One way access to devices on guest network












0















I'm trying to configure a guest wireless network on the router asus RT-AC66U_B1. The network's purpose is to host iot devices and and a server running home automation software.



I'd like to be able to reach these devices from my main network to via protocols like SMB and SSH so i need to be able to see them, but at the same time i'd like them not to be able to see what's on the main network. The only setting i've found in the router is an "access intranet" checkbox on the guest network's settings, but that opens up everything so it kills the benefits of having a separate network.



Do you have any idea on how i might be able to solve this?






networking wireless-networking router







share|improve this question



























    0















    I'm trying to configure a guest wireless network on the router asus RT-AC66U_B1. The network's purpose is to host iot devices and and a server running home automation software.



    I'd like to be able to reach these devices from my main network to via protocols like SMB and SSH so i need to be able to see them, but at the same time i'd like them not to be able to see what's on the main network. The only setting i've found in the router is an "access intranet" checkbox on the guest network's settings, but that opens up everything so it kills the benefits of having a separate network.



    Do you have any idea on how i might be able to solve this?






    networking wireless-networking router







    share|improve this question

























      0












      0








      0








      I'm trying to configure a guest wireless network on the router asus RT-AC66U_B1. The network's purpose is to host iot devices and and a server running home automation software.



      I'd like to be able to reach these devices from my main network to via protocols like SMB and SSH so i need to be able to see them, but at the same time i'd like them not to be able to see what's on the main network. The only setting i've found in the router is an "access intranet" checkbox on the guest network's settings, but that opens up everything so it kills the benefits of having a separate network.



      Do you have any idea on how i might be able to solve this?






      networking wireless-networking router







      share|improve this question














      I'm trying to configure a guest wireless network on the router asus RT-AC66U_B1. The network's purpose is to host iot devices and and a server running home automation software.



      I'd like to be able to reach these devices from my main network to via protocols like SMB and SSH so i need to be able to see them, but at the same time i'd like them not to be able to see what's on the main network. The only setting i've found in the router is an "access intranet" checkbox on the guest network's settings, but that opens up everything so it kills the benefits of having a separate network.



      Do you have any idea on how i might be able to solve this?






      networking wireless-networking router




      networking wireless-networking router






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Jan 18 at 8:23









      mrcmrc

      1




      1






















          1 Answer
          1






          active

          oldest

          votes


















          0














          There are multiple ways to accomplish this, unfortunately none match all the criteria of secure, easy AND cheap.




          1. If your Iot devices are all wireless you may be able to put them on a guest WIFI LAN (but im not sure if the included firmware will allow the main LAN to reach the IOT lan - the servers may need to be hosted putside your network.


          2. If you het a second router you can have the internet coming to the 'edge' router and connect yhe IOT devices to that. You then connect a LAN port on the edge router to the WAN port of the secind (core) router and hang your main network behind the core router. By using (double) NAT you effectively allow the Home router to reach the iot router and Internet but protect inbound connections. You just need to ensure the LAN ranges are different. (You could also drop NAT on the core router and replace it with routing and firewall rules, provided the core router csn do this.


          3. The way I would do it would be to flash dd-wrt onto the router and then have 2 different LAN interfaces (it does not appear the supplied firmware can do this, but DD-WRT can. Once you have 2 lan segments set up you can use the router to route between them and firewall as appropriate.







          share|improve this answer
























          • Thanks for your answer, i have a second router and i had exactly the 2nd configuration, but i wasnt able to ping the devices from the inner network..

            – mrc
            Jan 19 at 12:06











          • @mrc Ok. Thats probably a seperate question - you would need to describe the network and hardware to find the problem.

            – davidgo
            Jan 19 at 17:46











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1395656%2fone-way-access-to-devices-on-guest-network%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          0














          There are multiple ways to accomplish this, unfortunately none match all the criteria of secure, easy AND cheap.




          1. If your Iot devices are all wireless you may be able to put them on a guest WIFI LAN (but im not sure if the included firmware will allow the main LAN to reach the IOT lan - the servers may need to be hosted putside your network.


          2. If you het a second router you can have the internet coming to the 'edge' router and connect yhe IOT devices to that. You then connect a LAN port on the edge router to the WAN port of the secind (core) router and hang your main network behind the core router. By using (double) NAT you effectively allow the Home router to reach the iot router and Internet but protect inbound connections. You just need to ensure the LAN ranges are different. (You could also drop NAT on the core router and replace it with routing and firewall rules, provided the core router csn do this.


          3. The way I would do it would be to flash dd-wrt onto the router and then have 2 different LAN interfaces (it does not appear the supplied firmware can do this, but DD-WRT can. Once you have 2 lan segments set up you can use the router to route between them and firewall as appropriate.







          share|improve this answer
























          • Thanks for your answer, i have a second router and i had exactly the 2nd configuration, but i wasnt able to ping the devices from the inner network..

            – mrc
            Jan 19 at 12:06











          • @mrc Ok. Thats probably a seperate question - you would need to describe the network and hardware to find the problem.

            – davidgo
            Jan 19 at 17:46
















          0














          There are multiple ways to accomplish this, unfortunately none match all the criteria of secure, easy AND cheap.




          1. If your Iot devices are all wireless you may be able to put them on a guest WIFI LAN (but im not sure if the included firmware will allow the main LAN to reach the IOT lan - the servers may need to be hosted putside your network.


          2. If you het a second router you can have the internet coming to the 'edge' router and connect yhe IOT devices to that. You then connect a LAN port on the edge router to the WAN port of the secind (core) router and hang your main network behind the core router. By using (double) NAT you effectively allow the Home router to reach the iot router and Internet but protect inbound connections. You just need to ensure the LAN ranges are different. (You could also drop NAT on the core router and replace it with routing and firewall rules, provided the core router csn do this.


          3. The way I would do it would be to flash dd-wrt onto the router and then have 2 different LAN interfaces (it does not appear the supplied firmware can do this, but DD-WRT can. Once you have 2 lan segments set up you can use the router to route between them and firewall as appropriate.







          share|improve this answer
























          • Thanks for your answer, i have a second router and i had exactly the 2nd configuration, but i wasnt able to ping the devices from the inner network..

            – mrc
            Jan 19 at 12:06











          • @mrc Ok. Thats probably a seperate question - you would need to describe the network and hardware to find the problem.

            – davidgo
            Jan 19 at 17:46














          0












          0








          0







          There are multiple ways to accomplish this, unfortunately none match all the criteria of secure, easy AND cheap.




          1. If your Iot devices are all wireless you may be able to put them on a guest WIFI LAN (but im not sure if the included firmware will allow the main LAN to reach the IOT lan - the servers may need to be hosted putside your network.


          2. If you het a second router you can have the internet coming to the 'edge' router and connect yhe IOT devices to that. You then connect a LAN port on the edge router to the WAN port of the secind (core) router and hang your main network behind the core router. By using (double) NAT you effectively allow the Home router to reach the iot router and Internet but protect inbound connections. You just need to ensure the LAN ranges are different. (You could also drop NAT on the core router and replace it with routing and firewall rules, provided the core router csn do this.


          3. The way I would do it would be to flash dd-wrt onto the router and then have 2 different LAN interfaces (it does not appear the supplied firmware can do this, but DD-WRT can. Once you have 2 lan segments set up you can use the router to route between them and firewall as appropriate.







          share|improve this answer













          There are multiple ways to accomplish this, unfortunately none match all the criteria of secure, easy AND cheap.




          1. If your Iot devices are all wireless you may be able to put them on a guest WIFI LAN (but im not sure if the included firmware will allow the main LAN to reach the IOT lan - the servers may need to be hosted putside your network.


          2. If you het a second router you can have the internet coming to the 'edge' router and connect yhe IOT devices to that. You then connect a LAN port on the edge router to the WAN port of the secind (core) router and hang your main network behind the core router. By using (double) NAT you effectively allow the Home router to reach the iot router and Internet but protect inbound connections. You just need to ensure the LAN ranges are different. (You could also drop NAT on the core router and replace it with routing and firewall rules, provided the core router csn do this.


          3. The way I would do it would be to flash dd-wrt onto the router and then have 2 different LAN interfaces (it does not appear the supplied firmware can do this, but DD-WRT can. Once you have 2 lan segments set up you can use the router to route between them and firewall as appropriate.








          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Jan 18 at 9:33









          davidgodavidgo

          44k75292




          44k75292













          • Thanks for your answer, i have a second router and i had exactly the 2nd configuration, but i wasnt able to ping the devices from the inner network..

            – mrc
            Jan 19 at 12:06











          • @mrc Ok. Thats probably a seperate question - you would need to describe the network and hardware to find the problem.

            – davidgo
            Jan 19 at 17:46



















          • Thanks for your answer, i have a second router and i had exactly the 2nd configuration, but i wasnt able to ping the devices from the inner network..

            – mrc
            Jan 19 at 12:06











          • @mrc Ok. Thats probably a seperate question - you would need to describe the network and hardware to find the problem.

            – davidgo
            Jan 19 at 17:46

















          Thanks for your answer, i have a second router and i had exactly the 2nd configuration, but i wasnt able to ping the devices from the inner network..

          – mrc
          Jan 19 at 12:06





          Thanks for your answer, i have a second router and i had exactly the 2nd configuration, but i wasnt able to ping the devices from the inner network..

          – mrc
          Jan 19 at 12:06













          @mrc Ok. Thats probably a seperate question - you would need to describe the network and hardware to find the problem.

          – davidgo
          Jan 19 at 17:46





          @mrc Ok. Thats probably a seperate question - you would need to describe the network and hardware to find the problem.

          – davidgo
          Jan 19 at 17:46


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1395656%2fone-way-access-to-devices-on-guest-network%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Plaza Victoria

          Image
          Plaza Victoria Plaza Victoria en 2017 Otros nombres Plaza de La Victoria Localización El Almendral, Valparaíso, Chile Vías adyacentes Chacabuco, Molina, Plaza Victoria y Edwards Creación 1841 Metro Bellavista Ubicación 33°02′46″S 71°37′11″O  /  -33.04624167, -71.61980833 Coordenadas: 33°02′46″S 71°37′11″O  /  -33.04624167, -71.61980833 [editar datos en Wikidata] La Plaza Victoria , también llamada Plaza de la Victoria , [ 1 ] ​ es una plaza ubicada en el sector El Almendral del plan de la ciudad de Valparaíso, Chile, de importancia patrimonial, que incluye valiosas estatuas y especies vegetales. [ 2 ] ​ La plaza se creó como tal en la primera mitad del siglo XIX, tomando previamente los nombres de Plaza Nueva y Plaza de Orrego . Si bien desde sus inicios tuvo relevancia histórica, no fue sino a partir de fines de los años 1860 cuando comenzó a cobrar mayor importancia y se convirtió en uno de los principales centros sociales de l
          Read more

          In PowerPoint, is there a keyboard shortcut for bulleted / numbered list?

          Image
          .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 2 OneNote has two useful keyboard shortcuts for bulleted and numbered lists, namely Ctrl + . and Ctrl + - . Is there something similar for PowerPoint where the work with lists is also very common? Haven't found anything here: Use keyboard shortcuts in PowerPoint. keyboard-shortcuts microsoft-powerpoint share | improve this question edited Aug 14 '14 at 14:49 Linger 2,826 10 28 40
          Read more

          How to put 3 figures in Latex with 2 figures side by side and 1 below these side by side images but in...

          Image
          1 0 I want to put 3 images in LateX such as 2 figures are side by side horizotally and 3rd figure below these 2 side by side figures but in middle. I have following code: begin{figure}[H] centering begin{minipage}{.5textwidth} centering includegraphics[width=.50linewidth]{Text/Images/Genelec_8010_AP.jpg} captionof{figure}{Genelec 8010 AP} label{fig:Genelec 8010} end{minipage}% begin{minipage}{.5textwidth} centering includegraphics[width=.69linewidth]{Text/Images/Genelec_8020_CPM.jpg} captionof{figure}{Genelec 8020 CPM} label{fig:Genelec 8020} end{minipage}% end{figure} %%Here is my 3rd picture code begin{figure} centering includegraphics[width=5cm]{Text/Images/Genelec_8030_BPM.jpg} caption{Genelec 8030 BPM} label{fig:Genelec 8030} end{figure} I want to ask ho
          Read more