Hello and hopefully I can get some answers to my question, though I think I'm making it more complicated for myself than it has to be.

My business is a used auto dealership, and I'm in the process of connecting it to the world - via ethernet from the business server [running Xubuntu] to the ISP's ethernet router/modem, so that I can host our own website (no more than 5-10 people probably visiting at any time - mainly paying their bill), as well as set up a web based internal-intranet site - via DD-WRT Router on the 2nd NIC on the business server - that'll be accessed over Wifi from employees personal devices. On the other end of this is trying to offer free wifi to customers that is completely seperate of the 2 mentioned above networks.

Quick Rundown: 1. Web Site for Customers to access. I'm going to use no-ip.org for DNS for the moment being, so I'll have a site that customers can access from anywhere in the world at "mybiz.no-ip.org". This will be forwarded to NIC #1 on the server, possibly at an address like "108.69.." as its being provided an IP from the ISP's modem/router, that is from Time Warner, and they allow NO! configuration options.

1. Web Site for employees to access. I'm trying not to use the server too much as a desktop, only for critical situations, so having a backend thats seperate from the front-facing website is critical. This will be the DD-WRT router hardwired into NIC #2 on the server. This WiFi will be password accessible.

2. Public WiFi for customers. The DD-WRT can seperate networks if I'm correct, I just can't seem to understand how to seperate the 2 and still have internet access on both. I've done it before, but the "Public" wifi (with no password set to connect) kept dropping the connection like a problem was happening that I couldn't figure out.

So if I could do a little drawing, this is how it would/should possibly look.

ISP --> [Sends Public Facing IP of 108.69.*.1/8] --> ISP Modem Router

ISP Modem Router (Ethernet Only) --> [Gives Private IP 108.69.*.2] --> Server NIC #1

Server NIC #1 --> [Gives Private IP 108.69.*.3] --> DD-WRT Router

DD-WRT Router --> [DHCP Enabled Giving IP's 172.16.0.0/16] --> Employees Network | | ---------> [DHCP Enabled Giving IP's 192.168.1.0/24] --> Public WIFI

Hope it's not too confusing, but it anyone could give me some good direct tutorials on how to accomplish this, or if YOU know, then it'll be alot of help. Thanks to all in advance. Need anything else to be explained? Don't hesitate to ask!

*Using The LAMP stack with Webmin/VirtualMin -Customer site is located in /var/www2/ -Private Employees site is located in /var/www/

Using no-ip.org's dynamic client updater