| View previous topic :: View next topic |
| Author |
Message |
Spanik
l33t
Joined: 12 Dec 2003
Posts: 943
Location: Belgium
|
 Posted: Thu Aug 11, 2022 11:57 am Post subject: using the laptop as a "router" |
 |
|
At the office we have a BYOD network that we can use to connect gear that is not a company issued device. This is a Wifi network that is "open" where you have to connect and then login using on a page on a webbrowser. This works fine IF your piece of gear has a graphical interface (or even an interface at all).
But we do have technical equipment that does need an occasional internet connection or just a remote connection from a different office. This equipment doesn't have wifi and some don't even have a screen/keyboard. Sometimes it is for nothing more than letting someone at a remote office get into the configuration, sometimes it would allow the producers of the equipment to do some remote debugging. All things that now cannot be done because ICT does not allow wired connections of gear they have not issued.
Now we do have a (Linux) laptop that can be connected to the BYOD wifi network and this has also an RJ45. So one idea is to use this laptop as a "router". We could connect the laptop to the BYOD network and log in using the browser. Afterwards, connect the equipment to the laptop and so have remote access to it.
But how do this? Is this setting the laptop as a bridge? And how to set the IP addresses of the wired connections? Some of the devices are (and should be) configured as dhcp but I don't think the laptop is going to become a dhcp server by itself. I know a bit of networks but this is beyond me.
_________________
Expert in non-working solutions |
|
| Back to top |
|
 |
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3136
|
| Posted: Thu Aug 11, 2022 12:47 pm Post subject: |
|
|
| Quote: | | But how do this? Is this setting the laptop as a bridge? And how to set the IP addresses of the wired connections? Some of the devices are (and should be) configured as dhcp but I don't think the laptop is going to become a dhcp server by itself. I know a bit of networks but this is beyond me. |
Any why not?
IP forwarding
NAT on iptables ( -j MASQUERADE in table nat, chain PREROUTING)
DHCP server
And you can hide whatever device is connected to the ethernet port from the network, pretending the laptop is the sole source of that traffic.
There are loads and loads of tutorials on configuring a LAN. This is exactly what you need there. Any device with linux and more than 1 network interface is capable of running as a router in this scenario. |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Thu Aug 11, 2022 12:54 pm Post subject: |
|
|
| Code: |
We could connect the laptop to the BYOD network and log in using the browser. Afterwards, connect the equipment to the laptop and so have remote access to it.
|
What kind of equipment?Will not these equipment acquire an IP by the wifi networks dhcp probably residing in the router?
You can have your router assign static IPs by mac address.
But this setup is not a "router" unless you have an internal network not the same as the wifi network,in which case yes you can configure the laptop to act as a router.
_________________
 |
|
| Back to top |
|
|
musv
Advocate
Joined: 01 Dec 2002
Posts: 3337
Location: de
|
| Posted: Thu Aug 11, 2022 1:03 pm Post subject: Re: using the laptop as a "router" |
|
|
| Spanik wrote: | | but I don't think the laptop is going to become a dhcp server by itself. |
The opposite.
Is that, what you want?
| Code: | | wifi network <---> notebook (wifi-card) <---> NAT + IP-Forwwarding <---> Ethernet <---> Wired Devices |
The BYOD devices and the wired devices have to be in different networks, e.g.
- BYOD network: 172.16.0.0/16
- Wired devices: 192.168.1.0/24
To configure the NAT Router just use this Small guide.
Configure dnsmasq, if you want DHCP (and DNS). DNSMasq you have to bind to the wired network card (eth0). If you don't want to use a DHCP server, you have to set up all wired devices by a static network configuration.
You have to respect one point:
With this configuration (NAT Router) you can't access the wired devices behind your laptop router directly from the BYOD wifi network. To get access you have to login into the notebook and from there jump to the wired device. Alternatively you could configure on the laptop a port forwarding to the wired device behind. If it's only SSH you need, you can also turn the Notebook into a SSH Jumpserver. |
|
| Back to top |
|
|
Spanik
l33t
Joined: 12 Dec 2003
Posts: 943
Location: Belgium
|
| Posted: Thu Aug 11, 2022 1:52 pm Post subject: |
|
|
Thanks for all the info. I clearly need more tought about this.
| szatox wrote: | Any why not?
IP forwarding
NAT on iptables ( -j MASQUERADE in table nat, chain PREROUTING)
DHCP server
And you can hide whatever device is connected to the ethernet port from the network, pretending the laptop is the sole source of that traffic. |
I don't think there is need to "hide" the devices on the BYOD network. They are allowed to connect, it is just they do not have wired ethernet and keyboard/browser to log into the network.
| alamahant wrote: | What kind of equipment?Will not these equipment acquire an IP by the wifi networks dhcp probably residing in the router?
You can have your router assign static IPs by mac address.
But this setup is not a "router" unless you have an internal network not the same as the wifi network,in which case yes you can configure the laptop to act as a router. |
Some will do dhcp, others have an internal fixed IP set. These are things like LED information screens, driver terminal, ...
| musv wrote: | | Code: | | wifi network <---> notebook (wifi-card) <---> NAT + IP-Forwwarding <---> Ethernet <---> Wired Devices |
The BYOD devices and the wired devices have to be in different networks, e.g.
- BYOD network: 172.16.0.0/16
- Wired devices: 192.168.1.0/24
You have to respect one point:
With this configuration (NAT Router) you can't access the wired devices behind your laptop router directly from the BYOD wifi network. To get access you have to login into the notebook and from there jump to the wired device. Alternatively you could configure on the laptop a port forwarding to the wired device behind. If it's only SSH you need, you can also turn the Notebook into a SSH Jumpserver. |
Yes, that is what I wanted. But now I'm not so sure anymore I need/want the NAT. Some of this gear has an ethernet debug port. It would be great if the maker could log into it from wherever he is in the world. I don't know if that is just ssh or anything else. But that can be found out later, first I need a simple connection.
_________________
Expert in non-working solutions |
|
| Back to top |
|
|
s0ulslack1
n00b
Joined: 06 Mar 2022
Posts: 21
|
| Posted: Thu Aug 11, 2022 5:58 pm Post subject: |
|
|
| Talk to the network admin. You are inviting the potential for Bad Things To Happen (tm) when you setup rouge devices on someone elses network. |
|
| Back to top |
|
|
Spanik
l33t
Joined: 12 Dec 2003
Posts: 943
Location: Belgium
|
| Posted: Thu Aug 11, 2022 6:26 pm Post subject: |
|
|
| s0ulslack1 wrote: | | Talk to the network admin. You are inviting the potential for Bad Things To Happen (tm) when you setup rouge devices on someone elses network. |
I had a talk with the brick wall behind me...
More seriously, that is just why they have the BYOD network. This is mostly used by people bringing the gsm to work or consultants using their laptop. Otherwise there is the corporate network (wifi and cabled) but that can only be used by a company issued pc/laptop, there is a guest network, and 2 others for specific gear. Also this is not for equipment coupled permanently to the network like airco, petrol pumps, heating, time recording, etc. For those there are the 2 "other" networks.
Only other solution I see is a 3G modem/router. Maybe even less work. But likely I will be on a M2M network then.
_________________
Expert in non-working solutions |
|
| Back to top |
|
|
|
Networking & Security
