So you have an internet connection that you would like to share with a neighbor but have concerns about the security of your home network. This site is dedicated to showing you how to provide a wireless connection to your neighbor without allowing them access to your home computers.
The hardware that will be needed will be a wireless router (for you) and a wireless card (for your neighbor). Even if you already have a wireless router you will need another one. This is the key item in making sure your home network is protected.
ROUTER: The router I am using as my example is the NETGEAR WGT624 Super-G wireless router. This router worked well with my setup. If you choose to use a different router you will need a router with good range and one that allows manually blocking ports/services.
WIRELESS CARD: Look for a good wireless card that has decent range.
ASSUMPTIONS: The assumption here is that you understand enough about a router that you have successfully implemented a home network. All wireless routers must be secured via WPA, WEP, etc. I will not be getting into how to secure a wireless signal so make sure you read your router manual if you are unsure. Otherwise, you are wasting time performing this set up since you are already sharing your internet with your neighbors unwillingly. Also, do your homework on whether the neighbor is in range of accessing your wireless signal.
DIAGRAM: See Figure 1.1 which is a diagram of how the devices are connected. Your home network is unchanged. Nothing is needed other than connecting a new router to your existing router and configuring the new router.
STEP 1: Connect an Ethernet cable from a local machine like a laptop to your new router (Router B). Connect it to one of the LAN ports (See Figure 1.2). Then connect the router to a power source. This is so we can administer the router prior to opening it up to the neighborhood.
STEP 2: Login to the administration console according to the manual for Router B. In this case we bring up an internet browser and type in the address http://192.168.1.1 then login. One of the first steps you should perform is changing the default password to log into the router. Check your manual to perform this task.
STEP 3: We will first setup the DHCP settings. DHCP handles assigning the IP addresses to each computer on your network. Router A should already have DHCP and will provide a set of IP addresses for your existing network. Router B will now be setup to assign separate IP addresses to your neighbor's computers that connect to it. Go to the LAN IP/DHCP settings and set the router to assign a different subnet, i.e. 192.168.50.* instead of 192.168.1.* which is my existing router setup. See figure 1.3 below for an example. Make sure the router is set to use the router as a DHCP server.
You will notice that the first section sets a single IP address. This is the IP address of the router itself. The middle section defines the IP addresses the router will assign to the computers connecting to it. As you can see I assigned the router the IP address of 192.168.50.1 and the DHCP assignments to 192.168.50.2 thru 192.168.50.254. Keep in mind that now you have changed the IP address of the router you will now need to access the administration console from http://192.168.50.1 instead of http://192.168.1.1. Go ahead and apply these changes, the router may kick you out and you may need to log back in using the new address.
STEP 4: Now it is time to block the ports needed for access into your network. See figure 1.4 for a list of the ports that I have blocked for both TCP and UDP.
All IP's on the neighbor's subnet need to be blocked including the router. As I stated above that you need to block both TCP and UDP for each occurrence. The only one listed here that is special is the one named DHCP which blocks ports 67 and 68. This is what allows two separate routers to operate in DHCP mode within the same network. This prevents Router A from getting requests for assigning IP addresses for computers connected through Router B. Apply/Save these settings once complete.
STEP 5: Once again this is a reminder to make sure your wireless is secured. Make sure to set up the security for your wireless connection and give the connection an SSID (Name). This is the information you will need to provide your neighbor so he can connect.
STEP 6: Now you can connect everything up. Unplug Router B then connect an Ethernet cable from an available LAN port on Router A to the WAN port (see figure 1.2) on Router B. Plug Router B back in.
STEP 7: Log back into the administration console of Router B (remember the new address, http://192.168.50.1) and go to the basic settings / internet settings. See diagram 1.5 for what the settings look line on my NETGEAR router.
As you can see Router B thinks that the ISP (internet service provider) is your home network. It should assign your router an IP address from your home network; in this case it assigned mine 192.168.1.13. This is important to note as I can now access the administration console by accessing http://192.168.1.13:8080 from my home network without needed to connect to Router B directly. For a computer connected to Router B directly the address is http://192.168.50.1.
STEP 8: You should be good to go. Your neighbor will have access to the internet through your connection and you have the peace of mind that they don't have wide open access to your network in the process. One other note, your neighbor is protected as well since Router B protects them in the same way Router B protects you. You will not be permitted to share files or devices such as printers between the two networks. This is the intent as you only want to share your internet.
Site created by Mike Bogers © 2008