Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: Odd Network Layout

Odd Network Layout 11 years 7 months ago #6979

  • MTHOME
  • MTHOME's Avatar
  • Offline
  • New Member
  • Posts: 17
  • Karma: 0
I am needing some help with a network layout I am doing.

Below is what I have and what I am trying to do.

I have 2 routers and 1 access point.

*****************************************************
******************/---Computers & Servers
Internet---Router1---<
******************\---Router2---Access Point---Wireless Comps.
*****************************************************

That is my layout, now what I am wanting todo is prevent the Wireless Computers from being able to access the Computers & Servers.

My idea of an ip scheme is below but I cannot seem to get it to work.

Router1 = Inernet IP (WAN)
192.168.1.1 (LAN)

Router2= 192.168.2.1 (WAN)
192.168.1.1 (LAN)

Access Point= 192.168.1.2

I can not seem to get this setup to work. I have setup a static route on Router1 as follows

Destination IP = 192.168.2.0
Subnet = 255.255.255.0
Gateway = 192.168.1.1
Hop = 1
Interface = LAN

That is what I have so any help would be much appreciated.
The administrator has disabled public write access.

Network 11 years 7 months ago #6985

  • TheBishop
  • TheBishop's Avatar
  • Offline
  • Moderator
  • Posts: 1719
  • Thank you received: 8
  • Karma: 5
Firstly you seem to have the same IP address on two devices:

Router1 = Inernet IP (WAN)
192.168.1.1 (LAN)
Router2= 192.168.2.1 (WAN)
192.168.1.1 (LAN)

Each interface of each device needs to have its own unique IP address. Then each device that is in the same IP address network range (as defined by the subnet mask) can talk to eachother

Does Router 1 have just one LAN interface, with everything connected into a hub or switch you haven't shown on the diagram, or does it have several?
The administrator has disabled public write access.

Re: Odd Network Layout 11 years 7 months ago #6996

  • MTHOME
  • MTHOME's Avatar
  • Offline
  • New Member
  • Posts: 17
  • Karma: 0
Here are more detail in regards to TheBishops post.

First off let me list the devices that I am using.

2 - Linksys BEFSX41
1 - Linksys WAP54G

My internet connection is CABLE.
Firstly you seem to have the same IP address on two devices:

Router1 = Inernet IP (WAN)
192.168.1.1 (LAN)
Router2= 192.168.2.1 (WAN)
192.168.1.1 (LAN)

That is what I was wanting to do but that can be changed.
Each interface of each device needs to have its own unique IP address. Then each device that is in the same IP address network range (as defined by the subnet mask) can talk to each other.

I think I understand what you are saying here but I'm not sure if it is in line with what I am wanting. I have been able to setup the network as follows and have it working.

Router1 = Cable IP (WAN)
192.168.1.1 (LAN Gateway)
Router2 = 192.168.1.2 (WAN)
192.168.2.1 (LAN Gateway)

Using the above setup works but does not get what I want as you can access anything on the 192.168.1.* network from the 192.168.2.* network. I am wanting to keep the 192.168.2.* network from being able to talk to the 192.168.1.* network.
Does Router 1 have just one LAN interface, with everything connected into a hub or switch you haven't shown on the diagram, or does it have several?

Router1 and Router2 has one WAN interface and 4 LAN interfaces which is actually a 4 port switch. You can refer to the linksys.com website on the device secifics if needed.
The administrator has disabled public write access.

Network 11 years 7 months ago #7014

  • TheBishop
  • TheBishop's Avatar
  • Offline
  • Moderator
  • Posts: 1719
  • Thank you received: 8
  • Karma: 5
I think you can use subnetting to do this. Keep the LAN IP addrerss of your Internet-facing router as 192.168.1.1 with a subnet mask of 255.255.0.0 for example. This will give you a wide range of available hosts for your 'computers and servers' leg of the network. If you then restrict the subnet mask on the LAN side of router 2 you can reduce the number of valid hosts there. For example, with the subnet mask of 255.255.255.0 you would only have 192.168.1.1 to 192.168.1.253 valid there. So if you gave your computers and servers on the other leg IP addresses in the range 192.168.10.x then the devices on the LAN side of router 2 would not be able to see them directly. They would hovever be still able to see the Internet as the address of your router 1, 192.168.1.1, is in the valid range
The administrator has disabled public write access.

cool 11 years 7 months ago #7020

  • Lindows
  • Lindows's Avatar
  • Offline
  • Senior Member
  • Posts: 246
  • Karma: 0
Hey Guys,

Yall Guys really offered some sound advice in this post. i was also facing the same problem. I have difficulty making the devices communicate with each other.

Great job,

:D
The administrator has disabled public write access.

Re: Network 11 years 7 months ago #7025

  • MTHOME
  • MTHOME's Avatar
  • Offline
  • New Member
  • Posts: 17
  • Karma: 0
I think you can use subnetting to do this. Keep the LAN IP addrerss of your Internet-facing router as 192.168.1.1 with a subnet mask of 255.255.0.0 for example. This will give you a wide range of available hosts for your 'computers and servers' leg of the network. If you then restrict the subnet mask on the LAN side of router 2 you can reduce the number of valid hosts there. For example, with the subnet mask of 255.255.255.0 you would only have 192.168.1.1 to 192.168.1.253 valid there. So if you gave your computers and servers on the other leg IP addresses in the range 192.168.10.x then the devices on the LAN side of router 2 would not be able to see them directly. They would hovever be still able to see the Internet as the address of your router 1, 192.168.1.1, is in the valid range

Unfortunately this does not fix the problem if I understand right. From what I understand you are saying to put Router2 WAN in the same subnet as the Router1 LAN. If this is true then yes I will have internet access for users on Router2 but they will also still be able to access anything on that subnet. If you refer to my second post you can see that I want to set the Router2 WAN to a different IP scheme/ different subnet. If I am miss understanding your post I apologies. I appreciate your help and I will continue to experiment. I will try to post a diagram of this to explain a lot more in detail.
The administrator has disabled public write access.
  • Page:
  • 1
  • 2
Time to create page: 0.087 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup