Looking to split an internet connection with static IP's into two distinct networks
I have Comcast business internet with 13 static IP addresses. I am looking for the easiest and most efficient way to split the network into two separate networks that cannot communicate with each other. I'm willing to buy whatever router/firewall is necessary with preference given to ease of setup. I will also give preference to a setup that does not lose too many static IP's to subnetting. Ideally, network #1 would have 9 IP's and network #2 would have 4 IP's though I understand that this may not be possible. If a consumer level router/device is available to do what I'm trying to do that would be great though I will buy whatever I have to within reason.
The network is 162.xxx.xxx.33-45
Gateway: 162.xxx.xxx.46
Subnet mask: 255.255.255.240
Internally I'm currently using the 192.168.1.x network.
Currently, I am using the last four static IP addresses for what will become network #2. I'm using 1-to-1 NAT to forward 162.xxx.xxx.42 to 192.168.1.42, etc. This portion of the network is being used so under ideal circumstances it will not change.
Comcast provides a SMCD3G-CCR which is a combination gateway and router. It is my understanding that this device cannot be replaced so anything that is done will need to be done behind it. The router portion of the device is very limited.
Here are screenshots for the SMCD3G-CCR:
http://screenshots.portforward.com/routers/SMC/SMCD3G-CCR/
Thanks for your help.
The network is 162.xxx.xxx.33-45
Gateway: 162.xxx.xxx.46
Subnet mask: 255.255.255.240
Internally I'm currently using the 192.168.1.x network.
Currently, I am using the last four static IP addresses for what will become network #2. I'm using 1-to-1 NAT to forward 162.xxx.xxx.42 to 192.168.1.42, etc. This portion of the network is being used so under ideal circumstances it will not change.
Comcast provides a SMCD3G-CCR which is a combination gateway and router. It is my understanding that this device cannot be replaced so anything that is done will need to be done behind it. The router portion of the device is very limited.
Here are screenshots for the SMCD3G-CCR:
http://screenshots.portforward.com/routers/SMC/SMCD3G-CCR/
Thanks for your help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Craig Beck
I 'think' a Draytek Vigor would do what you want (something like the 2920 if you don't want to spend a fortune).
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Pergr- Your solution is exactly the kind of explanation I was hoping for. Would it be possible to create this setup on a single device with VLAN capabilities? On the SRX100 or a Cisco ASA5505?
Craaigbeck- The Draytek Vigor is very intriguing. However, not having any experience or even understanding of it's configuration would make it a difficult choice. I appreciate you putting "think" in quotes. If anyone else wants to elaborate on the configuration with the Draytek Vigor or other similar device, I'm all ears.
Craaigbeck- The Draytek Vigor is very intriguing. However, not having any experience or even understanding of it's configuration would make it a difficult choice. I appreciate you putting "think" in quotes. If anyone else wants to elaborate on the configuration with the Draytek Vigor or other similar device, I'm all ears.
Yes, you could use the SRX, and probably the ASA too.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It looks like I can get a Sonicwall TZ 105 for close to $250 vs a Cisco ASA 5505 for $350. Can anyone with experience on both devices tell me which will be easier to configure for the proposed setup. I currently manage an ASA 5505 which is why I keep going back to it. The Sonicwall is about $100 cheaper.
if you know cisco asa, stick with it. The $ you could save is not worth the time of having to learn something new.
ASKER
I will make my router choice and then most likely submit a follow up question once it arrives.