Hi Rick,
Our current firewall allows me to divide our public and staff machines
onto separate segments. The WG302s have a web administration
interface that allows quite a bit of flexibility in configuration. We
assign them a fixed IP connected to the public portion of the
firewall, and then use NAT and DHCP on each one with their own IP
ranges separate from both the public and staff IP addresses.
rer
Date: Wed, 10 Feb 2010 15:22:16 -0700
From: Rick Widmer <[log in to unmask]>
Subject: Re: LIBNT-L Digest - 4 Dec 2009 to 8 Feb 2010 (#2010-1)
On 2/10/2010 9:40 AM, R.E. Riker wrote:
> Hi Mary,
>
> Another possibility is to use an access point that has its own
> built-in DHCP server. We selected NETGEAR WG302s (~$180). We have 3
> (1 for our main floor, 1 for our basement, and 1 for our auditorium).
How do you have them connected?
Here in Hailey, Idaho I have two access points. The first has its WAN
port connected to the library network. It does Network Address
Translation (NAT) and runs as a DHCP server for both access points. The
two access points are connected to the LAN connections on both. The WAN
port, and DHCP server on the second access point are shut down.
| |
| wireless wireless |
< To Library | |
LAN |-----------| |------------|
----------|WAN LAN|----------------------|LAN |
Fixed IP | AP1 |Fixed IP Fixed IP | AP2 |
|___________| |____________|
NAT, DHCP Server Wireless Access
4 port switch 4 port switch
Wireless Access All other services
shutdown
This establishes a second network with its own IP address range that is
separate from the Library LAN. All wireless connections pass through a
single IP address assigned on the Library LAN. Additional access points
can be connected to any of the LAN connections on any of the access
points, just be sure not to use the WAN connection on more than one
access point, and shut down the all unneeded services on all the rest of
the access points.
Rick Widmer
IT Manager
Hailey Public Library
