Small Office Networking

Posted on 2006-05-14
Last Modified: 2008-01-09

This is a continuation of the question titled 'small office networking architecture' at

I am trying to design an architecture for my new office. My objectives are:
- supporting employees totalling not more than 24 at the moment.
- segregating each department to have control over who can reach who
- having an WiFi access point to the meeting room for public access via laptop. This probably mean another VLAN which will not see the other departments at all.
- having a WiFi wireless network with encryption and password authentication.

My current proposal is:

broadband connection
     layer2 managed switch
     |               |              |
  n dept       n dept      WiFi Access pt/router

1) I would be using a layer2 managed switch such as Linksys SRW224G4 and D-link 3526 where VLAN is implemented by port grouping. When this is done,
          a) will the VLANs be able to see one another implementing these layer2 VLANs?
          b) ACLs are avail but only seems applicable for specific addresses within each VLAN, not a ACL between VLANs.  
              Anyway to implement ACL VLANs via these L2 managed switches?

2) For the WiFi, i stated either AP/router. Logically speaking AP is used but i would like to know if i can use those broadband routers as the access point instead such as Linksys WRT54G? If yes then wad is the point of using access points when these routers have more features yet cheaper?

Question by:pajiao
    LVL 95

    Accepted Solution

    I would say you are overthinking this.  A network of 24 people is NOT going to be stressful on bandwidth.  And managing it using VLANs doesn't make much sense.  EXCEPT for a VLAN for wireless, I wouldn't bother with anything else.  What you WANT to do is use appropriate security groups on your server.
    LVL 3

    Assisted Solution

    I go with leew: most companies don't even think about vlanning with 150 users.

    I am not sure about the wireless concept, as in I don't see it being used much in your setup.  Users want all or nothing, and if you deliver only basic internet access but your users still need to go through the burden of using passwords, I foresee nobody will bother with it.  If you have alot of visitors which you want to offer internet access, you are better off with a decent hotspot-like access point.  Wireless routers have no interesting functions that AP's don't have in your setup.

    It seems very obvious both VLAN's will be able to connect to each other.  Which other use would you have otherwise of VLANs and such a switch?  Wheither you can use ACL's on the layer 2 VLAN's is not clear to me, but that's because mostly such systems are set-up on layer 3 with policies.

    Author Comment

    Hi guys sorry for my stupidity the questions arent answered directly
    LVL 3

    Expert Comment

    1 a) probably, what else is the use?
    b) Usually done in l3
    2) routers are routers, AP's are ap's.  Adding a wireless router will mean you need to do routing configuration to get the thing going.  An AP is mostly plug and play; disable the internal dhcp server and you're done because an AP is in effect just a switch.
    LVL 11

    Assisted Solution

    Generally, routing between VLANs (and the ACLs that apply) are done at the router, not within the VLANs on the switch.

    You're going to need a router that supports multiple internal subnets, preferably over an 802.1q trunk.  (Note that the typical SOHO "4 LAN ports" routers have them all on a single VLA/subnet....)  And if the router and the switch don't do trunking, you'll need a router uplink port for each VLAN, so a 24-port switch isn't going to be enough for 24 users....


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now