Network Segregation Project
Posted on 2004-11-01
I have one subnet (192.168.2.0/24) with everyone on it. I want to make two subnets. 192.168.2.0/24 will still exist and I want to add 192.168.3.0/24. There is a network printer with current IP address 192.168.2.134 that I want accessible from both subnets but the printer should be the only IP on the 192.168.2.0/24 subnet accessible from the 192.168.3.0/24 subnet. Currently all LAN drops terminate into a 50 port layer 2 switch that terminates into a Linksys VPN router (IP 192.168.3.1) that has the WAN connection.
My plan was to take the 192.168.3.0/24 and put those connections on a seperate switch and keep the 192.168.2.0/24 network on the current 50 port switch. I move the WAN connection from the Linksys to the new router and I connect both switches to the router. I setup ACLs on the router that will allow 192.168.3.0/24 to talk to the 192.168.2.134 printer and filter everything else.
I'm looking for some advice. With cost being a big factor here, would you approach this project differently?
What type of router would you recommend if one is purchased?