Setting up multiple subnets and DHCP server using wireless
I have a little problem and trying to figure out the best way to set this up. I am going to try to explain this the best that I can.
Building A - has the T1 line for internet access and contains all the servers. The servers and all the users in this building are connected to a standard 24 port switch. Also connected to the switch is a fiber line that runs outside to a tower. On that tower is an outdoor wireless access point with an omni-directional antenna. The access point is connected to the 24 port switch which is all on the 192.168.0.0 subnet.
Building B,C,D and E all have unidirectional antennas that connect directly to the tower. They each basically have one main switch that the wireless access point that connects to the main tower and the other computers are all plugged in to.
I would like each building to be on a different subnet. For example:
Building A - 192.168.2.0
Building B - 192.168.0.0
Building C - 192.168.1.0
Building D - 192.168.3.0
Building E - 192.168.4.0
I also want the DHCP server to be able to assign all addresses for all networks using reservations.
Is this possible and how would I go about doing this?
Building A - has the T1 line for internet access and contains all the servers. The servers and all the users in this building are connected to a standard 24 port switch. Also connected to the switch is a fiber line that runs outside to a tower. On that tower is an outdoor wireless access point with an omni-directional antenna. The access point is connected to the 24 port switch which is all on the 192.168.0.0 subnet.
Building B,C,D and E all have unidirectional antennas that connect directly to the tower. They each basically have one main switch that the wireless access point that connects to the main tower and the other computers are all plugged in to.
I would like each building to be on a different subnet. For example:
Building A - 192.168.2.0
Building B - 192.168.0.0
Building C - 192.168.1.0
Building D - 192.168.3.0
Building E - 192.168.4.0
I also want the DHCP server to be able to assign all addresses for all networks using reservations.
Is this possible and how would I go about doing this?
I think you have a typo in your question, you said building A was 192.168.0.0, but in your list of buildings you show building B as 192.168.0.0
Assuming it is just a typo yes you can do this and it is very common. As knightrider suggested you could put them all on a single subnet and they would work fine if you are not using routers. If you do want to have them on different subnets you can add a scope to your dhcp server for each subnet and then put DHCP helpers in your routers. Of course this method assumes you have routers that are capable of forwarding broadcast traffic to the correct subnet. The big question then is what kind of routers do you have in each building?
Assuming it is just a typo yes you can do this and it is very common. As knightrider suggested you could put them all on a single subnet and they would work fine if you are not using routers. If you do want to have them on different subnets you can add a scope to your dhcp server for each subnet and then put DHCP helpers in your routers. Of course this method assumes you have routers that are capable of forwarding broadcast traffic to the correct subnet. The big question then is what kind of routers do you have in each building?
ASKER
It is not a typo, building A is currently 192.168.0.0, I want to get away from the .0 subnet and move to something higher due to possible issues with remote clients possibly being on a .0 network and trying to log into the vpn on a .0 network. .0 and .1 are too popular so I need to set up building A (the one with the server that they will be logging into) with .2 or higher.
Having them on separate subnets would be more secure, correct?
Building B doesn't need to access anything on building C, so I think separate subnets would be the most secure way to go. They way I understand it. Here is the plan that is going around in my head, I don't know if it will work or if its been done thousands of times, but here is my idea.
Each building will have all their computers plugged into a main switch, run a cable from the main switch to a router, go from the WAN port of the router to the wireless access point that is on the same network at building A. The gateway on the router will be the IP address of the access point. Then setup the routes in the router to route the traffic where it needs to go. I am basically wanting to setup so that each building has their own local network and building A is the "ISP". Wiill that work? As far as DHCP, I'm still not for sure the exact way that is best to set that up.
As far as routers, what make and model would you suggest that would be good for each building. I need it good, cheap and be able to do the job.
Having them on separate subnets would be more secure, correct?
Building B doesn't need to access anything on building C, so I think separate subnets would be the most secure way to go. They way I understand it. Here is the plan that is going around in my head, I don't know if it will work or if its been done thousands of times, but here is my idea.
Each building will have all their computers plugged into a main switch, run a cable from the main switch to a router, go from the WAN port of the router to the wireless access point that is on the same network at building A. The gateway on the router will be the IP address of the access point. Then setup the routes in the router to route the traffic where it needs to go. I am basically wanting to setup so that each building has their own local network and building A is the "ISP". Wiill that work? As far as DHCP, I'm still not for sure the exact way that is best to set that up.
As far as routers, what make and model would you suggest that would be good for each building. I need it good, cheap and be able to do the job.
Putting them on different subnets will not make it secure. you need to block traffic using access lists
ASKER
Well its not that big of a deal that it be completely tightened down. It's all on the same network now, I just thought it would add an extra layer of protection by not allowing the average user access to something they don't need. My main goal is that we need more IP addresses and so I thought putting everyone on a different subnet would add another layer of protection.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
As I stated, security is not an issue, it was just an added bonus. How exactly would I go about setting this up and what kind of router would I need for each building?
I used the Cisco 1841 which is a small office branch office router. It is a real router running the Cisco IOS and it will do what you want. Be aware of some of the lower end routers as many of them will not be able to do the DHCP forwarding that you need. You will need 1 for each of your remote buildings. The setup process is fairly simple and it has a GUI interface if you are not comfortable with the Cisco command line interface.
ASKER
We are putting in all new servers and we have decided not to pile on more headache than what is already there. I believe we will just setup 1 large scope with a 255.255.254.0 mask giving us 500 addresses. We have too many buildings that have static ip addresses for certain systems and it would cause a headache trying to get those switched over because it's equipment that is taken care of by outside vendors. If anyone thinks this is a really bad idea please let me know and let me know why. Thanks.
192.168.0.0 255.255.0.0