1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

port suggestions

Discussion in 'Networks' started by steve_p1981, Apr 21, 2012.

  1. steve_p1981

    steve_p1981 Byte Poster

    236
    5
    30
    Im trying to configure my work router ( belkin 54g/n) so that we can have customers use out wifi point while waiting for their bike to be serviced.

    I have figured out that i can block ip addresses from accessing the internet by telling the router to stop access to port 80 and this seems to work.
    what port would i block (if this method is practical) if i want to stop that PC seeing the other machines on the network?
    I have found a list of ports but am unsure which one(s) i need to block to do this.

    any help would be great!
     
    Certifications: A+ 220-701 and 220-702
    WIP: none at current but poss 70-680 soon
  2. craigie

    craigie Terabyte Poster

    3,020
    173
    155
    What you would normally do fella is create a seperate VLAN for Guest Wireless. Create your LAN > Outbound NAT rules and then Deny access to work LAN from the Guest Wireless.

    Job done.
     
    Certifications: CCA | CCENT | CCNA | CCNA:S | HP APC | HP ASE | ITILv3 | MCP | MCDST | MCITP: EA | MCTS:Vista | MCTS:Exch '07 | MCSA 2003 | MCSA:M 2003 | MCSA 2008 | MCSE | VCP5-DT | VCP4-DCV | VCP5-DCV | VCAP5-DCA | VCAP5-DCD | VMTSP | VTSP 4 | VTSP 5
  3. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,191
    299
    319
    Craigie is right – you would really need a separate VLAN or LAN subnet to do this properly.

    In reference to your previous thread about a virus on some of your PCs if you purchased a higher spec router\firewall it would have security services and perhaps additional interfaces. So you could patch in a wireless access point into one interface and give it a different subnet to what your current LAN is. From there you can block the public wireless LAN accessing your private LAN.
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  4. steve_p1981

    steve_p1981 Byte Poster

    236
    5
    30
    And you can do this with standard routers that you would use in your home? We don't have any servers or what I'd class as corporate equipment. I had a look at the router settings and I could find settings for a virtual server but dont remember seeing one for a vlan. I will have a look Tuesday when I'm back in the office and see what I can find.
     
    Certifications: A+ 220-701 and 220-702
    WIP: none at current but poss 70-680 soon
  5. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,191
    299
    319
    Don't think so but no harm in having a look.

    You don't need corporate level kit to do this mate - there are products aimed at small business which could be of use.
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  6. steve_p1981

    steve_p1981 Byte Poster

    236
    5
    30
    Well that answers if I can do it at work on the kit we have. It's a router you would buy for your home so I doubt it will do that. I will give maplins a call as I don't really like pc world ( I'm a bit of a snob and like the staff to know what they are talking about, and they don't in the ones round my way) and see what they have to offer.
     
    Certifications: A+ 220-701 and 220-702
    WIP: none at current but poss 70-680 soon
  7. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,191
    299
    319
    No probs mate - you got a budget in mind? :)
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  8. dmarsh

    dmarsh Terabyte Poster

    3,782
    302
    184
    I really wouldn't use Maplins as your main supplier they are expensive and not really an IT supplier.

    Look at dabs, scan, overclockers, ebuyer, novatech for consumer IT gear. Expect others can let you know corporate level re-sellers.

    There is open source firmware like DD-WRT that can be installed into some consumer routers to give them more capabilities like maybe basic VLAN support.

    VLAN Support - DD-WRT Wiki
     
    Last edited: Apr 24, 2012
    Certifications: CITP, BSc, HND, SCJP, SCJD, SCWCD, SCBCD, SCEA, N+, Sec+, Proj+, Server+, Linux+, MCTS, MCPD, MCSA, MCITP, CCDH
  9. steve_p1981

    steve_p1981 Byte Poster

    236
    5
    30
    cheers guys, managed to find a netgear one that does support a guest network and a btetter firewall than the one i curently have etc. Its about £70 and the guv has OK'd it so it's on the way. Just hope it all goes well when i swap the existing one out lol
     
    Certifications: A+ 220-701 and 220-702
    WIP: none at current but poss 70-680 soon

Share This Page

Loading...