[SOLVED] Setting up separate network

[lucatunes]

Hello, I was wondering if it would be possible to create a separate network that cannot be accessed from the other network.

I am trying to setup port forwarding to host a website but I am unable too because another person that uses the same network said their work cannot allow them to port forward because it can allow people into the network and he has sensitive info on his computers.

I thought that getting a separate router and setting the routers up so that he can have his own network, and I can have mine but I am unsure how to go about doing this. I need it so that his network and my network cannot be accessed by each other (so that if someone were to breach my network his data is protected)

Im still a beginner when it comes to networking, so hopefully that makes sense.

Thanks in advance!

 

[bill001g]

You could put in a second router hook its wan port to the main router and his machine to the lan.

His machine would be protected by the second router. His traffic still must pass through the main network but that should not be a real issue. The traffic will be going to the internet where someone could attack it anyway. The machine itself is protected because the new router thinks everything past the wan port is internet it does not know that there are 2 networks in the house.

You would need a different subnet on the second router for the lan. It will complain if the wan and lan use the same subnet. Also double nat causes issues but it may not matter since it is mostly game machine that need port forwarding that are affected.

He could just use the firewall in his machine to block any communication with devices other than the IP of the router. That way any attempt to hack his machine would be blocked by his firewall.

 

[lucatunes]

You could put in a second router hook its wan port to the main router and his machine to the lan.

His machine would be protected by the second router. His traffic still must pass through the main network but that should not be a real issue. The traffic will be going to the internet where someone could attack it anyway. The machine itself is protected because the new router thinks everything past the wan port is internet it does not know that there are 2 networks in the house.

You would need a different subnet on the second router for the lan. It will complain if the wan and lan use the same subnet. Also double nat causes issues but it may not matter since it is mostly game machine that need port forwarding that are affected.

He could just use the firewall in his machine to block any communication with devices other than the IP of the router. That way any attempt to hack his machine would be blocked by his firewall.

Could I setup the second router to be my main router (connected to the modem), then attach the Google Wi-Fi to the LAN port of the second router and have him use the Google Wifi wifi network as usual, and configure my servers to use the main router and port forward with the main router without a risk?

 

[bill001g]

I am confused because it really doesn't matter what you call the routers. If the google wifi is a router and you connect it wan port to the lan of a router that has the internet it is the same thing.

It is the extra layer of NAT between his machine and your network that is the protection.