Using 192.168.1.1 and 192.168.2.1 on same internet device

Hi,

I have an internet device (cable modem) an would like to connect it to two différent IP structure such as 192.168.1.x and to 192.168.2.x so that users from one structure do not see the resources from the second structure.

Can I use two rooters with différent internel IP structures connected to a switch and Modem to do that?

yvalleeAsked:
Who is Participating?
 
nltechCommented:
>>> Can I use two rooters with différent internel IP structures connected to a switch and Modem to do that?

cable modem -> two routers or devices

only possible if your access plan provides supports multiple devices. i.e. you can connect multiple computers to the modem without using a router (using a switch or hub instead), each is assigned it's own ip address, and they can access the internet at the same time. most residential cable service is limited to a single, dynamic ip address, which limits you to connecting a single device to the modem. where i am, it costs 3-5x more to get a business-grade cable internet plan that supports 3 dynamic ip's (up to three devices connected to the modem via a switch or hub), and even more still if i want those 3 ip's to be static ones.


low-cost solution to isolate each 'network' from one another and provide internet access to both:

cable modem -> (wan) 'distribution' router (lan) ->

   -> (wan) network1 router (lan) -> net1 clients
   -> (wan) network2 router (lan) -> net2 clients

get a router to act as a 'distribution' point for the internet. each network's own router will be clients of that 'distribution' router.

cheaper than a higher-end router that supports multiple lan networks or zones. the one main drawback to chaining routers is with port forwarding, which would need to be configured on the two routers involved instead of just one.....

i've setup a config like this before. each 'network' wanted control over port forwards, so on the 'distribution' router, i fowarded a small range of (high-numbered, unused) ports to network1's router, and a different range to network2's router. if someone on network1 wanted to use bittorrent, for example, they'd configure the bittorrent client software to use a port in their assigned range and then configure their own 'network' router to foward that port to the target pc. as long as they use a port within the range that was already set up to foward through the distribution router to them, no changes to the common router was needed, only on their own 'network' router.
0
 
jabiiiCommented:
you need a router or firewall that will basically have 3 parts, outside, 1.x and 2.x and you can setup rules to allow traffic to wherever you want.
0
 
yvalleeAuthor Commented:
Any sugestion on the Rooter or Firewall make and model?  I guess a Linksys WRV54G is not what I need?

0
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

 
jabiiiCommented:
I don't have a Linksys to play with but from the data sheet. ftp://ftp.linksys.com/datasheet/wrv54g_ds.pdf it only has 2 zones, internal and external. You need something with atleast 3 zones

You might want to look at the Juniper Netscreen 5GT. It's a little more pricy than the Linksys but well worth it. It comes custome with trusted/untrusted/Dmz zones. and you can create your own zones as you require.
You will be using the confiugration with what it calls home/work/untrust which already breaks the network into 3 for you.

http://www.juniper.net/products/integrated/ns_5series.html

Hope this helps.

Jim
0
 
yvalleeAuthor Commented:
Sounds good nltech,

So, recap...  

Cable modem -> (wan) Internet dist Rooter (lan) -> (wan) Rooter1 (lan) -> Net1 clients or switch
                                                                       -> (wan) Rooter2 (lan) -> Net2 client2 or switch
                                                                       -> (wan) Wireless rooter (lan) -> Wireless Clients

Right?

I have 3 IP from ISP so, Let's say ISP IP given are 66.100.101.102-103-104. How do I setup Dist Rooter and other 3 rooter's so that 66.100.101.102 goes to Net1, x.x.x103 goes to net2 and x.x.x.104 goes to Net3.

I want to use OWA on NET1 and it uses port80, then I have a WEB server on Net2. At this time, I have a class C network. Maybe I need to switch to class B?  Net1, Net2 and Net3 should not see each others resources for security reasons.







0
 
yvalleeAuthor Commented:
Maybe I have to simply use a different subnet?

Ex: Net1 clients  192.168.1.5 subnet 255.255.120.0
Ex: Net2 clients  192.168.1.6 subnet 255.255.121.0

Than NET2 could not see Net1's devices? but would it have acces to internet?

0
 
nltechCommented:
if you can have three ip's from your ISP you can hook up to three routers via a switch directly to the cable modem. simplifies things quite a bit. each router's clients will be isolated from the others. each router will have it's own public ip.
0
 
jabiiiCommented:
Why buy all those routers?
                                                                                         internal
1 Netscreen box. Hooked directly to the ISP on 1.1.1.1 <> 192.168.1.1
                                                                              <> 192.168.2.1

then you just make simple gui changes to allow or disallow traffic to/or from anyone. including between the two 192's.
you can allow net1 to access the internet, and net2 to ONLY access net1's OWA server.

visual
http://kb.juniper.net/CUSTOMERSERVICE/index?page=kbdetail&record_id=0244022611e8310108012c3c19018c9
0
 
yvalleeAuthor Commented:
I'm shure a Netscreen could do the job jabliii but I allready have all the switchs and rooters available.

So recap,

Modem ->Switch -> (Wan) Rooter1 192.168.1.1 (LAN) ->clients 192.168.1.x
                         -> (Wan) Rooter2 192.168.2.1 (LAN) -> clients 192.168.2.x
                         -> (Wan) Rooter3 192.168.3.1 (LAN) -> clients 192.168.3.x


Right?  I'll try that this weekend and let you know.

0
 
jeff_trentCommented:
>>  Maybe I have to simply use a different subnet?

>>  Ex: Net1 clients  192.168.1.5 subnet 255.255.120.0
>>  Ex: Net2 clients  192.168.1.6 subnet 255.255.121.0

>>  Than NET2 could not see Net1's devices? but would it have acces to internet?


These subnet masks will NOT work for you.  Use 255.255.255.0 for each one.  That way each network is totally separate.
0
 
GeisrudSystems AdministratorCommented:
Thank you, jeff_trent, for catching that piece about those subnet masks.  You beat me to it.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.