Solved

2 Networks on differnet subnet masks sharing internet connection

Posted on 2006-07-18
8
318 Views
Last Modified: 2010-03-19
At my job, we have our main network which consists of around 50 pcs & devices connected through switches to our dns server at 10.0.0.1/255.0.0.0 which connects to our router/gateway 10.0.0.60/255.0.0.0  & lets everyout out to the internet. The router is a Linksys BEFSX41.

Recently some people came & installed 3 pcs for truck tracking & set them up on their own mini network & gave those pcs the ips of 10.0.0.2/255.255.255.0 - 10.0.0.4/255.255.255.0 I was not a part of the process of setting their stuff up & then yesterday those people came to me & said they need to be able to remote into those pcs from our internet. Their pcs are all statically signed ip addresses & not behind another router, just a small switch, but they left me a router I can use if necessary. Their router is also the same.

The problem I'm having, is I'm not sure what needs to be changed in order to keep their mini network separate from our regular network, but also allow them to connect to the internet. I realize I could register them to our DNS & put them on the network, but the people using those tracking pcs are not people I can trust & the likely-hood of them snooping is high risk. Can the 2 routers have a vpn maybe & just bypass our regular network maybe?

I have tried running a cable from our network switch to theirs & changing their gateway to 10.0.0.60, but this didn't work & I figured it wouldn't with different subnet masks. I tried changing their ips to 10.0.1.2/255.0.0.0 - 10.0.1.4/255.0.0.0 & setting the gateway to 10.0.0.60, but this also did not work, I could not access the internet. At that point though I could ping pcs on the main network.
0
Comment
Question by:kfelon
  • 5
  • 3
8 Comments
 
LVL 3

Expert Comment

by:omrisiri
ID: 17133298
If you have two routers i would guess their router is not configured to route all traffic through 10.0.0.60 if you are able to ping pc's from thier network to your network it's basically setting a gateway through the router. i am not that familiar with the linksys routers.

I would check the following:
ping 10.0.0.60 from the 10.0.1.X network
If it pings set the gateway to 10.0.0.60
Try pinging something outside the network
If that works it's only a DNS issue.

Regarding the seperation you will need to elaborate a little more.
What kind of separation would you like?


0
 

Author Comment

by:kfelon
ID: 17133434
I just don't want their pcs being able to get to any shared files on our domain.
0
 

Author Comment

by:kfelon
ID: 17133476
I will try to do what you mentioned this evening to at least get them going temporarily. It sounds like what I already tried though.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 3

Accepted Solution

by:
omrisiri earned 250 total points
ID: 17133563
Well they shouldn't have access to the domain files if they are not set up to connect to the domain controller and that none of the computers share files without authentication.
Access to files should be controlled by the domain authentication which should grant access based on permissions on the domain
That is if you have a domain set up and not a workgroup, in that case the permissions would be set on per PC level.

All this of course if the Guest network has the ability to connect to the Host network.
The other option  would be to create a firewall between the networks which will allow access only to the gateway from what i know the linksys should some firewall capabilities
0
 

Author Comment

by:kfelon
ID: 17133707
Our main network has a domain controller, but I was just double checking.

As for remoting in via Windows RDP, I plan to change the RDP port on the 3 separate pcs. Would it be possible to forward the port from the main router to the second router & then to each pc if their port #'s are different? I know how to do it from 1 router to the proper pc, but I want to be sure to can forward the port through another router.

say we use port 6009 for one of the pc's rdp
router directly behind the wan would forward 6009 to 2nd router @ 10.0.1.1
router 2 would forward port 6009 to the client 10.0.1.*
0
 
LVL 3

Expert Comment

by:omrisiri
ID: 17133849
I think you answered your own question :)
Just configure portforwarding  on the router to the following router and to the PC
that way anyone trying to access the WAN IP on port 6009 will be forwarded to the PC you configured.
0
 

Author Comment

by:kfelon
ID: 17140552
I never got it working properly, so I ended up making the 3 machines just join one of our domains. Since the users login locally they can't access shares on the domain, just internet. This works, I had originally wanted to avoid this router but ohh well time has run out & this was needed to get done immediately.
0
 

Author Comment

by:kfelon
ID: 17140568
I meant wanted to avoid this route
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
IPv6 NAT to IPv4 28 66
Setting up static routes to  sonicwll 4 74
Home Router DHCP query 9 44
assignment of laptops - risks 6 53
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question