Hello fellow Aredn users
Im trying to setup a node at my house in Valencia, CA, I wanted to give it internet so other users on the mesh network can use it.
The issue is I don't want anyone to be able to access my local network. I figured this has something to do with VLANS so I followed the howto section for the GS105E. With that setup, I can still access network services running on my home computers when using the mesh network.
Any ideas?
Im trying to setup a node at my house in Valencia, CA, I wanted to give it internet so other users on the mesh network can use it.
The issue is I don't want anyone to be able to access my local network. I figured this has something to do with VLANS so I followed the howto section for the GS105E. With that setup, I can still access network services running on my home computers when using the mesh network.
Any ideas?
The "Mesh GW" checkbox turns your node into a gateway from the mesh to the WAN port.
Normally the wan port is connected to a network that connects to the Internet (actually we enforce that before advertising a gateway) but there is no filtering done as to where packets can go after they get put onto the WAN port that is left to the network it is connected to.
Some have exploited this to run servers on their home network but this isn't reliable because one can not guarantee which mesh gateway will be chosen.
If you want to restrict the mesh node to not be able to access your home network you need to enable security inside your network. Some routers (normally small office and up) support a DMZ port that is isolated from your "LAN".
Normally you need to have a commercial-type service contract with your ISP to give internet access to others. I looked at my particular home internet arrangement and the Terms of Service clearly say that it only permits Internet access for me, family members and visitors. If I provide (or "facilitate") off-site access to the Internet, they consider that to be "theft of service." So beware ...
Thank you KE2N I had not even thought about that. I might abandoned the whole internet idea or find a way to limit it to an extremely slow speed so it doesnt bother time warner.
Well ... I expect it is not TW network engineers that would be bothered, but rather their lawyers.
'nuff said (I hope}