Network gurus, can you help segment LAN using router?

By kratasek ·
Folks, after many years abroad I came home and this is what I see. An antenna on the roof, ethernet cable from the antenna to a RJ-45 coupling, plugged into an electrical outlet, ethernet cable from the coupling to a 8-port switch. I'm guessing I have a microwave connection to my ISP, the "powered" coupling is a home made PoE injector powering the antenna and the whole setup is part of my ISP's local network. Like my house was just another room in their building. All of my equipment is getting IP after plugging into the switch. I have a lot of personal stuff on my network, several NAS device and so on and I assume the ISP can easily see all of it..
I want to completely separate my home network from my ISP's and add wireless. I have a Linksys WRT610N router. Can this be done? Can someone please advise me as to how?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Simple really

by OH Smeg Moderator In reply to Network gurus, can you he ...

Plug in the Ethernet Cable from the 8 Port Switch to the Uplink Port of the Router and then with a Ethernet Cable setup the Router and if you want/need to have the Wired and Wireless LAN's communicate with each other bridge them in the Routers Setup.

Then from the Wired LAN Connections on the back of the router run a Ethernet Cable to the 8 Port Switch. That will isolate the Internal LAN from the Public side of the LAN.


Collapse -

And if you want for extra security, add a SW firewall to your PC

by markp24 In reply to Network gurus, can you he ...


you may want to also ensure you have a firewall enabled on your PC, (i tend to like Zone alarm)

Collapse -

We are each 'another room' in our Internet provider's office...

by TekyWanabe In reply to Network gurus, can you he ...

Having worked with microwave radios in the past to provide last-mile Internet access solutions, then it's not unlikely that the 'RJ-45 coupling' is itself connected to another configurable device with at least 2 IP facing the ISP and the other to serve as the gateway for your network. If you do a tracert to an external website or IP address, you may be able to see what the IP address facing your ISP is.
I guess we could say that every subscriber to a broadband provider or ISP is actually just 'another room' in the provider's office in a manner of speaking... :-)

Collapse -

Still a bit confusing..

by kratasek In reply to Network gurus, can you he ...

Thanks much everybody, appreciate your advice..
What would happen if I took out the switch and plugged that ethernet cable into the WAN port of the router? How does the router's firewall work in this mess? Is the ISP gonna know that I put the router on the network? I obviously don't want to create any problems for them.. And lastly, does RIP have to be enabled on the router?
I know, you probably say that I'm overthinking this but I was never faced with this situation before, I'm sure some of you were..
thanks again..

Collapse -

Reponse To Answer

by Spitfire_Sysop In reply to Still a bit confusing..

1. yes, do that.
2. Yes the router firewall will work. It filters trafic between the dish and your switch in the prescribed setup.
3. They certainly could. The only way to fool them is to spoof the MAC address of the device that they are expecting to see on the other end.
4. Directly connected networks come first in the routing table with no routing protocol required. (RIP = NO)

Collapse -

Step by step.

by Alpha_Dog In reply to Network gurus, can you he ...

First, plug your ISP's connection, the one going to the PoE devise at the wall plug into your router's WAN port, which in your case is labelled Internet. Plug the rest of the devices into the LAN side of the house; the rest of the ports.

Optional, but a good way to keep surprises to the minimum, set your router configuration to the default (soft reset).

Next change your internal IP address to something other than the 192.168.1.x it gets from the ISP device. 192.168.0.x is fine. Set the router's IP at and make sure DHCP is turned on with a sufficient pool of addresses for your devices.

Lastly, change the administration password to the router as well as the wireless settings to reflect the desired security.

Congratulations you are done.

Collapse -

Reponse To Answer

by TekyWanabe In reply to Step by step.

Better still, he could turn off DHCP, use a 10.0.0.x subnet for his own LAN and assign static IP addresses depending on the number of devices he's got and whether there'll be a lot of traffic (I mean devices joining and leaving the network...which I doubt based on the setup he's described)

Collapse -

Use a different subnet to avoid confusion

by oldbaritone In reply to Network gurus, can you he ...

Your router will get a 192.168.1.x address on the WAN side.

I ended up setting my internal network to the 172.16-31.0.0 (172.16/12 prefix - I use 172.22.33.x) so there is no confusion about which addresses came straight from the ISP and which are on the internal subnet. If you're going to stick with the 192.168.x.x subnet, pick a recognizable number as your own, like 192.168.150.x or 192.168.250.x - something that is not generally used by ISPs or unconfigured consumer routers, like 0, 1, 2, or 100.

Collapse -


by kratasek In reply to Network gurus, can you he ...

Spitfire_Sysop, Alpha_Dog, TekyWanabe and lastly oldbaritone, all of you guys deserve a big cheers for taking the time answering my question. I'm gonna set the whole deal up tomorrow and will definitely post results here..
thanks again everybody

Collapse -

Reponse To Answer

by theNetNanny In reply to Thanks

very curious about the issues brought up in this setup, how did it turn out?

Related Discussions

Related Forums