Responses embedded below...
On Wed, 24 Aug 2016 12:56:23 -0700 (PDT), Thri Cipio
<
thri...@gmail.com> wrote:
>On Wednesday, August 24, 2016 at 7:35:54 AM UTC-4, Pat wrote:
>
>Pat—
>
>Thanks for your quick reply and the further clarification and suggestions it provides.
>
>I do have some further, related comments and questions as follows . . .
>
>««« #1 »»»
>> If I understand
>> correctly, The ISP-supplied router/AP has only one RJ45 connector -
>> and that is the one used to connect to the cable modem. So, it can
>> only "route" to wifi attached devices.
>–––––––––––––––––––––––––––––––––––––––––––––––––––––––––
>Absolutely correct.
>
>
>««« #2 »»»
>> [You could] add a simple switch between the cable modem and the ISP's
>> router/AP. Then connect your router to a second port on the switch.
>–––––––––––––––––––––––––––––––––––––––––––––––––––––––––
>I thought you indicated in your previous post to me that a switch will not work if the feed to the ISP-supplied router/AP is coming from a cable modem. So, I'm a bit confused.
At first, I thought you had cat5 coming in to your apartment so I
suggested the possibility of a switch. Then I learned you have coax
cable coming in so a switch would not work. Then I learned your cable
modem had one cat5 output that feeds a separate AP/router. So, a
switch is, once again, possible.
>
>
>««« #3 »»»
>> The problem with this approach is [that their] cable modem may …
>> be programmed to allow only one connected device on its low side
>> - their supplied router/AP.
>–––––––––––––––––––––––––––––––––––––––––––––––––––––––––
>Perhaps this is the clarification to my confusion mentioned directly above. In any case, it may be worth recalling that we already know the modem will accept a router other than "their supplied router/AP" because my initial approach was to simply substitute my own (non-AP) router for their router/AP unit; i.e., I had unplugged their router/AP and plugged in my own (non-AP) router in its place.
Good point. You are correct. However, they may not permit two device
connected to the cable modem simultaniously.
>
>
>««« #4 »»»
>> [Or you could] Leave the ISP provided equipment exactly as it was but buy a
>> bridge device to connect to the ISP's AP wirelessly and provide a
>> single RJ45 to connect your router. …
>> --------------
>> modem ‹—› router/AP ‹—› WiFi·Bridge ‹—› Your·Router ‹—› your devices*
>> --------------
>> * your devices connect only to your router and can be wired or wifi
>–––––––––––––––––––––––––––––––––––––––––––––––––––––––––
>So, in this scenario, the wireless bridge would have an integrated female RJ45 socket, into which I would plug my own (non-AP) router... right?
Yes.
> And from their, my own devices would connect to my router via cat5 or wifi... right?
Yes.
>---------------
>So a couple (or few) related questions . . .
>(a) Would the ISP-supplied router/AP be able to "see" my downstream devices; i.e., my bridge and/or my router? An would these be noticeable to the ISP administrators even without them going out of their way to look for anything unusual?
I don't think they would see your devices without going out of their
way to look. Your bridge and router would just look like any other
device connected to their wifi.
>(b) Since my router (and it's connected devices) would be downstream from their router/AP, would they retain their ability to filter out certain types of traffic resulting from software running on one of my connected devices; for example, peer-to-peer file-sharing software?
Your router would retain all of its abilities to protect your private
network. However, I iknow very little about peer-to-peer file sharing
so I can't help you there.
>(c) What are the privacy/security implications of this arrangement? Would the wireless connections between my router and my devices be secure vis-à-vis WPA-type protection?
Yes. Your wireless connections would be secured by wpa if that is how
you set up your router.
>
>
>And LAST BUT NOT LEAST . . .
>---------------
>Why are we no longer considering the originally proposed (and asked about) scenario in which my (non-AP) router would cat5-connect to the ISP-supplied modem and then the ISP-supplied router/AP would cat5-connect to my router as follows:
>······················
>ISP-supplied modem ‹—› my (non-AP) router ‹—› ISP-supplied router/AP
Because doing so puts anyone outside your apartment (using the ISP
supplied AP) in to your private network. That causes lot of security
problems. The network below your router is supposed to be your
private network. The only way to use it should be via wifi (which is
wpa protected) or wired (which you can physically see). If you
connect the ISP's AP there, you are opening your private network to
anyone who knows the ISP's password. That outside person could trace
and see all your messages.
>······················
>Is this because their modem "may be programmed to allow only one connected device on its low side?"
No.
> And if the word, "may" is still operative, then maybe (as with a wifi-bridge) it's still worth a try; i.e., maybe the modem is *not* programmed to allow only one downstream device. What say thee?
Don't let unknown people on to your private network!