Posted: Tue Nov 10, 2015 17:26 Post subject: Shared Internet - Using Client Mode, Security Questions.
I share my internet with 5 other house mates, I'm wanting to secure myself from them or anyone sharing the same internet connection.
So if i use a router in client mode connected to the main Access Point, then connect my devices with ethernet cables to the router, is this definitely secure since it's on it's own subnet?
So i'm more or less wanting to no if this is a bulletproof method for using shared internet connections when needing to isolate yourself with the assumption of the networks been untrusted,
would I be correct in assuming as long as they don't no the router login details then it's secure from them changing anything? would the only thing they can see in the router is the i.p address of the router connected.
Last thing would be if this is secure would the same thing apply to setting up VAP setting up wireless connections along side client mode since primarily you can only use ethernet cables
Thanks i'm fairly new to all this terminology ect when you mention wan i assume you mean, this should be just as secure as for comparisons sake two separate houses with their own separate Internet connections
I do have some questions, my understanding is using client mode means that the wireless portion, that connects to the access point is on a different subnet then lan side of things where using the ethernet cables
does this mean that anything like wireshark wouldn't, be able to spy monitor on the wireless connection? i believe everything gets passed from the wireless subnet to lan subnet preventing the wireless traffic been exposed the same way that normal wireless connections have issues with?
they just didn't really explain if that's the reason are they suggesting if you were on a network with no protection without a vpn that someone couldn't monitor your wireless traffic because it's been passed from a it's own wireless subnet onto the lan subnet maybe i'm miss understanding
the other confusing things and I've looked for answers by default in client mode under wireless basic settings when you tick advanced
where it has Network Configuration it is set to Bridged mode i looked it up seems people were saying no official documentation had been released as to what this is for I turned it off then can see these settings
Multicast forwarding
Masquerade / NAT
Net Isolation
Forced DNS Redirection
IP Address
Subnet Mask
i'm not sure what Masquerade / NAT, Net Isolation, Multicast forwarding are
one other thing I see there is AP Isolation I turned on which stops wireless devices communicating I assume this is mostly used when using the device as a router and not a client mode?
when it's turned off i can access the main access point from my computer but my understanding is no devices connected to the main access point can access my subnet so in my situation is having it turned on adding any type of security stopping them communicating with me or just preventing me from logging into the access point from my computer
these seem to be the main things keeping me from feeling confident about everything been configured correctly
WAN (wide area network, the internet, public network, or in some cases just the network NATed by yours)
In client mode or repeater mode the physical wireless interface becomes the WAN connection just like a normal WAN port would be. In this type configuration you can also assign WAN port to switch and have 5 LAN ports.
AFAIK most of the dd-wrt wiki info is fairly good on these subjects.
Since configuration and terminology differs on different routers (broadcom / atheros) I suggest you ask specific questions in the appropriate forum.
And yes you can also incorporate more firewall rules to block whatever you want blocked.