Airport on a business LAN?

Discussion in 'Macintosh Computers' started by nerveosu, Feb 5, 2005.

  1. nerveosu macrumors member

    Sep 17, 2001
    I setting up a LAN in our new office. On our new LAN, we need to
    deploy a public wireless network without a password or
    authentication for use in a conference room. (so clients can
    come in with a laptop and connect hassel free). Because the
    wireless access point would be connected directly to our LAN, it
    would leave us exposed. I will be purchasing a router to connect
    to our cable internet connection. Can I configure the router so
    that the port for the conference room is more restrictive (only
    allows email and web surfing)? Or do I need to purchase another
    firewall device to stick in between our LAN and the wireless
    access point?
  2. Bear macrumors G3

    Jul 23, 2002
    Sol III - Terra
    Actually, what you probably want is Your

    1) Cable Modem<->Firewall/router(A)
    2) Firewall Router(A) <-> Firewall/router/wireless, Firewall/router(Lan)
    3) firewall/router(Lan)<->office lan

    The above would be the most secure...
    Or you could do:
    1) Cable Modem<->Firewall/router(A)
    2) Firewall Router(A) <-> Firewall/router(B), wireless access point
    3) firewall/router(B)<->office lan
    You really don't care if the office lan people can get at the wireless systems. You do care if the wireless systems can get at the office lan systems. Doing anything other than either of the above would require a lot of firewall rules. With either of the above, you need minimal firewall rules. And the less rules, the less likely you are to make a mistake.

    The other choice would be to see if your cable modem can support a "second system" and how much you might get charged for that. in that case plug both the wirelss base and your office lan firewall/router into the cable modem. This would be the simplest, but cost the most of course.

Share This Page