I'm trying to setup a network in which each computer must not be able to see the others on the network, only the router. The people involved don't necessarily know each other and don't necessarily know much about configuring a network. The problem we're trying to solve is that sometimes people connect their own wireless router, but inadvertently connect the LAN-port to the main switch, thus creating a conflict between it's DHCP server and the one on the main router.
I'm figuring that VLANS would solve the problem. As I can't count on the equipment being connected supporting tagged VLANs, I must rely on the switch being in untagged mode for all of the clients and then the switch should support VLAN trunking, thus allowing all clients to see it and be able to access the internet.
So anyone have any suggestions for a router that can support this? Something with a GUI would be nice, as I'm too lazy for command-line stuff. The router that is in place is a Linksys WRT160N, so maybe it can be used with OpenWrt or the like.
What do you think?
EDIT:
I've looked at how to do it in DD-WRT, but the directions given here http://www.dd-wrt.com/wiki/index.php/VLAN_Detached_Networks_(Separate_Networks_With_Internet) don't explain how to do this if you want more than 4 vlans. I'm guessing I can create a greater number of vlans and separate them all?
Best Answer
If your only real problem is that some people connect a DHCP device to the network - set up DHCP filtering on the switch, or if you don't have one, get one. If you can't - set something up to monitor and alert you to the unwanted behaviour.
You could go further - a decent switch will let you set up filtering of mac addresses as well - you could prevent unauthorized devices from working on the network period.