[Webinar] Streamline your web hosting managementRegister Today


Need a second router for FTP

Posted on 2010-11-10
Medium Priority
Last Modified: 2012-05-10
Need a second router for FTP.
Present setup:
Presently we have a Cisco router as our default gateway to get internet access through a T1.  
The problem is that we need to trade large CAD files with our customers and they would clog up the T1.  
To fix this we want to use a separate DSL/cable connection to send docs using FTP.  
Give LAN users the ability to send large files directly from their desktop.
How would we seamlessly access the FTP router when the DG is pointing to the Cisco router?
If using an alternate (second) IP address how does it switch between routers?
You could manually change the DG but that would be inconvenient.
You could put the DSL connection on a router that has two LAN ports and set one to the LAN subnet and the other to a DMZ on a different subnet.  Put a PC on the DMZ and access it using remote desktop to send files.
Question by:Jayfo
  • 4
  • 3
LVL 18

Expert Comment

ID: 34107229
How big is your current Internet router and how many interfaces can it handle?  I would think the better solution would be to add an Ethernet interface for the DSL link and let the router make the forwarding decision.

If there's a reason you absolutely need a second router, my next thought would be to place it on the same LAN subnet, advertise the customer networks using a dynamic protocol and let the current Internet router redirect traffic to the customer networks over to the other router.

And if you have to purchase another router, be sure to at least consider getting one that has two Ethernet and a T1, and get back to the single-router scenario I mentioned above.  The cost may be higher, but it may be worth it to simplify the topology.

Author Comment

ID: 34114200
Thanks for the reply.  Forgive my ignorance if I didn’t completely understand your answer.  The current Cisco router is owned by ATT and ties all our branch offices together on an MPLS network.  Although we probably could make configuration changes, it would be a very big deal to get ATT to customize it.  Also there is limited bandwidth on the MPLS network.  That’s why I wanted to go with a completely separate router over a DSL connection.  From what I can see the ’fly in the ointment’ is that you can only have one default gateway.  

Does it make sense to use a router with two Ethernet ports and set up one Ethernet port to the corporate LAN subnet and then set another port to a separate subnet (DMZ) and put a PC on the DMZ.  Then remote desktop connect to that PC and use it to send and receive FTP files.  

Accepted Solution

dosdet2 earned 2000 total points
ID: 34115047
We have something almost exactly like what you are looking for.  See the diagram. IP numbers are there just for reference.

We chose the rv042 for the internet facing router because it was inexpensive, had a decent firewall and handled multiple VPN's well.
We set up the system as shown.  The SOHO router has the LAN side toward the main network and the WAN side towards the "public" NAS Device network.

We have a sonicwall where your cisco is.  You would put a route in your cisco that directed all traffic with a destination to the network to the host

We put in a rule that forwarded all FTP traffic sent to our DLS public IP to
We setup FTP users and security within the NAS device interface.

We can "search for computers" and use the IP number (within the network) and then Map the entire NAS drive share to a drive letter.  Each client that connects has their own login and only has access to their own sub-folder.  Internal users can see all sub-folders.

For a while we had 2 clients setup on site-to-site VPN's and they had drive letters mapped to their respective sub-folders on our NAS.

I can login to any of the routers on the network and configure from my workstation on the main network but our main network is completely isolated from communication initiated from the NAS network.
It is a sweet setup.  
I hope this helps.

KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.


Expert Comment

ID: 34115264
Sorry Jayfo, I missed the part where you cannot change the Cisco config.
You can insert a router just before your cisco and use it to redirect to your NAS network.  

You may have an issue with the subnet though.  The cisco is going to want to be on your original subnet.  The router you get is going to have to keep the same subnet on both sides, which won't work.  Maybe you can use just the LAN side ???  I've haven't tried anything like that - could do some testing but confidences are not high on that one.

One router added to the cisco would do the trick.  Maybe check on it.  I could lay out a route for it, if I had the IPs you would be using.  Maybe that would help.
Let us know.

Expert Comment

ID: 34115348
One more thought.  You may be able to do a port forward within the SOHO bridging router (to the NAS device) and use FTP on your main network instead of mapping the drive.  

Anybody out there know if this will work??


Author Comment

ID: 34115668
Thanks Dosdet2.  

Your schematic is very close to what I was thinking about.  Let me ask you this.  You show the SOHO router and the Linksys RV42.  Would one router with two Ethernet ports that could be on different subnets do the same job?  

Also, I failed to make it clear that the FTP service is hosted by an outside service provider.  My thought was to put a workstation where you have the FTP server on your diagram (this would be on a different subnet).  Then use this workstation to access the FTP service over the Internet.  Users on the internal LAN could connect to the Workstation (through the router) using a remote desktop connection.

Seems convoluted, but I’m just not sure how to get around the fact that you can only have one default gateway per subnet.

Expert Comment

ID: 34115734
So the clients would put their files on "cloud" hosted drive, then your users would transfer from the hosted drive to their drives.  Then visa-versa for transferring the other way.  

And the reasoning for this is to save bandwidth on your T1 line.

Is that correct?


Author Comment

ID: 34116035
The bandwidth saving would be to send the large files over the DSL and not the corporate MPLS network.  The corporate T1/MPLS ( ATT cisco router)  is already slow.  The goal is to leave the ATT router completely alone and somehow send the files over the DSL connection to a hosted FTP service out there in cyber space.  How does a desktop computer talk to the DSL internet connection when its default gateway is pointed to the ATT router.  Thanks.

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question