What's new

Guest network for wired connection - how?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

alexandro

Occasional Visitor
I need to setup my work PC at home by wired connection, but I don’t want to give access to my home network - I don’t trust my employer :)
For wireless it’s easy - guest network.
But for wired - how to restrict access for all devices at same network?
 
An easy way to do this is not generally available.

Some routers have the capability to do this under the covers but there are no plug and play implementations.

I have done this with a Layer 3 switch but it is difficult and expensive.
Some of the tasks are:
  • Reset the switch to layer 3 mode
  • Choose a subnet and create manual routes both ways
  • Setup DHCP on the switch
  • Create a VLAN on the switch
  • Create access control rules to protect your LAN from the VLAN but allow internet access
  • Optionally enable port isolation if available
 
Some routers have the capability to do this under the covers but there are no plug and play implementations.

While not entirely plug and play since you have to flash a router with Tomato you then can add VLANs and Virtual APs (Guest Networks) using the GUI.
 
Wouldn't YazFi be a good fit here? :)

Oops! Wired. Hmmm... :oops:

I would buy an RT-N12D router, use it on a guest network (with YazFi) in Bridge mode. :)

Cheap and cheerful!
 
I am interested as well!

Seems like Asuswrt-Merlin + what we know from VLAN How To: Segmenting a small LAN + a little from AsusWRT Merlin: Isolate Guest WiFi
might be a good recipe to start. I am just surprised that folks here don't already have a good (secure) solution. Don't want to reinvent ...

I would like it so all static/fixed/manually assigned clients (IP DHCP list) are "in" and anything else that gets plugged in is "out", on the guest LAN, isolated, etc.
 
Wouldn't YazFi be a good fit here? :)

Oops! Wired. Hmmm... :oops:

I would buy an RT-N12D router, use it on a guest network (with YazFi) in Bridge mode. :)

Cheap and cheerful!
YazFi only works in router mode.

The reason why wired ports aren't readily supported is due to VLAN config differing between models. The HND platforms remains a mystery since vconfig etc. don't exist!
 
@Jack Yaz what I was thinking was connecting the RT-N12D router to a guest network (wirelessly) that is managed by YazFi on the main router. And the work computer connected to it (and also any required printers, scanners, etc. devices).

Would that work (possibly)? :)
 
@Jack Yaz what I was thinking was connecting the RT-N12D router to a guest network (wirelessly) that is managed by YazFi on the main router. And the work computer connected to it (and also any required printers, scanners, etc. devices).

Would that work (possibly)? :)

If that is an option then why not connect wirelessly to a guest network ? if that PC does not have a wifi card, they are extremely cheap nowadays, or even using any cheap USB wifi dongle.... then you don't have to mess around with vlans and rules..
 
Why does it have to be wired? Shouldn't any wireless bridge work connecting to a wireless guest account?
 
@FTC and @whitey019, being a work computer, they may not have those options (install/add software and hardware). :)
 
@FTC and @whitey019, being a work computer, they may not have those options (install/add software and hardware). :)

That is why I mentioned a USB wifi dongle (there are some for less than 10 dollars and require only an available USB port). But if all you have is an ethernet connector, then you can look for a cheap wifi repeater with one ethernet port and you plug to your computer through cable. There exist also very cheap repeaters for less than 20 bucks.
 
@FTC, that still doesn't get around a software/driver (install) restriction. :)
 
The HND platforms remains a mystery since vconfig etc. don't exist!
I think you meant to say robocfg doesn't exist on the HND routers.

i.e. For simple use, vconfig and ebtables can be used to successfully create VLANs on HND routers such as the RT-AC86U , although vconfig and vlanctl is required for more complex VLANs configurations.
 
I think you meant to say robocfg doesn't exist on the HND routers.

i.e. For simple use, vconfig and ebtables can be used to successfully create VLANs on HND routers such as the RT-AC86U , although vconfig and vlanctl is required for more complex VLANs configurations.
Yes, I meant robocfg. I might take a look into vconfig/ebtables in that case!
 
@FTC, that still doesn't get around a software/driver (install) restriction. :)

Well, some of those USB dongles are recognized natively in windows. For instance just plugged a realtek RTL8188SU USB dongle in my PC and win10 recognized it directly. So depending on the adapter and your operating system you will not need to install anything (almost like plugging a hard drive).

In the case of wifi repeaters with ethernet port, it is even more direct. you are just still plugging the PC to an ethernet cable.
 
Using a wireless bridge (Asus or not) requires no software/driver installation of any kind. The work computer would just function as it would with a hard wired connection. I have used one several times, most notably with older computers and audio equipment without a wireless capability.
 
I need to setup my work PC at home by wired connection, but I don’t want to give access to my home network - I don’t trust my employer :)
For wireless it’s easy - guest network.
But for wired - how to restrict access for all devices at same network?


Turn off network sharing on you home devices.

Windows sharing breaks so often I got fed up with the daft merry go round of fixes and dumped it.
I found a much safer and faster way to share content between devices on my network.

I use NitroShare : https://nitroshare.net

A cross platform app that you install on the devices you want to share content with.
It works from system tray or context menu, is blazing fast and means that whilst you can share content with others nobody can see any file or folder on the other network devices.

It also has a "quarantine" setting which allows you to approve/reject transfers to your device.
 
Well, some of those USB dongles are recognized natively in windows. For instance just plugged a realtek RTL8188SU USB dongle in my PC and win10 recognized it directly. So depending on the adapter and your operating system you will not need to install anything (almost like plugging a hard drive).

In the case of wifi repeaters with ethernet port, it is even more direct. you are just still plugging the PC to an ethernet cable.


I do the same with a USB device ( £12 several years ago and still working), Windows 10 has replaced the software that was previously required, just plug in and it works instantly.
 
@FTC, to be sure, if a work computer is locked down for installing unrecognized programs, the USB ports would also be duly disabled too.

And just because Windows 'auto-installs' specific hardware on consumer versions of the os, doesn't mean that behavior is supported on a locked-down work PC. ;)
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top