1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Question: How to disable LAN access on wired network

Discussion in 'Networking Issues' started by megafrenzy, Apr 11, 2006.

  1. megafrenzy

    megafrenzy LI Guru Member

    moved from dd-wrt forum

    I've been using dd-wrt for 6 months now, but I'll admit, I'm by no means a power user- but I've learned enough by searching and reading. I have it working on 2 routers, one at home and one at work (very tiny company).

    So, one thing I cannot figure out, thought I'd post the question here.

    At work I have 2 parallel routers on the DSL router one I call public and one private. The public is a netgear running WEP that is open to the internet and not connected to any of my computers. This is to allow visitors to access the internet while not getting on our private LAN.

    The Private network is a WRT54G running dd-wrt #22 (I'll update to #23 soon). That has running WPA with a random 64 character password. The network is just a MS peer-peer setup (no server) with about 7 PCs. The building is wired with CAT5 to about 12 spots.

    So sometimes visitors will come over and plug into our network with a CAT5 cable, thereby bypassing all the security I have setup. Once they are in, they have full access to any shared files on the network and I've got one guy who keeps downloading really large files, killing my network performance.

    So the question is, can I stop this from happening? I have all my PCs setup on a fixed IP based on MAC addr (dhcpd) and DHCP server is on.

    Is it possible to:
    1. Keep DHCP on, but only allow internet access (no access to shared files on the LAN) to non-approved MAC addresses or an IP addr range?
    2. If yes, can I throttle internet access on just those systems?

    If no, I guess I turn off the DHCP and force people to use the public WIFI. Will dhcpd still work?

    Thanks for any input.[hr:cb54e3016e][hr:cb54e3016e]
     

Share This Page