Business Community > Pharos Wireless Bridges > CPE510s to share internet only, not LAN
< Pharos Wireless Bridges

CPE510s to share internet only, not LAN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
12

CPE510s to share internet only, not LAN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
CPE510s to share internet only, not LAN
CPE510s to share internet only, not LAN
2020-08-24 17:21:07 - last edited 2020-08-24 22:40:55
Model: CPE510  
Hardware Version:
Firmware Version:

I would like to share an internet connection from my house (house 1) to another house (house 2) that is in line of sight, about 50 metres away.  I want house 2 to have internet access only but no access to the LAN in house 1.  My intention was to plug one CPE510 into the LAN in house 1, and to plug the second CEP510 into a new router in house 2.

 

Modem - Router - Switch - CPE510 (house 1) ------------ (house 2) CPE510 - Router

 

Is there a set of settings I can use that will enforce this or do I need additional equipment?

 

Many thanks for any help.

 

 

  0      
 
  0      
 
#1
Options
1 Accepted Solution
Re:CPE510s to share internet only, not LAN-Solution
2020-08-24 22:36:06 - last edited 2020-08-24 22:55:25

 

DanAir wrote

Just a dumb switch. I could get a small managed switch to allow me to create separate VLANs. Overkill?

 

No overkill, but the solution for your guest network.

 

With a managed switch you can use an asymmetric VLAN to split your LAN into two isolated VLAN segments and share a common resource such as an Internet router. But note that this is kind of a »poor man's guest network« since both LAN segments (VLANs) still use the same broadcast domain of the LAN, which means the router will send broadcasts to both LAN segments. However, access to devices in a different LAN segment from within another LAN segment is not possible.

 

Setup of a managed switch (e.g. a TL-SG108E):

 

  • VLAN 1: the shared resource (Internet router) connected to switch port #1.
  • VLAN 2: your guest LAN segment in house 2, that's the CPE in house 1 connected to switch port #2.
  • VLAN 3: your private LAN segment in house 1, PCs, laptop etc. connected to switch port #3 (and ports #4 to #8 if needed).

 

Port settings:

  • Set port #1 (router) as untagged member of VLANs 1, 2 and 3, PVID=1.
  • Set port #2 (guest LAN via CPE link) as untagged member of VLANs 1 and 2, PVID=2.
  • Set port #3 (private LAN) as untagged member of VLANs 1 and 3, PVID=3. Likewise with ports 4 to 8.

 

Effects:

  • Traffic from guest LAN to private LAN or vice versa is not possible.
  • Traffic from guest LAN gets tagged with VLAN ID 2 and reaches the router which is a member of VLAN 2.
  • Traffic from private LAN gets tagged with VLAN ID 3 and reaches the router which is also a member of VLAN 3.
  • Traffic from the router back to the clients gets tagged with VLAN ID 1 and reaches the client in guest or private LAN which are also members of VLAN 1.

 

Note that you must not use the router's built-in switch in such a topology (except for the uplink of the managed switch and other shared devices such as network printers etc.).

 

༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻
Recommended Solution
  1  
  1  
#13
Options
15 Reply
Re:CPE510s to share internet only, not LAN
2020-08-24 17:39:42

@DanAir Hi Dan!  I would verify if this is legal with your ISP??? It is not here at all.  You just need 1 router in house 1 and just use the radios to create a wireless beam and plug into a switch in house 2.  You wlll need AP's in both houses for wifi.  I would create a VLAN to separate both networks if that is what you want to accomplish.

 

smiley

 

 

  0  
  0  
#2
Options
Re:CPE510s to share internet only, not LAN
2020-08-24 17:53:31

@Doc2485 Fair point, I imagine this would breach the ISP's T&Cs, so for the purpose of this discussion, let's imagine house 2 is at the back of my garden.

 

How do I create a VLAN?  Wouldn't that require additional equipment?

 

If I set the CPE510 in house 1 to AP router mode, would that achieve the same thing?

  0  
  0  
#3
Options
Re:CPE510s to share internet only, not LAN
2020-08-24 17:57:03 - last edited 2020-08-24 18:06:51

@DanAir This may help you if you want it:

https://www.youtube.com/watch?v=TgUWAJCpHNE

 

No... use 2 CPE510 radios and create the wireless beam... that is what they are made for...NOT wifi

 

PS: Radios need clear line of sight... no trees, buildings, etc.

 

 

  0  
  0  
#4
Options
Re:CPE510s to share internet only, not LAN
2020-08-24 18:16:52

@Doc2485 Ok, but this is starting to sound beyond my abilities.

 

I get the need to have line of sight and the only purpose of the CPE510s is to create the "wireless beam" as you put it.  I'm just wondering if there's a simpler way to prevent LAN users in house 2 being able to access the LAN in house 1 (apart from the internet connection).

  0  
  0  
#5
Options
Re:CPE510s to share internet only, not LAN
2020-08-24 18:22:59

@DanAir You could do this and enable Guest network to do that....but you still need a ethernet, fiber or radio connection to house 2 to share your internet from house 1.

File:
Capture123.JPGDownload
  1  
  1  
#6
Options
Re:CPE510s to share internet only, not LAN
2020-08-24 18:33:58

@Doc2485 That really is what I was proposing in the following topology:

 

Modem - Router - Switch - CPE510 (house 1) ------------ (house 2) CPE510 - Router

 

I can set a guest network on the router in house 2, but this wouldn't stop someone plugging in their own router directly to the CPE510 in house 2, providing access to the LAN in house 1.  The question is how do I assign the CPE510 in house 1 to the equivalent of a wireless guest network? My router doesn't allow guest network on wired connections, only wireless ones.

  0  
  0  
#7
Options
Re:CPE510s to share internet only, not LAN
2020-08-24 18:37:27

@DanAir You do not want 2 routers on same network...... modem>>router >>> CPE510 >>>CPE510>>> switch and AP (some routers can be put into access point mode...but I do not do it.... I only use only AP's. )

  0  
  0  
#8
Options
Re:CPE510s to share internet only, not LAN
2020-08-24 18:47:55

@Doc2485  OK so this (which is what I meant actually - my mistake):

 

Modem - Router - Switch - CPE510 (house 1) ------------ (house 2) CPE510 - AP

 

But back to my question - is there any way to put the CPE510 in house 2 on the equivalent of a wireless guest network?

  0  
  0  
#9
Options
Re:CPE510s to share internet only, not LAN
2020-08-24 18:50:03

@DanAir No, that will not work the best way that a AP will.

 

If you need consulting work on all of this..PM me on here and we can discuss options.

 

smiley

  0  
  0  
#10
Options
Re:CPE510s to share internet only, not LAN
2020-08-24 21:37:14

 

DanAir wrote

But back to my question - is there any way to put the CPE510 in house 2 on the equivalent of a wireless guest network?

 

No. Your router in house 1 probably has or has not a guest network setting separating a single LAN port from the rest of the LAN.

 

What switch do you use? A managed one or a dumb switch?

༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻
  0  
  0  
#11
Options
12

Information

Helpful: 0

Views: 2872

Replies: 15

Related Articles
 CPE510 Client AP how to share internet connection on another lan
2264 0
 Can't share internet over wifi
835 0
ER605 as VPN Client to share remote internet on LAN
2729 1
 Been through 4 CPE510s in a month
3476 0
 Positioning of CPE510s on a hill
665 0
 Omada system doesn't share internet to the LAN.
413 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.