1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Can I have 2 wireless networks

Discussion in 'Tomato Firmware' started by vinny2006, Dec 7, 2009.

  1. vinny2006

    vinny2006 Addicted to LI Member

    Hi All, newbie here. I have a WHR-HP-G54 running on latest VPN version of Tomato and I have it secured with WPA2-AES. I would like to know if i can add a second wireless router onto my current setup. What I am trying to do is setup a 2nd wireless so that when I have guests coming to the house I can let them log onto that one as I don't want to give them access to my current one. Basically I would like to maybe keep it separated from my current subnet.

    Currently I am using 192.168.20.x and I would like the new one to be something like 192.168.25.x and not be able to communicate with the 192.168.20.x. Is that possible?


  2. michse

    michse Addicted to LI Member


    no, at this time IMHO only dd-wrt gives you that possibility.

  3. vinny2006

    vinny2006 Addicted to LI Member

    Hello michse, thanks for the reply.

    Do you have a link you can direct me to as to how I can do this if I switch to DD-WRT?

    And would I need another wireless router/ap or can this all be done using the single Buffalo I have?

  4. TexasFlood

    TexasFlood Network Guru Member

    Well, if you have two WRT54G-type devices then obviously you can set up two APs with different SSIDs, preferably running on different channels far enough apart not to interfere - like 1 and 6.

    The issue would be that you presumably have only one public Internet IP address and Internet WAN Ethernet connection. So you have to sort out how to share that.

    You could maybe, hmm, NAT the second device off of your existing primary Internet gateway device using a different subnet and set up firewall rules on that router to prevent clients on the secondary router from talking to any address on the "primary" LAN except the gateway IP on the "primary" Internet gateway router. Well, I think you can do that, need someone more familiar with iptables to confirm. Turning on AP isolation on the second device would also prevent the wireless clients on that AP from communicating with each other if you want that. You'd have a double NAT for your "guest" clients but I've done that before and really didn't have any issues even though I expected problems.

    Does that make sense? I could do a diagram maybe if not. Maybe not the best idea, but an idea.

    There might even be a slicker way to do it, but it would be through a script and might get a bit complicated. I've seen threads here discussing setting up multiple vlans like this older one, and this more recent one, but never tried it myself.
  5. michse

    michse Addicted to LI Member

Share This Page