Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

CGG



10 posts

Wannabe Geek


Topic # 191798 17-Feb-2016 00:00
Send private message

Hello, firstly, please excuse my ignorance. 

 

 

 

My brother lives 200 metres away from me and I would like to broadcast him some internet. - (Only internet).

 

 

 

I have a couple of those cheap outdoor wireless CPE bridges (2km range).

 

 

 

What I would like to do is create 2 networks. My Wireless Modem/Router is a TP-Link TL-WDR4300. On this network I have several computers, a printer and media HDD etc.

 

I would like to run a cable to my spare ASUS N66U Modem/Router and create a 2nd network independent from the last, however sharing the internet only.(Not sure if this is possible?) 

 

 

 

I would then like to connect the ASUS Router Network to the CPE and broadcast it down the road so that multiple devices can access the internet.

 

 

 

I have drawn a diagram...

 

 

 

 

 

Please tell me if this is possible. - Much appreciated in advance.

 

Click to see full size

 

 


Create new topic
7674 posts

Uber Geek
+1 received by user: 2527

Subscriber

  Reply # 1493555 17-Feb-2016 05:24
Send private message

with a VLAN yes


Meow
7524 posts

Uber Geek
+1 received by user: 3640

Moderator
Trusted
Lifetime subscriber

  Reply # 1493562 17-Feb-2016 07:26
Send private message

I do exactly this with a VLAN from my Edgerouter Lite. You could potentially go the double-nat method (hooking your 2nd router up to your first) but double-nat is terrible and I wouldn't recommend it.





26617 posts

Uber Geek
+1 received by user: 6107

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 1493572 17-Feb-2016 07:56
Send private message

It's easily done but you'll need to buy better hardware to do it. Something such as a Edgelite as mentioned above or a Mikrotik router will allow you to create two fully isolated networks on their own VLAN.


CGG



10 posts

Wannabe Geek


  Reply # 1493843 17-Feb-2016 11:55
Send private message

sbiddle:

 

It's easily done but you'll need to buy better hardware to do it. Something such as a Edgelite as mentioned above or a Mikrotik router will allow you to create two fully isolated networks on their own VLAN.

 

 

 

 

 

 

I would still like to have WIFI capability on both networks. Where would the Edgelite Router go? - Would this replace my ASUS Modem/Router (As shown in diagram)?

 

 

 

Thanks


CGG



10 posts

Wannabe Geek


  Reply # 1493844 17-Feb-2016 11:56
Send private message

michaelmurfy:

 

I do exactly this with a VLAN from my Edgerouter Lite. You could potentially go the double-nat method (hooking your 2nd router up to your first) but double-nat is terrible and I wouldn't recommend it.

 

 

 

 

 

 

I would still like to have WIFI capability on both networks. Where would the Edgelite Router go? - Would this replace my ASUS Modem/Router (As shown in diagram)?

 

 

 

 

 

 

 

Thanks


6434 posts

Uber Geek
+1 received by user: 1571


  Reply # 1493849 17-Feb-2016 12:03
One person supports this post
Send private message

worth mentioning that this is probably against your ISPs terms and conditions.

 

 

 

Not that they will know you are doing it or anything (or really care all that much)  but just in case you ever talk to them about it, then probably best not to mention it  :)

 

 

 

Also bear in mind that as the account holder you are still responsible for any traffic that goes through the connection,  so if your brother down the road likes torrenting stuff,  and gets an infringement notice,  then YOU will actually get the notice, and potentially a fine if it ever gets that far.


CGG



10 posts

Wannabe Geek


Reply # 1493852 17-Feb-2016 12:10
Send private message

NonprayingMantis:

 

worth mentioning that this is probably against your ISPs terms and conditions.

 

 

 

Not that they will know you are doing it or anything (or really care all that much)  but just in case you ever talk to them about it, then probably best not to mention it  :)

 

 

 

Also bear in mind that as the account holder you are still responsible for any traffic that goes through the connection,  so if your brother down the road likes torrenting stuff,  and gets an infringement notice,  then YOU will actually get the notice, and potentially a fine if it ever gets that far.

 

 

 

 

I see where you are coming from and I had considered it myself also, however it's kind of like a farm. Same piece of land. - But yes, there are definitely risks. :)   (If I can't trust my brother, who else is there?) 

 

 

 

Thanks


26617 posts

Uber Geek
+1 received by user: 6107

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 1493922 17-Feb-2016 12:25
Send private message

CGG:

 

sbiddle:

 

It's easily done but you'll need to buy better hardware to do it. Something such as a Edgelite as mentioned above or a Mikrotik router will allow you to create two fully isolated networks on their own VLAN.

 

 

 

 

 

 

I would still like to have WIFI capability on both networks. Where would the Edgelite Router go? - Would this replace my ASUS Modem/Router (As shown in diagram)?

 

 

 

Thanks

 

 

Yes. That would function as the primary router. If you're connected via ADSL2+/VDSL2 you'll also need a modem that supports bridge mode as the new router will be your primary router.

 

For WiFi capability you'll need to buy new AP's for each location or reuse existing routers as AP's which will work, but not really the best solution.

 

 


CGG



10 posts

Wannabe Geek


  Reply # 1498819 24-Feb-2016 21:32
Send private message

Hello,

 

 

 

Thanks for all your help to this point.

 

 

 

I have managed to acquire a Mikrotik RouterBoard 750G which seems quite complex.

 

 

 

I'm not sure exactly what I am trying to do, but I want to create two completely separate networks.

 

 

 

I have included a picture.

 

 

 

Click to see full size

 

 

 

Does anyone have experience using the WinBOX Config Utility, and how do you set up two networks within?

 

 

 

 

 

Thanks in advance.

 

 

 

C


2467 posts

Uber Geek
+1 received by user: 667


  Reply # 1498832 24-Feb-2016 21:43
Send private message

As you DO trust your brother... Why the need for completely seperate networks?

I did something very similar with a neighbour when the queue for a port on our rural exchange was over two years long. We actually liked the fact we were sharing so much I ran a hardware Ethernet between the houses (trenched) and we happily shared my crappy 1mb adsl line for nearly 3 years...

CGG



10 posts

Wannabe Geek


  Reply # 1498839 24-Feb-2016 21:49
Send private message

PhantomNVD: As you DO trust your brother... Why the need for completely seperate networks?

I did something very similar with a neighbour when the queue for a port on our rural exchange was over two years long. We actually liked the fact we were sharing so much I ran a hardware Ethernet between the houses (trenched) and we happily shared my crappy 1mb adsl line for nearly 3 years...

 

 

 

Can't trust his wife! ;)


3474 posts

Uber Geek
+1 received by user: 1250

Subscriber

  Reply # 1498852 24-Feb-2016 22:31
Send private message

The great thing about Mikrotik is RouterOS has a great wiki and lots and lots of forum posts to read about. So here are some basic steps to get you started.

 

First off your network layout should go.

 

VDSL Modem (bridging) - Mikrotik - 'client' routers

 

Log in for the first time and pick 'remove configuration' when the script pops up.

 

Upgrade your Mikrotik to the latest version (6.34.2 as of this post).

 

Change the admin password.

 

Set up the PPPoE client (perhaps on ether1) on the Mikrotik. As in, this is where your internet connection will terminate. (you need to have already set up your vdsl modem for bridging and vlan tagging)

 

Set up the firewall to stop the big bad wolf getting in.

 

Now to have separate networks in a home situation like this I would just use up an interface for each network rather than actually tag a true VLAN. So....
On 'ether2', set an appropriate IP address and subnet. Add DHCP server if required.
On 'ether3, set an appropriate IP address and subnet (but obviously a different one). Add DHCP server if required.

 

Set up a NAT masquerade rule so that each subnet gets NAT'd out the PPPoE interface.

 

Now you should be able to plug a device in to ether2 or ether3 and get an internet connection.... but they won't be isolated yet.

 

Now you need an appropriate firewall rule to stop access between the two LAN segments. Again, give it a google - won't be hard to find. But to give you a clue the 'forward' chain is important here.

 

This isolates things at layer 3 but isn't true layer 2 isolation like a proper vlan would give but seriously, just don't see the point in the home situation.


1984 posts

Uber Geek
+1 received by user: 133

Trusted

  Reply # 1500162 26-Feb-2016 20:39
Send private message

I still have a really old ADSL modem that supported LAN "groups", essentially VLANs, but sadly was never very reliable. Some modems/routers allow you to block access to the LAN from wifi users, but sounds like you need to separate the wired LAN ports from each other so thats basically a VLAN. You could find an older managed switch to do it, but setting up VLAN trunks to your modem and stuff might be a bit complicated.





Qualified in business, certified in fibre, stuck in copper, have to keep going  ^_^

Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Microsoft Dynamics 365 Business Central launches
Posted 10-Jul-2018 10:40


Spark completes first milestone in voice platform upgrade
Posted 10-Jul-2018 09:36


Microsoft ices heated developers
Posted 6-Jul-2018 20:16


PB Technologies charged for its extended warranties and warned for bait advertising
Posted 3-Jul-2018 15:45


Almost 20,000 people claim credits from Spark
Posted 29-Jun-2018 10:40


Cove sells NZ's first insurance policy via chatbot
Posted 25-Jun-2018 10:04


N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34


Enable doubles fibre broadband speeds for its most popular wholesale service in Christchurch
Posted 2-Jun-2018 20:07



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.