Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Need a second router for FTP

Posted on 2010-11-10
8
Medium Priority
?
805 Views
Last Modified: 2012-05-10
Need a second router for FTP.
Present setup:
Presently we have a Cisco router as our default gateway to get internet access through a T1.  
The problem is that we need to trade large CAD files with our customers and they would clog up the T1.  
To fix this we want to use a separate DSL/cable connection to send docs using FTP.  
Goal:
Give LAN users the ability to send large files directly from their desktop.
Questions:
How would we seamlessly access the FTP router when the DG is pointing to the Cisco router?
Thoughts:
If using an alternate (second) IP address how does it switch between routers?
You could manually change the DG but that would be inconvenient.
You could put the DSL connection on a router that has two LAN ports and set one to the LAN subnet and the other to a DMZ on a different subnet.  Put a PC on the DMZ and access it using remote desktop to send files.
0
Comment
Question by:Jayfo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 18

Expert Comment

by:jmeggers
ID: 34107229
How big is your current Internet router and how many interfaces can it handle?  I would think the better solution would be to add an Ethernet interface for the DSL link and let the router make the forwarding decision.

If there's a reason you absolutely need a second router, my next thought would be to place it on the same LAN subnet, advertise the customer networks using a dynamic protocol and let the current Internet router redirect traffic to the customer networks over to the other router.

And if you have to purchase another router, be sure to at least consider getting one that has two Ethernet and a T1, and get back to the single-router scenario I mentioned above.  The cost may be higher, but it may be worth it to simplify the topology.
0
 

Author Comment

by:Jayfo
ID: 34114200
Thanks for the reply.  Forgive my ignorance if I didn’t completely understand your answer.  The current Cisco router is owned by ATT and ties all our branch offices together on an MPLS network.  Although we probably could make configuration changes, it would be a very big deal to get ATT to customize it.  Also there is limited bandwidth on the MPLS network.  That’s why I wanted to go with a completely separate router over a DSL connection.  From what I can see the ’fly in the ointment’ is that you can only have one default gateway.  

Does it make sense to use a router with two Ethernet ports and set up one Ethernet port to the corporate LAN subnet and then set another port to a separate subnet (DMZ) and put a PC on the DMZ.  Then remote desktop connect to that PC and use it to send and receive FTP files.  
0
 
LVL 8

Accepted Solution

by:
dosdet2 earned 2000 total points
ID: 34115047
We have something almost exactly like what you are looking for.  See the diagram. IP numbers are there just for reference.

We chose the rv042 for the internet facing router because it was inexpensive, had a decent firewall and handled multiple VPN's well.
We set up the system as shown.  The SOHO router has the LAN side toward the main network and the WAN side towards the "public" NAS Device network.

We have a sonicwall where your cisco is.  You would put a route in your cisco that directed all traffic with a destination to the 10.10.200.0/24 network to the host 10.10.10.10

We put in a rule that forwarded all FTP traffic sent to our DLS public IP to 10.10.200.10.
We setup FTP users and security within the NAS device interface.

We can "search for computers" and use the 10.10.200.10 IP number (within the network) and then Map the entire NAS drive share to a drive letter.  Each client that connects has their own login and only has access to their own sub-folder.  Internal users can see all sub-folders.

For a while we had 2 clients setup on site-to-site VPN's and they had drive letters mapped to their respective sub-folders on our NAS.

I can login to any of the routers on the 10.10.200.0 network and configure from my workstation on the main network but our main network is completely isolated from communication initiated from the NAS network.
It is a sweet setup.  
I hope this helps.




2-SeperateNetworks.JPG
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 
LVL 8

Expert Comment

by:dosdet2
ID: 34115264
Sorry Jayfo, I missed the part where you cannot change the Cisco config.
You can insert a router just before your cisco and use it to redirect to your NAS network.  

You may have an issue with the subnet though.  The cisco is going to want to be on your original subnet.  The router you get is going to have to keep the same subnet on both sides, which won't work.  Maybe you can use just the LAN side ???  I've haven't tried anything like that - could do some testing but confidences are not high on that one.

One router added to the cisco would do the trick.  Maybe check on it.  I could lay out a route for it, if I had the IPs you would be using.  Maybe that would help.
Let us know.
0
 
LVL 8

Expert Comment

by:dosdet2
ID: 34115348
One more thought.  You may be able to do a port forward within the SOHO bridging router (to the NAS device) and use FTP on your main network instead of mapping the drive.  

Anybody out there know if this will work??

0
 

Author Comment

by:Jayfo
ID: 34115668
Thanks Dosdet2.  

Your schematic is very close to what I was thinking about.  Let me ask you this.  You show the SOHO router and the Linksys RV42.  Would one router with two Ethernet ports that could be on different subnets do the same job?  

Also, I failed to make it clear that the FTP service is hosted by an outside service provider.  My thought was to put a workstation where you have the FTP server on your diagram (this would be on a different subnet).  Then use this workstation to access the FTP service over the Internet.  Users on the internal LAN could connect to the Workstation (through the router) using a remote desktop connection.

Seems convoluted, but I’m just not sure how to get around the fact that you can only have one default gateway per subnet.
0
 
LVL 8

Expert Comment

by:dosdet2
ID: 34115734
So the clients would put their files on "cloud" hosted drive, then your users would transfer from the hosted drive to their drives.  Then visa-versa for transferring the other way.  

And the reasoning for this is to save bandwidth on your T1 line.

Is that correct?


0
 

Author Comment

by:Jayfo
ID: 34116035
The bandwidth saving would be to send the large files over the DSL and not the corporate MPLS network.  The corporate T1/MPLS ( ATT cisco router)  is already slow.  The goal is to leave the ATT router completely alone and somehow send the files over the DSL connection to a hosted FTP service out there in cyber space.  How does a desktop computer talk to the DSL internet connection when its default gateway is pointed to the ATT router.  Thanks.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
This program is used to assist in finding and resolving common problems with wireless connections.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question