Separate Networks with Shared Internet Access
I have a question about adding a public segment to an existing network at my church. I want keep the private network as secure as possible and allow the public segment to share the Internet access. In addition to having a couple PCs with wireless access in the church library, we want to provide the ability for visitors to use personal laptops to connect to the public network wirelessly.
I know I can set up separate workgroups and set firewall rules, filters, etc. on the single router that already exists on the current network. I'm wondering how secure that is since we will not be real strict about who connects to the public network. I was thinking about adding a wireless router such as the DLink DI-624 to a switch on the current network. I figured that what I would do is set up this network segment as 192.168.2.x (the existing network is 192.168.1.x).
Does the addition of the second router and separate network segment make the private network any more secure than just restricting access via the existing firewall? In addition, do I plug the cable from the existing network switch into the WAN port on the new router? What are the proper settings for the second router as far as the Internet connection is concerned? For instance, the WAN page in the DLink router configuration looks like:
Dynamic IP or Static IP?
IP Address (if Static IP):
Subnet Mask:
ISP Gateway Address:
Primary DNS Address:
Any assistance would be greatly appreciated. I would like to have some solid ideas before I begin purchasing components.
I know I can set up separate workgroups and set firewall rules, filters, etc. on the single router that already exists on the current network. I'm wondering how secure that is since we will not be real strict about who connects to the public network. I was thinking about adding a wireless router such as the DLink DI-624 to a switch on the current network. I figured that what I would do is set up this network segment as 192.168.2.x (the existing network is 192.168.1.x).
Does the addition of the second router and separate network segment make the private network any more secure than just restricting access via the existing firewall? In addition, do I plug the cable from the existing network switch into the WAN port on the new router? What are the proper settings for the second router as far as the Internet connection is concerned? For instance, the WAN page in the DLink router configuration looks like:
Dynamic IP or Static IP?
IP Address (if Static IP):
Subnet Mask:
ISP Gateway Address:
Primary DNS Address:
Any assistance would be greatly appreciated. I would like to have some solid ideas before I begin purchasing components.
0
Comments
Can someone confirm if this actually works?