• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 666
  • Last Modified:

2 Routers, 2 WANS, One Network

I have two WAN connections on two Routers (Sonicwall and 3COM) that share the same subnet.

The computers are all static IP addresses and they specify their respective router as a gateway.

However, the computers on the Sonicwall can't see the computers on the 3COM.  Is there a way to get all the PCs to see each other while maintaining access to both routers?
0
rvdsabu4life
Asked:
rvdsabu4life
  • 5
  • 5
  • 3
1 Solution
 
Ernie BeekExpertCommented:
Just to make one thing clear, you said they specify their respective router as a gateway So each PC has only access to one router hasn't it?

Do you have a switch in place to connect the lot?
0
 
KendzastCommented:
If WAN is connected to internet, so problem could be with NAT on WAN interfaces. If WAN interface is not connected to internet but it's just your local network it can be done with static nat (1:1). Of course this can be also done when using internet on WAN ports but you need a wide range of public addresses :)
Second option to to bypass NAT for internal range. Have to add rule which bypass NAT when connecting from private network 1 to network 2.
0
 
rvdsabu4lifeAuthor Commented:
Just to make one thing clear, you said they specify their respective router as a gateway So each PC has only access to one router hasn't it?

Do you have a switch in place to connect the lot?

Correct.  I have 2 2960s In place now
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
KendzastCommented:
Traffic between WAN interfaces goes throught ISP or local switch ?
0
 
Ernie BeekExpertCommented:
So the PC's are hooked up to the switches but they can't see each other. And switches are connected as well?
In that case you might want to look at the setup of the switches.
0
 
rvdsabu4lifeAuthor Commented:
Traffic between WAN interfaces goes throught ISP or local switch ?

Traffic goes from the PCs, to the switches, to the routers.

So the PC's are hooked up to the switches but they can't see each other. And switches are connected as well?

Yes.  Could someone explain the NAT on WAN interfaces.  I was reading something about this and I think it might work.
0
 
Ernie BeekExpertCommented:
I think I need more coffee.....

Misread the question, let's see if I got it right now:

You have two routers which are on the same public subnet. Behind those routers are two networks with PC's within two private subnets. You want the pc's from both networks to be able to see each other.

If that is the case I think the best thing to do is to try and set up a site to site VPN between the two routers. That way the PC's can see each other and you are secure because you are still traversing a public network.
0
 
KendzastCommented:
When you are talking about WAN interfaces I hope that this WAN interfaces are connected to internet (or other public carrier). If WAN port is connected to internet and you want users to access internet you need to make address translation (NAP/PAT) on WAN interface. Here is base articla from cisco how nat works

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094831.shtml

Here is little example similar to yours.
My computer is PC-A with ip address 192.168.1.1/24 connected to router (Sonicwall). Your computer is PC-B with ip address 192.168.2.1/24 connected to router (3com). Try to ping my ip address :)

There are different ways to make this works but it depends on your network topology. Can you draw a little schema with ip address range and logical connections ?
0
 
KendzastCommented:
erniebeek: I'm not sure if you can make site to site VPN between 3com and sonicwall. On cisco device this scenario would be a piece of cake configuration :) But the main idea you mentioned is correct. One of the next option is to "don't NAT" traffic from private network A (behing sonicwall) and network B (behind 3com). You need to write exception NAT rule (ACL) for this specific traffic. Disadvanage is when somebody sniffs traffic between WAN interfaces can see original (private) IP addresses of your computers.
I would prefere direct cable (wireless) connection between this 2 networks (if it is possible) and route them. In this case you don't need to configure NAT exceptions because traffic between this 2 networks would not flow through WAN interfaces but through direct line.
0
 
rvdsabu4lifeAuthor Commented:
@Kendzast

I will advise after I read the article.

@erniebeek

Correct.  However, the public subnets are not the same.
0
 
rvdsabu4lifeAuthor Commented:
OK, so if I followed these instructions, my setup could work?

http://www.experts-exchange.com/Hardware/Networking_Hardware/Routers/Q_24992501.html

0
 
KendzastCommented:
No :) You don't need MPLS implementation.

Here is configuration example for Sonicwall
http://doc.m0n0.ch/handbook/examplevpn.html

Somethig similar like I did, from cisco
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094bff.shtml
You can route private IP subnets over GRE tunnel. OSPF, RIP, EIGRP support. Great thing!

0
 
rvdsabu4lifeAuthor Commented:
I was able to successfully do what I needed to this morning.  Thanks for all the help!
0

Featured Post

Eye-catchers on the conference table

Challenge: The i-unit group was not satisfied with the audio quality during remote meetings. They were looking for a portable solution with excellent audio quality for use in their conference room but also at their client’s offices.

  • 5
  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now