GideonTech.com Forums

  • December 14, 2019, 01:05:33 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Pages: [1]   Go Down

Author Topic: Wireless Router/NAT question  (Read 3939 times)

Aglar

  • Elite Modder
  • ****
  • Karma: +8/-4
  • Offline Offline
  • Posts: 2,557
Wireless Router/NAT question
« on: April 28, 2006, 10:43:32 AM »

At work they want to install a wireless router in one of the conference rooms. For security reasons, I do not want those who are connected to the router to be able to access network shares on the LAN that the router will be connected to. I'm thinking that because of NAT they won't be able to and nothing special will need to be done, but wanted to make sure before I put in the order for the hardware.

Thanks.
Logged

blafrisch

  • Elite Modder
  • ****
  • Karma: +21/-5
  • Offline Offline
  • Posts: 2,857
  • Blargg
    • Look at me
Re: Wireless Router/NAT question
« Reply #1 on: April 28, 2006, 11:14:54 AM »

If you just use a wireless router they won't be able to unless they are really smart.  I doubt that is the case.
Logged
You're just about as useless as JPEGs to Helen Keller.
~ Wierd Al

damaged

  • Elite Modder
  • ****
  • Karma: +18/-29
  • Offline Offline
  • Posts: 2,784
  • Keep your drinks, just give me the money...
Re: Wireless Router/NAT question
« Reply #2 on: April 28, 2006, 11:24:22 AM »

You can play with the routing tables and stuff, you should be able to make it where the wifi router has net access, but the comps connected to it (different set of IPs) can't connect to the ones beyond that firewall. I can't give any specific details, because I really don't know WTF I'm talking about. I get paid to be cute, thats all.
Logged
"It puts the lotion on the Chen, or it gets the hose again." - Schezuan Bill

Aglar

  • Elite Modder
  • ****
  • Karma: +8/-4
  • Offline Offline
  • Posts: 2,557
Re: Wireless Router/NAT question
« Reply #3 on: April 28, 2006, 11:27:58 AM »

You can play with the routing tables and stuff, you should be able to make it where the wifi router has net access, but the comps connected to it (different set of IPs) can't connect to the ones beyond that firewall.
Yeah, that's exactly what I want.

As long as it isn't pathetically easy to get access, I don't really care. The company hadn't even thought of security issues, I'm just making sure I cover my ass by at least doing something.

Thanks.
Logged

damaged

  • Elite Modder
  • ****
  • Karma: +18/-29
  • Offline Offline
  • Posts: 2,784
  • Keep your drinks, just give me the money...
Re: Wireless Router/NAT question
« Reply #4 on: April 28, 2006, 04:02:17 PM »

You could always try to block all access to port 445, which is the SMB port.
Logged
"It puts the lotion on the Chen, or it gets the hose again." - Schezuan Bill

Aglar

  • Elite Modder
  • ****
  • Karma: +8/-4
  • Offline Offline
  • Posts: 2,557
Re: Wireless Router/NAT question
« Reply #5 on: April 28, 2006, 04:54:07 PM »

That's good to know, thanks.
Logged

ClearCaseMan

  • Elite Modder
  • ****
  • Karma: +10/-2
  • Offline Offline
  • Posts: 3,040
    • http://www.casemodman.com
Re: Wireless Router/NAT question
« Reply #6 on: April 28, 2006, 05:47:15 PM »

Might I recommend a high end firewall to separate the networks, anyone who knows how to use the trace route command can go back wards on the network. of if your network firewall that is already in place has a DMZ port you can connect e router to it that has wireless built in and that would effectively separate the two.
Logged


Aglar

  • Elite Modder
  • ****
  • Karma: +8/-4
  • Offline Offline
  • Posts: 2,557
Re: Wireless Router/NAT question
« Reply #7 on: April 29, 2006, 03:13:53 PM »

Is there an official name for "seperating networks" so I can google it?

I'll check into the possibility of connecting the router to DMZ on Monday when I go back in. If I were going to go the "high end firewall" route, what exactly would I be looking for, and how much would the company be paying roughly?
Logged

bliq

  • Elite Modder
  • ****
  • Karma: +6/-6
  • Offline Offline
  • Posts: 1,901
Re: Wireless Router/NAT question
« Reply #8 on: May 26, 2006, 06:57:47 PM »

Is there an official name for "seperating networks" so I can google it?

I'll check into the possibility of connecting the router to DMZ on Monday when I go back in. If I were going to go the "high end firewall" route, what exactly would I be looking for, and how much would the company be paying roughly?

Technically I guess you could call it "bridged networks" but that's such an esoteric term nowadays.  You'd probably be better off looking for DMZ set up or something like that.

My company provides a public hotspot in the immediate vicinity of our building.  I believe they do this via attaching the wireless network (we have about 30 access points throughout the building) logically upstream of the corporate firewall so users can reach the internet but cannot access anything within our corporate network without VPN access.

Alternatively, if it's just one conference room, which I assume has a CAT5 run to a telecom room, you could go the cheap route and have the phone company put in a $40/month DSL line in there and connect the router to that- which basically guarantees wireless users will be unable to reach your corporate network but definitely have net access.  But if you have the proper setup, I think what my company does is more cost effective.
Logged
Pages: [1]   Go Up
 

Page created in 0.081 seconds with 20 queries.