[Hidden-tech] Separate lan for company laptop
Tom Kopec
tek at acm.org
Mon Mar 4 12:07:46 UTC 2019
You *might* be able to set up a DMZ on your router (I think the AC-68U
can do a DMZ), and put a cheap router (for firewall purposes) on the DMZ
and put the company laptop behind that.. I have never tried this, and
some things may not work well because of the double-NAT.
Or, you might be able to put the company laptop on a managed switch, and
configure the switch to drop all traffic to/from any LAN address other
than the gateway/router. If I did this I'd probably set up a mirror port
and sniff traffic for a while to make sure we're really dropping everything.
...tom
On 3/3/2019 3:02 PM, Andy Klapper via Hidden-discuss wrote:
>
> Good morning all,
>
> My plan is to have the laptop hardwired into a docking station, at
> least I assume they are going to be sending me a docking station.
>
> The router is an ASUS RT-AC68U with the latest update applied. I
> suspect that it can create a separate LAN for the laptop.
>
> My current theory is that a network switch (as opposed to a hub)
> placed between the cable modem and the router with three connections
> (the cable modem, router and laptop) will provide the security that I
> want, an extra port (which I also need) and a very easy setup for the
> cost of a switch that was sitting in my cabinet gathering dust.
>
> If this solution isn’t as secure or has some other issues that in my
> ignorance I’m unaware of please let me know.
>
> Andy
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20190304/30828c58/attachment.html>
More information about the Hidden-discuss
mailing list