Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Connecting 2 Subnets

Posted on 2004-08-12
5
Medium Priority
?
355 Views
Last Modified: 2010-04-11
I have a T1 and a router. Right now, this router routes all traffic from my current LAN (192.168.70.x) to the Internet.

The problem is I have remote user who need to access a server on my network. For security reasons, I do not want them to access anything else on my network so I was thinking about putting this server on a DMZ. The problem is, this router does not have a DMZ port. So, I was thinking of changing the LAN subnet that this router recognizes to something like 192.169.100.X and then setting up 2 routers for 2 separate subnets which would be 192.168.70.X and 71.X. I would then set the WAN interface on these routers to use the main router for Internet access. This would give me 2 separate subnets each of which could use the same Internet. The problem is that I would then need the PCs of 71.X to access this server on 70.X. How could I do this?
0
Comment
Question by:ainselyb
5 Comments
 
LVL 5

Expert Comment

by:dgroscost
ID: 11790043
Do you have two Ethernet modules on your current router?

You can set up an access-list that would only allow certain or all machines on the 71.X network to only access Server X on the 70.X network.
0
 
LVL 11

Accepted Solution

by:
PennGwyn earned 1500 total points
ID: 11790067
You can do it with only ONE more router (and a small hub or switch, which might already be built into your existing router).  Use the 192.168.71.x subnet to connect the LAN interface of your border router, the WAN interface of your ineternal router, and this server.  You want the inner router to perform NAT or other security (access lists would be ideal, but you haven't indicated a budget) such that internal users can get responses from the server, but the server cannot establish connections into the internal network.

0
 

Expert Comment

by:spyderbilt
ID: 11790607
Hi. Here's an Idea

if I get it right, you have three routers :

A. Internet Router, LAN Interface IP is 100.X
B. Server Router, LAN Interface IP is 70.X, WAN interface IP is 100.B
C. Users Router, LAN Interface IP is 71.X, WAN interface IP is 100.C

could you set a static route on your Internet Router (A) that all traffic going to 70.X subnet should find the next hop via 100.B ?
0
 
LVL 9

Expert Comment

by:cooledit
ID: 11790792
what kinda of router is it ?
that you have (Cisco) or can it do subinterface ?
0
 

Expert Comment

by:spyderbilt
ID: 11794730
hi again,

sorry for my post above, I think the route sould be defined on the users router (C).

alternatively, you mentioned that the internet router doesn't support DMZ, i think you could get a router with DMZ for the server router put the server on a DMZ. so the 71.X users will access the server as 100.B ?

0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question