Private network in apartment building

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Author Message
TheGuyCalledBob
DD-WRT Novice


Joined: 17 May 2019
Posts: 3

PostPosted: Fri May 17, 2019 18:58    Post subject: Private network in apartment building Reply with quote
Hi all,

I've been using dd-wrt for some time now on my own private internet connections. However, I'm moving to a building that has a a main router and a switch on every floor. I would really like my own wired and wifi network to have more control over my devices. This feels like a challenge and I could use some tips on where to start.

It is set up and works like this:
( | and - are wired connections)

Code:
Main Router (192.168.1.xxx / 255.255.255.0)
|
|
1st floor Switch
|
|
2nd floor Switch
|
|
3rd floor Switch----computer (gets IP by DHCP from main router)
|               
|
4th floor Switch


Now, what I would like to achieve is this:

Code:
Main Router (192.168.1.xxx / 255.255.255.0)
|
|
1st floor Switch
|
|
2nd floor Switch
|
|
3rd floor Switch --- DD WRT --- private wired devices AND *)) private wifi
|                                       
|
4th floor Switch


So I would like to create my own private network (subnet ?) behind the main router and have control IP addresses etc.

I'm kinda lost on which mode to use. I have a wired connection between the primary and secondary (DD-WRT) router and I would like private wired and wifi connections on the secondary router.

Important note: I don't have access to the primary router Sad

Could someone give me a hint on this ?
Thanks in advance !
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 5790
Location: Netherlands

PostPosted: Fri May 17, 2019 20:09    Post subject: Reply with quote
Reset the router to defaults.
Login set username and password
Change the routers ip address from 192.168.1.1 to 192.168.55.1.

Connect WAN from router to the switch and reboot the router.

That is all

_________________
Routers:Netgear R7800, Netgear R6400v1, Netgear R6400v2, Linksys EA6900 (XvortexCFE), Linksys E2000 (converted WRT320N), WRT54GS v1.
OpenVPN Policy Based Routing guide: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321686
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Wireguard server setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
Wireguard client setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324624
Wireguard Advanced setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324787
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
TheGuyCalledBob
DD-WRT Novice


Joined: 17 May 2019
Posts: 3

PostPosted: Sat May 18, 2019 17:59    Post subject: Reply with quote
Really ? Ok Smile Thnx/dankjewel!

I do have some additional questions though.

The owner insisted that I use an access point like this:



He was talking about security concerns. Saying that when using some other setup a whole floor could be blocked.

Could he be talking about something like this ?:

Quote:
As an example, some colleges still allow students to have their own wireless access points (WAPs). They require that the WAPs not hand out private IP addresses (like routers with DHCP/NAT) because it makes it difficult to track down which client is causing problems (eg. virus infections, worms, etc.)


And are these assumptions correct when using egc's solution?
- My secondary router gets a WAN IP 192.168.1.xxx
- I can use DCHP to give my devices 192.168.55.xxx IP's
- All traffic to the primary router seems to be coming from 192.168.1.xxx
- Computers on the primary router (192.168.1.xxx) cannot see/acces my devices behind my secondary router (192.168.55.xxx)

Thanks in advance
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 5790
Location: Netherlands

PostPosted: Sat May 18, 2019 18:27    Post subject: Reply with quote
TheGuyCalledBob wrote:
Really ? Ok Smile Thnx/dankjewel!

I do have some additional questions though.


And are these assumptions correct when using egc's solution?
- My secondary router gets a WAN IP 192.168.1.xxx
- I can use DCHP to give my devices 192.168.55.xxx IP's
- All traffic to the primary router seems to be coming from 192.168.1.xxx
- Computers on the primary router (192.168.1.xxx) cannot see/acces my devices behind my secondary router (192.168.55.xxx)

Thanks in advance


Spot on, so make sure you set a strong WPA2 /AES password, because anybody who knows or acquires it use your IP address and you will be blamed.

The real security risk, in my opinion, is not using this setup. With this setup you have a firewall between yourself and the appartment.

_________________
Routers:Netgear R7800, Netgear R6400v1, Netgear R6400v2, Linksys EA6900 (XvortexCFE), Linksys E2000 (converted WRT320N), WRT54GS v1.
OpenVPN Policy Based Routing guide: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321686
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Wireguard server setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
Wireguard client setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324624
Wireguard Advanced setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324787
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 804
Location: Appalachian mountains, USA

PostPosted: Sat May 18, 2019 18:43    Post subject: Reply with quote
Looks to me like you are good, but there are some here (e.g. egc) who know way better than I.

I think the big issue is when you have two DHCP servers on two devices both handing out addresses in the same IP space like 192.168.1.X. You've worked around that by having your router work with the space 192.168.55.Y, so you should be good. I've done the same with several setups with absolutely no problems.

_________________
Five Linksys WRT1900ACSv2 routers on BS 42926:
VLANs, multiple VAPs, NAS, QoS, client-mode travel router, OpenVPN client/PBR (AirVPN), two DNSCrypt servers (incl Quad9) routed through vpn.
TheGuyCalledBob
DD-WRT Novice


Joined: 17 May 2019
Posts: 3

PostPosted: Mon May 20, 2019 18:59    Post subject: Reply with quote
Thanks for your replies guys !

I will be testing this week. And yes, I have a VPN subscription that I'll be using.

I'll post back here if it's all up and running (/me crossing fingers Smile)
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum