Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Allowing Access to IoT Device from Guest Network  (Read 11402 times)

0 Members and 1 Guest are viewing this topic.

rjbinney

    Topic Starter


    Adviser
  • Disarmingly Good-looking
  • Experience: Familiar
  • OS: Windows 10
Allowing Access to IoT Device from Guest Network
« on: March 29, 2021, 10:03:53 AM »
I've created a Guest Network in my house for... well, if I ever have guests again.

Actually I've had it for years, and other than the fact they can't use my printer, they've never complained. (*censored*, I'm usually so happy they're leaving I'm glad to print their boarding passes for them).

I recently installed a Yamaha amplifier on my stereo that has Sirius and other online radio options.

Is it possible to allow that ONE device to be seen on both my home networks and my guest networks? And if "yes" would that be a device setting or something I could set via a Windows machine on either network?

I'm fine leaving an ipad handy as a "remote", but that seems excessive.

Thanks, I'll take your answer off the air.
Dan: You're gonna need to get someone to fix my computer.                     Kim: What's wrong with it?                     Dan: It's in several pieces on my floor.

DaveLembke



    Sage
  • Inventor of the Magna-Broom 3000 =)
  • Thanked: 654
  • Certifications: List
  • Computer: Specs
  • Experience: Expert
  • OS: Windows 10
Re: Allowing Access to IoT Device from Guest Network
« Reply #1 on: March 30, 2021, 07:09:29 PM »
If the Yamaha Amplifier has Bluetooth, I'd just have that out there for devices to connect to for it. Other option is when using your Yamaha Amplifier have it on the Guest network and have 2 network adapters in your computer that has access to both networks but cant be used as a bridge between the 2 networks. Have the 2nd NIC setup with IP Address and Subnet but no gateway and have the gateway IP on the 1st network adapter so web surfing and all that goes over private network.

rjbinney

    Topic Starter


    Adviser
  • Disarmingly Good-looking
  • Experience: Familiar
  • OS: Windows 10
Re: Allowing Access to IoT Device from Guest Network
« Reply #2 on: April 01, 2021, 01:28:47 PM »
Thanks, Dave. It DOES have BT, but it's as a sound input only, not as a way to control the unit.

Your bit about the 2 NIC-bridge is just a fancy way of saying, "No", isn't it? It sounds like you're describing how one PC can see things on both networks? My goal was to be able to have the device - the amplifier - accessible by everyone on the Home network (which it is) and everyone on the Guest network (which it isn't). The Guest network does have Internet privileges, but not access to the router settings or printers.

Thanks for the reply!
Dan: You're gonna need to get someone to fix my computer.                     Kim: What's wrong with it?                     Dan: It's in several pieces on my floor.

DaveLembke



    Sage
  • Inventor of the Magna-Broom 3000 =)
  • Thanked: 654
  • Certifications: List
  • Computer: Specs
  • Experience: Expert
  • OS: Windows 10
Re: Allowing Access to IoT Device from Guest Network
« Reply #3 on: April 01, 2021, 07:04:58 PM »
Quote
Your bit about the 2 NIC-bridge is just a fancy way of saying, "No", isn't it?

Well ... if you had one computer that needed access to it and the Amplifier was sitting on the Guest network side it would work for that computer and any other computers with dual NICs connected that way, and anyone connecting to it on Guest network would have access to it. But being on the main network scope and tunneling to that amplifier on the guest network, unless some sort of port forwarding tricks are around to tunnel to it from outside the guest network, it wont be accessible.

If the Guest Network Router has DMZ support you could place the Amplifier with a Static IP Address on the DMZ, where the DMZ is your Main Network( This is not setting the Amplifier up on the DMZ of your Main Router or that opens up security vulnerabilities as well as gives access to amplifier to all who find it on the web.) However to access the Amplifier on the DMZ of the Guest Router you would likely have to change the gateway IP address of the Main Network or those devices that will access the amplifier to the IP Address that the Main Router has given to the Guest Network Router so if the Guest Network Router is given a static IP of 192.168.1.2 and the main network router is on 192.168.1.1 and the Amplifier is on the Guest network at 192.168.2.15 then from the 192.168.1.x network devices there would have access to it at 192.168.2.15 as the request to the gateway would be a request to the Guest Network router which will direct the traffic flow to the Amplifier on the DMZ.

I haven't tried what I stated above before but in theory I believe it would work, however those devices with the gateway pointing to resolve through the Guest Router ( I feel wont have internet access until their Gateway IP addresses are set back to what they were on the main routers network.)

So to make the connectivity work between Main and Guest networks for the Amplifier, its my assumption that you would lose your outbound to the internet for devices connected this way until their gateway IP's are changed back to the outbound to go to the WWW vs further up stream within the home networks.

If this all seems like a lot of work to try then... No would be the answer I guess. I've never set up a device this way to make that work, and in theory it should work through DMZ but no guarantee. But it is secure if only Guest Network DMZ setup as the DMZ is local to main network.

rjbinney

    Topic Starter


    Adviser
  • Disarmingly Good-looking
  • Experience: Familiar
  • OS: Windows 10
Re: Allowing Access to IoT Device from Guest Network
« Reply #4 on: April 02, 2021, 12:26:04 PM »
Thanks.

I'm always game to try a theory - provided I have a good backout/contingency plan.

Essentially, I'd be doing this so people visiting my house can change the radio station with their phone when I'm not around. So that's such a small real issue - if there was a tick box somewhere to allow it, cool. But...!

rjb
Dan: You're gonna need to get someone to fix my computer.                     Kim: What's wrong with it?                     Dan: It's in several pieces on my floor.