Best way to connect two networks?
Hello,
I have two clients in the same building. They both have their own networks. Each network has an internet connection, its own network switch, and its own MS small business server.
They want to connect the networks together so that they can share their network fax/copier/scanner machine and access a cctv system which has a network interface.
Im trying to work out what the best way is of connecting the two networks. It is important to note that I cant just plug a wire in to connect the two switches, because then the DHCP server from one network might give IP addresses to the other network. Also, Microsoft SBS shuts down if it detects another SBS server on the network.
I was thinking about connecting the two switches together, and then set all the sockets on Network Switch 1 to VLAN1, and all the sockets on Network Switch 2 to VLAN2. Then set the sockets for the CCTV and Copier/printer to VLAN1+2.
Would that prevent the DHCP from issueing IPs to computers on the other network?
Would that prevent the SBS servers from "seeing" each other?
There is one SBS on each switch.
I dont want to VPN the two networks together over the internet. The CCTV uses a high level of bandwidth and i'm worried because one client uses VOIP which may be affected by the CCTV application's bandwidth usage.
Your advice is greatly appreciated.
Dan
I have two clients in the same building. They both have their own networks. Each network has an internet connection, its own network switch, and its own MS small business server.
They want to connect the networks together so that they can share their network fax/copier/scanner machine and access a cctv system which has a network interface.
Im trying to work out what the best way is of connecting the two networks. It is important to note that I cant just plug a wire in to connect the two switches, because then the DHCP server from one network might give IP addresses to the other network. Also, Microsoft SBS shuts down if it detects another SBS server on the network.
I was thinking about connecting the two switches together, and then set all the sockets on Network Switch 1 to VLAN1, and all the sockets on Network Switch 2 to VLAN2. Then set the sockets for the CCTV and Copier/printer to VLAN1+2.
Would that prevent the DHCP from issueing IPs to computers on the other network?
Would that prevent the SBS servers from "seeing" each other?
There is one SBS on each switch.
I dont want to VPN the two networks together over the internet. The CCTV uses a high level of bandwidth and i'm worried because one client uses VOIP which may be affected by the CCTV application's bandwidth usage.
Your advice is greatly appreciated.
Dan
DCMBS
You will have to incoporate a router somewhare. Ypou can segregate the LANs using VLANS but they wil not route to each other unless a router is added somewhere.
DHCP wont issue address's to the other network through a router unless you add helper address's so you dont have to worry about that.
As DCMBS says you need a router. I'm not sure about SBS as to whether they can detect each other across a router but if in any doubt a simple access list on the router denying ip from the IP address of each SBS server to the other will do the job
As DCMBS says you need a router. I'm not sure about SBS as to whether they can detect each other across a router but if in any doubt a simple access list on the router denying ip from the IP address of each SBS server to the other will do the job
Yeah you can't place different VLANs on switches and hope they will talk to each other as you need to do what is known as inter VLAN routing. There are 2 devices that can do this. A router, as mentioned above, or a Layer 3 switch...and a layer 3 switch "routes" as well as "Switches" as long as it is configured to route. Cisco for example doesnt route out of the box, you need to add that facility via a command line. Layer 3 switches are also expensive.
I can think of two other options here. If both networks have an internet connection you could run a VPN between the two, and if both are using MS servers then there are options within that OS to do this, however be mindful that a Windows server sitting on the edge of the internet will need to be well protected.
You could also use Remote Routing within the MS server.....this way the windows servers will act as routers.
I can think of two other options here. If both networks have an internet connection you could run a VPN between the two, and if both are using MS servers then there are options within that OS to do this, however be mindful that a Windows server sitting on the edge of the internet will need to be well protected.
You could also use Remote Routing within the MS server.....this way the windows servers will act as routers.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
To add to bluepig's comment:
If you can access B's default router, you can add the route in there and not have to add it into every machine on B's network.
If you can access B's default router, you can add the route in there and not have to add it into every machine on B's network.
ASKER
Thanks for your advice so far. VPN is not an option because of bandwidth issues.
Both companies dont want to purchase any additional equipment, so getting a router to bridge the two networks is a bit difficult.
Both networks have managed switches. Does that change anything?
They have a managed switch and an ADSL router on each network.
The ADSL router connects to the managed switch.
None of the PCs or servers connect directly to the ADSL routers.
Does that help provide a solution that would help with this issue?
Someone suggested setting up a static route, but could provide any further information on how or where.
Both companies dont want to purchase any additional equipment, so getting a router to bridge the two networks is a bit difficult.
Both networks have managed switches. Does that change anything?
They have a managed switch and an ADSL router on each network.
The ADSL router connects to the managed switch.
None of the PCs or servers connect directly to the ADSL routers.
Does that help provide a solution that would help with this issue?
Someone suggested setting up a static route, but could provide any further information on how or where.
A managed switch is not any help here unless it is a layer three switch which may be able to do inter LAN routing. To connect the LANs you will have to provide some form of routing. Switches are devices that operate within the confines of a LAN, they cannot forward trafic to another LAN unless they have some layer three functionality.
Your options here are use a VPN or router. If you use a VPN then inter LAN routing shpould be handled by the VPN endpoint devices but you may still have to provide additional routing table entries.
If you use a router you will have to provide static routing entries on probably each device to route the traffic between the LANs. This is because the default route will route traffic to the internet router, so additional routing will be needed to route between the LANs.
Your options here are use a VPN or router. If you use a VPN then inter LAN routing shpould be handled by the VPN endpoint devices but you may still have to provide additional routing table entries.
If you use a router you will have to provide static routing entries on probably each device to route the traffic between the LANs. This is because the default route will route traffic to the internet router, so additional routing will be needed to route between the LANs.
ASKER
Can you provide additional information on static routing?
Thanks
Dan
Thanks
Dan
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Static routing is a manually created entry in a routing table.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
basically the way this works is a switch routes on the mac address of a device, a router routes on the IP address. If you need to send data from one lan to another you need to route on the ip address as this identifies the network. A switch does not know anything about IP addresses unless it has layer three functionality as IP routing is a layer three function, so a switch cannot forward traffic to another network. Tthe IP address is used to route traffic between networks and once the traffic has arrived at the target network(lan) the mac address is used to identify the target device. So in your scenario you will need a device (Router) that can forward the traffic from LAN1 to LAN2 using its IP address. A switch cannot do this.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Good tip about adding the static route to the adsl router. This should be doable for any router to avoid having to use static routes on individual workstations.