Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

2 Routers, 2 WANS, One Network

Posted on 2011-02-23
13
Medium Priority
?
654 Views
Last Modified: 2012-06-21
I have two WAN connections on two Routers (Sonicwall and 3COM) that share the same subnet.

The computers are all static IP addresses and they specify their respective router as a gateway.

However, the computers on the Sonicwall can't see the computers on the 3COM.  Is there a way to get all the PCs to see each other while maintaining access to both routers?
0
Comment
Question by:rvdsabu4life
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
  • 3
13 Comments
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 34960962
Just to make one thing clear, you said they specify their respective router as a gateway So each PC has only access to one router hasn't it?

Do you have a switch in place to connect the lot?
0
 
LVL 4

Expert Comment

by:Kendzast
ID: 34960998
If WAN is connected to internet, so problem could be with NAT on WAN interfaces. If WAN interface is not connected to internet but it's just your local network it can be done with static nat (1:1). Of course this can be also done when using internet on WAN ports but you need a wide range of public addresses :)
Second option to to bypass NAT for internal range. Have to add rule which bypass NAT when connecting from private network 1 to network 2.
0
 

Author Comment

by:rvdsabu4life
ID: 34961263
Just to make one thing clear, you said they specify their respective router as a gateway So each PC has only access to one router hasn't it?

Do you have a switch in place to connect the lot?

Correct.  I have 2 2960s In place now
0
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

 
LVL 4

Expert Comment

by:Kendzast
ID: 34961374
Traffic between WAN interfaces goes throught ISP or local switch ?
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 34961390
So the PC's are hooked up to the switches but they can't see each other. And switches are connected as well?
In that case you might want to look at the setup of the switches.
0
 

Author Comment

by:rvdsabu4life
ID: 34961532
Traffic between WAN interfaces goes throught ISP or local switch ?

Traffic goes from the PCs, to the switches, to the routers.

So the PC's are hooked up to the switches but they can't see each other. And switches are connected as well?

Yes.  Could someone explain the NAT on WAN interfaces.  I was reading something about this and I think it might work.
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 34961698
I think I need more coffee.....

Misread the question, let's see if I got it right now:

You have two routers which are on the same public subnet. Behind those routers are two networks with PC's within two private subnets. You want the pc's from both networks to be able to see each other.

If that is the case I think the best thing to do is to try and set up a site to site VPN between the two routers. That way the PC's can see each other and you are secure because you are still traversing a public network.
0
 
LVL 4

Expert Comment

by:Kendzast
ID: 34961776
When you are talking about WAN interfaces I hope that this WAN interfaces are connected to internet (or other public carrier). If WAN port is connected to internet and you want users to access internet you need to make address translation (NAP/PAT) on WAN interface. Here is base articla from cisco how nat works

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094831.shtml

Here is little example similar to yours.
My computer is PC-A with ip address 192.168.1.1/24 connected to router (Sonicwall). Your computer is PC-B with ip address 192.168.2.1/24 connected to router (3com). Try to ping my ip address :)

There are different ways to make this works but it depends on your network topology. Can you draw a little schema with ip address range and logical connections ?
0
 
LVL 4

Expert Comment

by:Kendzast
ID: 34961934
erniebeek: I'm not sure if you can make site to site VPN between 3com and sonicwall. On cisco device this scenario would be a piece of cake configuration :) But the main idea you mentioned is correct. One of the next option is to "don't NAT" traffic from private network A (behing sonicwall) and network B (behind 3com). You need to write exception NAT rule (ACL) for this specific traffic. Disadvanage is when somebody sniffs traffic between WAN interfaces can see original (private) IP addresses of your computers.
I would prefere direct cable (wireless) connection between this 2 networks (if it is possible) and route them. In this case you don't need to configure NAT exceptions because traffic between this 2 networks would not flow through WAN interfaces but through direct line.
0
 

Author Comment

by:rvdsabu4life
ID: 34963507
@Kendzast

I will advise after I read the article.

@erniebeek

Correct.  However, the public subnets are not the same.
0
 

Author Comment

by:rvdsabu4life
ID: 34963863
OK, so if I followed these instructions, my setup could work?

http://www.experts-exchange.com/Hardware/Networking_Hardware/Routers/Q_24992501.html

0
 
LVL 4

Accepted Solution

by:
Kendzast earned 2000 total points
ID: 34964205
No :) You don't need MPLS implementation.

Here is configuration example for Sonicwall
http://doc.m0n0.ch/handbook/examplevpn.html

Somethig similar like I did, from cisco
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094bff.shtml
You can route private IP subnets over GRE tunnel. OSPF, RIP, EIGRP support. Great thing!

0
 

Author Comment

by:rvdsabu4life
ID: 34978894
I was able to successfully do what I needed to this morning.  Thanks for all the help!
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question