Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Seperating Networks

Seperating Networks 10 years 2 months ago #15561

  • rojaco01
  • rojaco01's Avatar
  • Offline
  • Frequent Member
  • Posts: 33
  • Karma: 0
Hey guys/gals,

I have a hopefully interesting question. The setup is 1 office and 3 networks. Each network is for the same company but they just want to keep them seperate.

The networks are 192.168.1.0/24, ""2.0/24, ""3.0/24. There is the main router which is a Cayman(""1.0) then NG1(netgear)(""2.0) & NG2(""3.0).

All of the networks are supposed to be seperate but since NG1 & NG2 are behind Cayman their external IPs are on the same network(""1.0).
And can therefor all devices behind NG1 & NG2 can communicate with the main network(""1.0) and vice versa. Which is exactly what I dont want.

Does anyone have a good solution for this. I know there is a way but I havent come up with anything yet.

Thanks for your help in advance,
Cody
The administrator has disabled public write access.

Re: Seperating Networks 10 years 2 months ago #15567

  • TheBishop
  • TheBishop's Avatar
  • Offline
  • Moderator
  • Posts: 1719
  • Thank you received: 8
  • Karma: 5
I'm assuming there must be some devices on the 1.0 network that those on the 2.0 and 3.0 networks need to communicate with - perhaps a server or firewall/router leading to the internet - otherwise you could achieve what you want by simply pulling out a couple of plugs. So I'm guessing what you want is for the machines on 2.0 and 3.0 not to be able to see everything on 1.0; correct me if I'm wrong. That being the case, you might be able to do something with VLANs but I don't know if your equipment is VLAN-capable. Failing that how about having a fourth network and place on it just the resources that have to be shared by all (servers internet gateway etc). This could be 4.0. Then your 1.0, 2.0 and 3.0 networks could be set up to have access out to 4.0 but not to eachother. I'm sorry to be a bit vague but I'm making some big assumptions here as to what you are working with
The administrator has disabled public write access.

Re: Seperating Networks 10 years 2 months ago #15571

  • rojaco01
  • rojaco01's Avatar
  • Offline
  • Frequent Member
  • Posts: 33
  • Karma: 0
Sorry for the lack of detail.

You are right that 1.0 is the main network and has thier server/most of the workstations in the office. I would like 2.0/3.0 to only see the 1.0 gateway so they can get on the net. Other than that they should be blocked off completely. I'm pretty unfamiliar with vlans...if there is a good article that you know please give me the link. Ill look for some myself as well. But I dont think it matters in this case because im certian that none of our routers are vlan capable.

Could I accomplish this with subnetting? And just setup static routes. I'm not to experienced with subnetting and I think im going to setup a test network to try it out. I just dont know if this client would want to deal with it even if it did work.

Thanks,
Cody
The administrator has disabled public write access.

Subnets 10 years 2 months ago #15596

  • TheBishop
  • TheBishop's Avatar
  • Offline
  • Moderator
  • Posts: 1719
  • Thank you received: 8
  • Karma: 5
Sounds like you could do it with subnets but it will mean changes to the current setup and it might be tricky to maintain in the future. I think what you need here is to put together a document that explains:
1) Statement of the problem
2) Implications of the problem (impact of leaving it as it is)
3) Possible solution(s)
4) Benefit(s) of solution(s) (better security or whatever)
5) Implications of the solution(s) (cost, time, effort, support effort etc)
Then let the powers that be make a business decision. Their decision might well be to leave it alone; in which case it's an easier life for you. But if they do want to change things at least you'll have a mandate - and Firewall.cx at your disposal...
The administrator has disabled public write access.
Time to create page: 0.077 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup