Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

2 Networks on differnet subnet masks sharing internet connection

Posted on 2006-07-18
8
Medium Priority
?
324 Views
Last Modified: 2010-03-19
At my job, we have our main network which consists of around 50 pcs & devices connected through switches to our dns server at 10.0.0.1/255.0.0.0 which connects to our router/gateway 10.0.0.60/255.0.0.0  & lets everyout out to the internet. The router is a Linksys BEFSX41.

Recently some people came & installed 3 pcs for truck tracking & set them up on their own mini network & gave those pcs the ips of 10.0.0.2/255.255.255.0 - 10.0.0.4/255.255.255.0 I was not a part of the process of setting their stuff up & then yesterday those people came to me & said they need to be able to remote into those pcs from our internet. Their pcs are all statically signed ip addresses & not behind another router, just a small switch, but they left me a router I can use if necessary. Their router is also the same.

The problem I'm having, is I'm not sure what needs to be changed in order to keep their mini network separate from our regular network, but also allow them to connect to the internet. I realize I could register them to our DNS & put them on the network, but the people using those tracking pcs are not people I can trust & the likely-hood of them snooping is high risk. Can the 2 routers have a vpn maybe & just bypass our regular network maybe?

I have tried running a cable from our network switch to theirs & changing their gateway to 10.0.0.60, but this didn't work & I figured it wouldn't with different subnet masks. I tried changing their ips to 10.0.1.2/255.0.0.0 - 10.0.1.4/255.0.0.0 & setting the gateway to 10.0.0.60, but this also did not work, I could not access the internet. At that point though I could ping pcs on the main network.
0
Comment
Question by:kfelon
  • 5
  • 3
8 Comments
 
LVL 3

Expert Comment

by:omrisiri
ID: 17133298
If you have two routers i would guess their router is not configured to route all traffic through 10.0.0.60 if you are able to ping pc's from thier network to your network it's basically setting a gateway through the router. i am not that familiar with the linksys routers.

I would check the following:
ping 10.0.0.60 from the 10.0.1.X network
If it pings set the gateway to 10.0.0.60
Try pinging something outside the network
If that works it's only a DNS issue.

Regarding the seperation you will need to elaborate a little more.
What kind of separation would you like?


0
 

Author Comment

by:kfelon
ID: 17133434
I just don't want their pcs being able to get to any shared files on our domain.
0
 

Author Comment

by:kfelon
ID: 17133476
I will try to do what you mentioned this evening to at least get them going temporarily. It sounds like what I already tried though.
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 3

Accepted Solution

by:
omrisiri earned 750 total points
ID: 17133563
Well they shouldn't have access to the domain files if they are not set up to connect to the domain controller and that none of the computers share files without authentication.
Access to files should be controlled by the domain authentication which should grant access based on permissions on the domain
That is if you have a domain set up and not a workgroup, in that case the permissions would be set on per PC level.

All this of course if the Guest network has the ability to connect to the Host network.
The other option  would be to create a firewall between the networks which will allow access only to the gateway from what i know the linksys should some firewall capabilities
0
 

Author Comment

by:kfelon
ID: 17133707
Our main network has a domain controller, but I was just double checking.

As for remoting in via Windows RDP, I plan to change the RDP port on the 3 separate pcs. Would it be possible to forward the port from the main router to the second router & then to each pc if their port #'s are different? I know how to do it from 1 router to the proper pc, but I want to be sure to can forward the port through another router.

say we use port 6009 for one of the pc's rdp
router directly behind the wan would forward 6009 to 2nd router @ 10.0.1.1
router 2 would forward port 6009 to the client 10.0.1.*
0
 
LVL 3

Expert Comment

by:omrisiri
ID: 17133849
I think you answered your own question :)
Just configure portforwarding  on the router to the following router and to the PC
that way anyone trying to access the WAN IP on port 6009 will be forwarded to the PC you configured.
0
 

Author Comment

by:kfelon
ID: 17140552
I never got it working properly, so I ended up making the 3 machines just join one of our domains. Since the users login locally they can't access shares on the domain, just internet. This works, I had originally wanted to avoid this router but ohh well time has run out & this was needed to get done immediately.
0
 

Author Comment

by:kfelon
ID: 17140568
I meant wanted to avoid this route
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question