Networking & Wireless forum

General discussion

more security with 2 routers

by dlacrue / January 25, 2006 10:10 AM PST

I recently had to purchase a new router to accomodate a fifth computer added to our LAN (our router only had 4 ports). I know most routers will control other routers attached to it automatically, so I added another 4 port router (actually, all I could find was a 4 port switch, is this the same thing?).

Is there any additional security gained from being behind two routers, and thus behind two hardware firewalls?

Discussion is locked
You are posting a reply to: more security with 2 routers
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: more security with 2 routers
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Negatory... in fact,
by Michael Geist / January 25, 2006 10:50 AM PST

unless you disable DHCP on the router not connected to your modem, you'll likely lose your internet capabilities.

Collapse -
router vs. switch
by wfairley / January 25, 2006 10:21 PM PST

A router and a switch are different in many ways, but the key difference is in the way each device manages the packets of information exchanged between computers (we will use the term "hosts"). A router actually analyzes the "routing information" (layer 3 of the OSI model). Many companies have boosted that degree of intelligence to include other services "built-in" to the magic box, such as NAT (network address translation), DHCP (dynamic network addressing), and plenty of security-related features, packaged and presented to the owner (administrator) with a built-in web-based interface. (NOTE: if your router includes wireless, be sure to read the articles on cnet.com regarding securing your wireless router). A switch does not include the intelligence of the router, but if you already have a router, then a switch is perfect for adding ports. A switch is a "layer 2" (in the context of the OSI model) device, and while it does not contain the intelligence of the router, it does provide high throughput for the devices that are connected to it; kudos to you, you got the right box!

At home, I have a switch, connected to a Belkin Pre-N wireless router, connected to a LinkSys/Vonage VOIP router, connected to my cable company's modem. I also have a Lightyear VOIP router connected to the Vonage router, and it all works just fine together: network printing via Konica-Minolta Magicolor color laserjet ethernet printer, two IP phones, 4 laptops, 2 Windows desktops, 1 Linux desktop, and an audio/video recording studio system. Hope I've helped some...

-Woody Fairley

Collapse -
Just curious...
by Melati Hitam / January 27, 2006 4:21 PM PST
In reply to: router vs. switch

is that a single network or is it a different network?

I just curious how do you manage the network, IP, NAT, DHCP, etc.?

I quote:
=== At home, I have a switch, connected to a Belkin Pre-N wireless router, connected to a LinkSys/Vonage VOIP router, connected to my cable company's modem. I also have a Lightyear VOIP router connected to the Vonage router, and it all works just fine together: network printing via Konica-Minolta Magicolor color laserjet ethernet printer, two IP phones, 4 laptops, 2 Windows desktops, 1 Linux desktop, and an audio/video recording studio system. ===

Collapse -
Home network elaboration...
by wfairley / April 7, 2006 2:53 AM PDT
In reply to: Just curious...

I apologize for not replying sooner (I'll check the forum more often). My home network is a single network, however I have configured the routers to provide back-to-back firewalls, and the VOIP phones enter the system at different levels (between firewalls). NAT and DHCP are active at every level, but the hosts receive DHCP assignments from the inner-most level DHCP server-router. It's easier to visualize if I could draw it on a napkin, preferrably served with a drink. Happy

It's important to change the default settings at every level for security purposes. Admin passwords, DHCP ranges, default gateway addresses, SSID's, every setting that you can change should be changed, but remember to write it all down and keep it filed for when you forget. Happy

-Woody

PS - I've added two Apple systems to the mix since my last posting.

Collapse -
a switch will not provide more security, but a single router
by wfairley / January 25, 2006 10:31 PM PST

Well, I didn't directly answer your question in my earlier post ~ a switch does not have the intelligence and safeguards built into it to enhance security. If you had purchased another router (same brand and model), generally speaking, it would not enhance security either. A different brand/model of router might enhance security (generally speaking) because it might use a different set of algorithms for the security functions, and hacker attacks would have to crack the first router security firewall, then discover and crack the second security firewall.

Honestly, with only one router you are pretty safe, but I recommend viewing the articles on cnet.com regarding securing your home network, ok?

-Woody Fairley

Collapse -
starting to make sense now....
by dlacrue / January 27, 2006 3:02 PM PST

cool, thanks for the tips, that cleared my confusion right up.

Pretty sweet set-up you have there, by the way.

Collapse -
RE:
by bknowledge / January 27, 2006 1:45 AM PST

Adding a switch is the best way to add more ports and less headaches. But for more security you can get more firewalls to the PCs and have a router from each of the big makers lined up one behind the other.

Collapse -
RE: 86 firewalls
by dlacrue / January 27, 2006 3:08 PM PST
In reply to: RE:

never thought of it that way... you could even have multiple routers from the same maker, only different model numbers that do not share the same software/driver/firmware version running in them. Imagine the security of 86 firewalls...hehe... hmmm

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!