Solved

Two seperate lans sharing one internet connection

Posted on 2007-12-06
10
814 Views
Last Modified: 2008-07-14
Hi all,

Heres whats up. Im trying to create a test network which incorporates several different servers and client machines running SQL services as well as third party software such as Made2Manage and others which are used to communicate with various machines on the manufacturing floor. The problem that i have is that i noticed that our "Main" Made2manage Server can ping the primary lan which is a big concern for us, but we cannot ping the second lan from the primary lan. Our current setup is as follows:

1.netopia router which serves up our internet connection among other things.  
ip: 192.168.100.0
Sub: 255.255.255.0
GW: 192.168.100.254
DNS on DC 192.168.100.12

2.Linksys WRT54gs router running dd-wrt (latest version) connected to a switch that is directly connected to the primary netopia router.

Wan IP coutesy of dhcp from netopia
Local ip: 192.168.1.1
local Sub: 255.255.255.0
local GW: 192.168.1.1
local dns: 192.168.1.1

3. Linksys wrt300n router connected to the Linksys w/ dd-wrt

Wan ip Courtesy of dhcp from WRT54gs
Local ip: 10.10.2.1
local Sub: 255.255.255.128
local GW: 10.10.2.1
local dns: 10.10.2.1

w/DHCP off

As is we can get connectivity to the interweb which is a must since remote access via gotomypc will be used over the weekend but as stated above we want to completely separate contact of any kind betweeen the two networks while mainting internet connectivity.
Is this possible in general, with our current hardware or will we need more robust equipment?
Thanks in advance!

0
Comment
Question by:fwecoadmin
10 Comments
 
LVL 3

Expert Comment

by:martonejd
ID: 20422669
it sounds like the primary lan might have a lower security level than the other lan.  for instance, on my firewall, the primary lan is 100, the dmz is 10 and the internet is 0.  or it might be an access rule that is allowing traffic from the other to the primary.
0
 
LVL 11

Expert Comment

by:spoxox
ID: 20422752
My inclination is to connect wrt300n to netopia, not WRT54gs.
0
 
LVL 1

Author Comment

by:fwecoadmin
ID: 20451184
The Security on our primary lan is about as tight as it gets so i dont believe thats the issue. And as far as connecting the 300n only...well thats been done already with the same results.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 1

Author Comment

by:fwecoadmin
ID: 20593083
Unfortunately, none of these really provided a solution and since this post we've been using m0n0wall loaded on a cheap desktop.  So far this firewall product seems to be doing the job just fine providing a duplicate test network using the same gateway without interfering with our live operations.  

Use this: http://m0n0.ch/wall/

0
 
LVL 9

Expert Comment

by:Press2Esc
ID: 20823153
Firstly, update your firmware...
If your firmware allows, check out the Netopia's VLAN option.
Alternately check out the Netopia's Static Routes or IP Static ARP (IP to MAC map)
functionality..

This should take care of your needs.

P2E
0
 
LVL 1

Accepted Solution

by:
fwecoadmin earned 0 total points
ID: 21968685
Sorry for the delay.  We used another solution some time ago, not mentioned here.  None of these worked for us and we ended up using the WRT54GS as an Access Point and went into a PC loaded with M0n0wall ( http://m0n0.ch/wall/ ).  

Using M0n0wall as a firewall we created a Sub-LAN, by assigning a Client IP to it's WAN side, within the Primary LAN and configured the routing tables to point to the Gateway on the Primary LAN.

The WRT54GS ended up being used as just another radio without any DHCP or router properties.
0
 
LVL 9

Expert Comment

by:Press2Esc
ID: 21973157
the sub-LAN and VLAN, pretty much the same functionalyty...  congrats on getting your issue resolved...
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now