Rofl
Dude,just stop it's getting a bit too much

Any traffic directed to ip range 192 would go to the default route to WAN as its not in its range,at which point router1 will happily send the traffic to the LAN on router1 (192 will be in its internal route)

You are only hiding autodiscovery to a degree,but its a leaky method that is about as secure as using newspaper to waterproof a boat
Click to expand...
Maybe read up on what subnets are.

PsyWulf said:
You only need the IPs of what you are looking for on the parent network
*Magic*
Click to expand...
Also the OP has a server, so read up on what Active Directory is while you are about it.
 
Last edited:
Eric said:
Eh, no.
Different LAN IP ranges.
Huawei: 192.168.1.x
2nd router: 10.0.0.x

Cellphone on 2nd router gets 10.0.0.2/24 IP. How is it going to access 193.168.1.x? *Cough*
Click to expand...
That alone absolutely will not work.

You can still access 192.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X