I’ve seen the guest feature for wiFi but since I’ll be doing my work on that laptop all week I’d prefer to make it hardwired. I did find some stuff online for configuring my router to have two separate lans but it looks complicated. >From what I can tell the simple solution is to install a switch between my cable modem and my home wiFi/lan router and connect the laptop to the switch. My understanding, and please correct me if I’m wrong since this is not my area of expertise, is that a hub distributes everything connected to it to everything else connected to it as if it was one wire, a router is a smart device that is able to do many things including a firewall and as you stated virtual lans (if you can figure out how to configure that) and a switch which looks at every packet that comes into it, determines the destination and sends that packet to the destination and the destination only which has two advantages – 1 it lowers the over all traffic on the lan since the wire to device A doesn’t have traffic on it for device B and vise versa (unlike a hub) and 2 because it does 1 it isolates each device from every other device. Those devices can still communicate with each other, but they only see the traffic that is specifically being sent to each other (in this case my house lan will not see the communication between my work laptop and work servers and my laptop will not see my wife’s computer’s communication with her work servers). Since the switch is outside of my home firewall my house will be as secure as it is now (which is more secure than most but not that of somebody that is a security expert) from my work computer. It also has the bonus feature of I’m already using all of the hardwire connections on the back of my home modem so I’d have to add a hub, switch or router somewhere to get an extra lan port anyway. Andy From: Chaim Peck <chaimpeck at gmail.com> Sent: Sunday, March 03, 2019 2:00 AM To: Andy Klapper <atk at andyklapper.com> Cc: Hidden-Tech Tech <hidden-discuss at lists.hidden-tech.net> Subject: Re: [Hidden-tech] Separate lan for company laptop I understand that you want this laptop to have access to the internet, but not be able to access other devices in your home network. Some routers have a "guest mode", which does exactly that. It will create a second wifi access point that you can connect devices to, such that they will have access to the internet, but not other locally connected devices. Even if your router does not have "guest mode", you might be able to configure it so that this new device, identified by it's MAC address, will not be able to access the local network. - Jeff On Sat, Mar 2, 2019 at 8:57 PM Andy Klapper via Hidden-discuss <hidden-discuss at lists.hidden-tech.net <mailto:hidden-discuss at lists.hidden-tech.net> > wrote: I’ve spent a lot of time working remotely for various companies but I just got a new job where I am being issued a company laptop (in the past I’ve been a consultant and provided my own hardware). Because this is company hardware they can put anything they want on the laptop and I not only have zero say on it but they don’t even have to tell me what they put on the laptop. I would like to structure my home network so that this laptop sits outside of the firewall that surrounds my home network. How do I go about doing that? Is it as simple as putting a small inexpensive router between my cable modem and my primary house router? Do I need to do more to secure my home network from my foreign hardware? Thanks, Andy. Andy Klapper Asgard Technology Group, LLC Making Complex Software Simple AndyTK at Asgard-Tech.com <mailto:AndyTK at Asgard-Tech.com> (860) 805-1189 (cell) _______________________________________________ Hidden-discuss mailing list - home page: http://www.hidden-tech.net Hidden-discuss at lists.hidden-tech.net <mailto:Hidden-discuss at lists.hidden-tech.net> You are receiving this because you are on the Hidden-Tech Discussion list. If you would like to change your list preferences, Go to the Members page on the Hidden Tech Web site. http://www.hidden-tech.net/members -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20190303/f14079ed/attachment.html>