Sign in Subscribe
network

Creating a new network inside my ISP network

In order to increase my network security and hide my services from my ISP, i created a new network inside my ISP network.

João Moura

2 min read
Creating a new network inside my ISP network
Photo by Stephen Phillips - Hostreviews.co.uk / Unsplash

In order to increase my network security and hide my services from my ISP, I created a new network inside my ISP network.

The idea is to use the ISP router as a modem and TV service provider, and create a new network inside that will hold all the devices and keep them in a protected network not reachable from the ISP network.

For this, I used an Asus RT-AX55 to create this new network, the reason behind was that I also wanted to create a mesh network to increase my WiFi range, and since Asus has a feature called AiMesh it was best suited for my use case.

The setup

The setup is very simple, I have an OptiXstar HG8247X6-8N from Vodafone in Portugal, and I connected my Asus router WAN port to an ethernet port on the Vodafone router and then my PC to an ethernet port on the Asus router. But it should be the same setup for your ISP router.

Once connected, you should able to access 192.168.50.1 (your Asus Router IP) and start the quickstart guide.

Select Wireless router mode (default).

Choose Automatic IP.

And set your Wireless Settings.

And that's it, we should be able to use our internet access without any issue through the Asus router.

DHCP/DNS

Since we are connected to the Asus Router, and it already has a DHCP server, our new devices connected to the network with use the DHCP server from the router.

Regarding the DNS, by default, the Asus Router will set the DNS server to the IP he get's from the ISP, but this can be changed and you can use your own DNS server or even select one from a list of servers that have adblocking, security and better performance.

With all this, it means that you can pick the router and the devices, connect it to a different modem/router and you will always keep the same network configuration, your network will be decoupled from the ISP network.

Make something available from outside the network

Since we have 2 routers in place, if we would like to host a webapp for example, we would need to setup port forwarding on both the ISP and our router.

A possible setup would be to port forward the ports 80 and 443 from the ISP router into the Asus Router, and then forward from the Asus Router to the machine hosting the webapp.

This way all the connections received on the ports 80 and 443 will be redirected to the correct machine inside the network.