Security to seperate same subnet

There are 2 regional networks in different places. They are in same subnet and link up by switch and router.

Is it possible to put some firewall between them to make them secure seperately.


Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

well you can use access lists to segregate the traffic. depending on what hardware you are using they may have built-in firewalls.

For instance, Cisco boxes that use advanced enterprise IOS services have powerful firewall tools built-in, so it may be possible to firewall traffic from the router itself from different areas.

Best bet, if you do not want to create a different subnet to segregate the traffic is to use access lists to fine-tune what can access what.

If you need assistance with this, please just let me know.

Please provide following information.

1. What is the current status of your network ?
2. Are both network connecting to two interfaces of the SAME router ?
3. Are both subnets using same IP addressing? If possible, please provide the addressing info.
It is always possible to add firewall in between. Depanding on your requirement, firewall can work in Layer2 or Layer3 mode.

Hope that helps.
Warm Regards,
Nayan Panchal

If you can dedicate a box to JUST this task, then something like a Zyxel Zywal 5 in "transparent" mode.

If you can separate the two "zones" onto separate switches, and then link each switch to a separate port on the firewall, then any Sonicwall from TZ190 upwards, with Enhanced OS, you can configure "zones" (e.g. "sales" "accounts" "warehouse", etc) and interfaces (e.g. Lan-Port 1, Lan-Port 2) and set up rules between them, even though they share a common IP space. *provided* you make sure the traffic between the two zones HAS to pass THROUGH the firewall to get from one to the other, you're in control.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.