I need some advice, please. I’m setting up my network to split my internet with my landlord, and will be using a hAP Mini to do the job.
For purposes of this problem, I’m on Network 1 and my neighbour is on Network 2. Each network will have its own router to handle local traffic.
I will use Queues to limit and split each half of the network. The hAP Mini will connect to the DSL modem (and to the internet) via PPPoE. The wifi on the hAP won’t be used at all.
My question/problem is: Network 2 has children on it and I need to set it up to log what websites they visit (In case they visit anything dodgy) and also be able to block websites.
Lastly, I need to set up Port Isolation. These two networks must not know about each other - I don’t want them to be able to talk to each other at all.
Is it possible to please get a little guidance on what I need to look at to get this working, provided it’s possible? I don’t need exact instructions, just a pointer in the right direction please.
Policing kids is not that easy and more of a parental responsibility and know what your kids are doing on the net etc…
That being said, for that particular network I would use open DNS and work with the parents to apply that to their internet.
This has worked okay for me in the past… https://signup.opendns.com/homefree/
I would not get involved into any arrangement where you are reporting on someone elses children and playing police.
Provide the internet service and the above tool and let them deal with the rest.
The other consideration you may want to add to the mix is to shut down their internet after certain hours…again a parental call but can be applied at the router level.
As for separation probably lots of ways to do that.
Subnets:
separate subnets no bridge
-separate subnets one on a bridge, one not on a bridge
Vlans:
two vlans on a bridge
The key is to block all traffic via drop rules at end of input chain and forward chain.
Thus the only traffic permitted will be what you include as ALLOW.
Whatever you decide you will need
house1 to WAN
house2 to WAN
The other issue with your setup is double NAT. I personally do not see the benefit or reason for having another router after the split in networks??
Thanks anav - this is definitely all worth considering.
Sorry - I missed a piece of info in my initial post. The hAP Mini will handle all the routing for both networks. The second routers after the split will have DHCP turned off and its sole purpose is to act as a switch and Wifi access point (this will be the same on both networks) for our PC’s
So long as we can block certain websites then everything should be fine (Which OpenDNS should provide)
I might possibly go the separate subnet route for Port Isolation.
