Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Industrial Net and Intranet isolation and access

Industrial Net and Intranet isolation and access 6 years 8 months ago #33986

I have two networks in my plant. One is an Industrial network with PLC's and HMI's and the other is the Intranet that has the server and office computers. I have wireless access to the Intranet on my laptops and use Laptops to work on the Industrial equipment. Would a managed switch allow me to connect the two networks without flooding the Intranet with the broadcast data from my Industrial network but allow me to access the Industrial network wirelessly using the laptops through the Intranet? If not then what would be the best was to do it?

Thanks,
The administrator has disabled public write access.

Re: Industrial Net and Intranet isolation and access 6 years 8 months ago #33987

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Posts: 1577
  • Thank you received: 7
  • Karma: 3
A high performance switch should do fine. If you are sure that the industrial network produces allot of broadcast traffic (i.e. headed to MAC address: FF:FF:FF:FF:FF:FF), Then you could use a switch that supports VLANs and define two VLANs on it, one for each network. Then use a router to route between the two VLANs
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
The administrator has disabled public write access.

Re: Industrial Net and Intranet isolation and access 6 years 8 months ago #34016

Thanks for the info.
So I understand that the managed switch separates the two VLAN but how does the router or laptop get configured to allow access from one VLAN to the other without affecting its access to the primary Intranet? I thought that the managed switch would be configured to recognize the laptops on the Intranet VLAN and allow access for them through it to the Industrial VLAN. How does the router play into it?
The administrator has disabled public write access.

Re: Industrial Net and Intranet isolation and access 6 years 8 months ago #34019

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Posts: 1577
  • Thank you received: 7
  • Karma: 3
A router always separates two or more networks or subnets (i.e VLANs). A normal switch works only at layer 2 (i.e MAC addresses) while a router works on layer 3 (IP addresses). Have a look at the following:

www.firewall.cx/ip_routing.php

Don't hesitate to ask if you have further questions.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
The administrator has disabled public write access.

Re: Industrial Net and Intranet isolation and access 6 years 8 months ago #34028

Okay, so what I really need is a Router. The router then "Learns" the two networks and directs the traffic between the machines on the two networks while still keeping them separate.


For some reason the post dates are wrong. Today is Tuesday the 23rd
The administrator has disabled public write access.

Re: Industrial Net and Intranet isolation and access 6 years 8 months ago #34033

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Posts: 1577
  • Thank you received: 7
  • Karma: 3
For some reason the post dates are wrong. Today is Tuesday the 23rd

I see your last post on "Tue Mar 23". Try to set the time zone correctly in your account's profile.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
The administrator has disabled public write access.
Time to create page: 0.080 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup