Solved A wired router is upstream of a wireless is it more secure

December 23, 2011 at 06:10:17
Specs: Windows 7
2 routers in series, is one more secure. I recently asked about setting up two routers in series as routers, one wireless one not. I received a very helpful answer from Curt R. It was my understanding that the computers on the second router would not be visible to computers on the first router, the wireless one. My assumption was that this would make it more difficult for someone who got access to the wireless router to also access those computers on the second router. was this assumption incorrect ? I know i'm paranoid, it doesn't mean they'r not following you. Sorry I just reread the response to my original query and i believe this question was already answered. However a simple yes or no response would give me peace of mind.

See More: A wired router is upstream of a wireless is it more secure

Report •

December 23, 2011 at 06:36:10
Let's say I cracked the encryption on the wireless router & it gave me an IP address. At that point, I would be on your network but that doesn't mean I could see what's on the computers connected to that router or the computers connected to the wired router. The reason is that computer security & router security are two different things.

If you are using WPA2 encryption on the wireless router, the chances of cracking it are much less than if you used WEP. There maybe some people who can crack WPA2 but I'm not one of them. WEP is doable if in range.

PC security depends on what's shared & if the shares are password protected. The same goes for the machine itself. The users should have to provide a password to use the PC & access shares. That's just the basics.

How do you know when a politician is lying? His mouth is moving.

Report •

December 23, 2011 at 07:17:45
✔ Best Answer
Router 1 (R1) = upstream wireless router
Router 2 (R2) = downstream wired router

If R2 is on a different subnet, and it should be according to the requirements you set out in your original question, then someone hacking into the R1 would have to figure out what the IP on the WAN port of the R2 is before they could even begin to hope to access it and the network beyond it.

That would be the only interface between the two separate networks. Without knowing it's IP offhand you'd have to go through each possible IP to find it. Once you did, you'ld still be unable to access the router itself, or it's network since there's no route from R1 to R2 and R2's network beyond the router.

Which is to say, clients on the R2 could see the network on the R1, but not vice-versa.

Ensure that R2 is setup to not allow access to the router's management interface from the WAN side. As far as I know, this is the default but you will want to check for a "remote management" setting and if there is one, disable it. Then the only way to get into the router's management interface would be from the LAN side which a remote client, or hacker, couldn't access.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***

Report •

December 23, 2011 at 10:05:47
Thanks to both Guapo and Curt R:
You have allayed my fears and theoretically I am on the right track. I now have only to make it work,wish me luck.

Report •
Related Solutions

Ask Question