• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 269
  • Last Modified:

Setup one workstation to connect to 2 networks...

Please read this entirely...
I have a new lab area that is being setup in an existing building of a client of ours.  The client already has an existing network that has VPN connectivity to our facility.  We are being contracted to build this new lab and the techs that will be working in the new lab need connectivity to us also.  But, we need to keep the 2 networks seperate.  So, we are going to bring in one Cisco Cat 3500 XL series switch to connect to the new lab equipment and they will have a different ip address scheme than the existing network our client has, but this switch will also be physically connected to their network as well.  So, we'll have one workstation that can see both networks (multihomed nic), another that's just on the new network, and one switch that needs to communicate on both networks to be able to give access to the existing old network to the multihomed workstation.  Also, they currently have their entire "old" network NAT'd to one ip address for the VPN connection (which works because they are only accessing resources on our side right now), but how can I make the new network work through that existing VPN connection?

Hopefully this all makes sense, but please ask questions if you need clarification.  Thanks for your help!

Mark
0
cansib
Asked:
cansib
  • 4
  • 2
1 Solution
 
Nayyar HH (CCIE RS)Network ArchitectCommented:
Sorry Mark, not entirely. Please can you help us out with a sketch?
0
 
cansibAuthor Commented:
So, I've attached a diagram of what I'm trying to explain.

Basically, I need to find a way to connect the PC to both the new and old existing networks and have it be able to communicate with our facility over the VPN.  In drawing this out, I would think if it has an IP address on both networks, that it would use the ip address it will have for the old existing network to connect via the VPN.  If that works, great!  Does anyone see a problem with my diagram or what I'm trying to do?  Thanks!

Mark
network.jpg
0
 
cansibAuthor Commented:
Hmm... How will the switch handle the 2 different networks?  The switch will have it's own ip address that is in the new network.  Will it still pass the traffic destined for the 10.2.1.x network or does there have to be some sort of routing or even VLAN'ing that occurs?
0
Live Q & A: Securing Your Wi-Fi for Summer Travel

Traveling this summer? Join us on June 18, 2018 for a live stream to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
Nayyar HH (CCIE RS)Network ArchitectCommented:

Why not have the switch configured as a layer 2 switch only and have your routing & secuirty enforcement done on the PIX Firewall.

So traffic between old and new networks would need to traverse PIX. The switch would only have an IP on the new network (for managing the switch).

How does this sound?
0
 
cansibAuthor Commented:
I think that's probably the simplest way to go.  The worst part is I don't have control of the firewall, so I was hoping to do as much as I can on things I can control.  But I think you're right.  I'm going to have to see if their IT support will do the routing and security through the firewall.  Any way that I do it, they'll still have to make changes on their side.  Thanks.  I'll let you know how it goes.
0
 
cansibAuthor Commented:
We ended up just putting those machines on the same network and using Windows and Domain security to permit and deny access to resources.  Thanks.

Mark
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now