Security to seperate same subnet

Posted on 2009-04-19
Last Modified: 2012-05-06
There are 2 regional networks in different places. They are in same subnet and link up by switch and router.

Is it possible to put some firewall between them to make them secure seperately.


Question by:turbot_yu
    LVL 3

    Assisted Solution

    well you can use access lists to segregate the traffic. depending on what hardware you are using they may have built-in firewalls.

    For instance, Cisco boxes that use advanced enterprise IOS services have powerful firewall tools built-in, so it may be possible to firewall traffic from the router itself from different areas.

    Best bet, if you do not want to create a different subnet to segregate the traffic is to use access lists to fine-tune what can access what.

    If you need assistance with this, please just let me know.

    LVL 3

    Assisted Solution

    Please provide following information.

    1. What is the current status of your network ?
    2. Are both network connecting to two interfaces of the SAME router ?
    3. Are both subnets using same IP addressing? If possible, please provide the addressing info.
    It is always possible to add firewall in between. Depanding on your requirement, firewall can work in Layer2 or Layer3 mode.

    Hope that helps.
    Warm Regards,
    Nayan Panchal
    LVL 16

    Accepted Solution


    If you can dedicate a box to JUST this task, then something like a Zyxel Zywal 5 in "transparent" mode.

    If you can separate the two "zones" onto separate switches, and then link each switch to a separate port on the firewall, then any Sonicwall from TZ190 upwards, with Enhanced OS, you can configure "zones" (e.g. "sales" "accounts" "warehouse", etc) and interfaces (e.g. Lan-Port 1, Lan-Port 2) and set up rules between them, even though they share a common IP space. *provided* you make sure the traffic between the two zones HAS to pass THROUGH the firewall to get from one to the other, you're in control.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    TechValidate Research on Citrix NetScaler

    Are you looking for an ADC. See what people like you say about Citrix NetScaler. Visit this site to find TechFacts, Charts and Case Studies.

    I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
    If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now