Allow child network to use parent network for internet access - but don't show parent network clients

Question

I have two Linksys wifi routers.

The first one (orange network) with the IP address 192.168.0.1 is connected to the internet. The second one (green network) with the IP address 10.10.10.10 is connected to the orange network.

Its physically not possible to get the 10.10.10.10 router directly connected to the internet (in-between the internet and the green network are 3 floors/levels and it's not possible to get a second network cable between them)

I set up the network structure inside Cisco Packet Tracer and with this configuration (see image) I can see and ping the clients inside the orange network.

But I don't know how to set this up, that the 10.10.10.10 router only can access the 192.168.0.1 address for only internet access (the clients inside the green network are not allowed to see the clients inside the orange network).

network map

whats about when the GREEN router would be a TP-Link TL-WR1043ND? — Mike, Sep 21 '13 at 15:42

score 1 · Answer 1 · answered Sep 21 '13 at 16:15

The only hack I currently see in your case would be installing DD-WRT or the like on router0. You could then give the LAN interface(s) a secondary IP address and then make router1's WAN port have an IP in that range.

You would then have two layer3 subnets on one layer2 segment. Security-wise this is not brilliant but maybe the idea helps.

You would additionally have to prevent router0 somehow from routing between the subnets using iptables or a source routing-based blackhole.

Allow child network to use parent network for internet access - but don't show parent network clients

1 Answers1