Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 557
  • Last Modified:

2 Domains - 1 LAN

I've been doing a lot of reading, and it appears very possible, I just want to put it out there to reassure me before I go ahead with it.

I have a client that has two separate business in the same office. Company 1 just upgraded to a 12MB Internet Connection and VOIP Phones, Company 2 is going to share the internet connection and phones.

Before this, they each had their own DSL lines.

Company 1 has a Windows 2003 SBS, domain controller, running DNS but a router is doing DHCP.
Company 2 has a Windows 2003 Standard Server, domain controller, also doing DNS but their router is also doing DHCP.

Company 2 is only 4 users.

They do want to keep their domains (relatively) separate.

Can I put both servers on the LAN, same IP addressing, using one router, and statically assigning Company 2 PCs static addresses, gateway, and DNS (pointing to their server) without interfering with the other domain server? Still having all users log into their respective domains?





0
toe_mas
Asked:
toe_mas
  • 7
  • 3
  • 2
  • +1
2 Solutions
 
jcrustCommented:
Yes this could be done but you will have to set exclusion in DHCP on the other server to ensure that the ip's you have assigned do not get used.

I would suggest running two different subnets and using the same gateway and or a proxy server for both.  This will keep everything separate and you will still be able to access the internet connection from either subnet
0
 
toe_masAuthor Commented:
Yes, I'd make sure of the DHCP issue.
Are you saying I should have one network be 192.168.0.X and the other be 192.168.1.X but using the same Gateway IP, i.e. 192.168.1.1?
0
 
toe_masAuthor Commented:
Then of course the DHCP issue wouldn't exist if course...
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
jcrustCommented:
yes you will have the two subnets (192.168.0.x and 192.168.1.x)  They can use the same gateway.  As toe mas has said you will loos the DHCP on the static assigned subnet but if this is ol for you then no problem.  You could also put in another switch and have each subnet on its own switch and connect the new one to be able to access the gateway.  You will have to configure the switches to allow this though.
0
 
Rob WilliamsCommented:
If you have two subnets how are they going to use the same gateway?
If you have a router that supports multiple LAN IP's (i.e. 2 gateways) you could do that.

You can accomplish what you want but it is not an ideal situation, there can be IP conflicts, major DNS issues, and security concerns.
Ideally if you can get 2 public IP's from your ISP isolate them completely by configuring such as:

                                                |=>router1=>Company1
Internet=>modem=>switch=>|
                                                |=>router2=>Company2

Both networks can then be on different subnets, different physical networks, and protected by one another by the routers/firewalls.

Ignoring that you can use a single DHCP server (preferably the SBS) and use exclusions, reservations (assigning appropriate DNS), and static IP's. However when you have a new machine or guest in the office all sorts of havoc breaks out.
0
 
toe_masAuthor Commented:
Gottcha, RobWill, what if I had a second router (for Company 2), go into Company 1's router? And ran Company 2 off just that router? Then it can have two different subnets. Kind of like adding public wireless into a wireless LAN , router into router...
0
 
toe_masAuthor Commented:
Geez... I meant, adding public wireless into a private lan, router into router... I've looking at screens to long today!
0
 
Fred MarshallPrincipalCommented:
RobWill has given very good advice.  It's easy to manage and it works with low cost equipment.  

If for some strange reason that you don't want to do it quite this way then note:

You can run different subnets on the same LAN.  Then the only trick is how to connect to the internet from both LANs.
- Suppose that one LAN with internet connection already exists.
- Simply add computers on another subnet onto the same wires and switches.
Then, for the new subnet you might:
1) add an internet router/gateway with its own public IP address.
2) add an internet router/gateway on the same "interim" LAN / subnet as in RobWill's diagram to connect to a common internet router.  This means that the "outside" Internet/WAN address will be on the "other" subnet.  It also means that the computers on the new LAN/subnet will likely be able to "see" the computers on the first subnet.   If that's not OK then back to RobWill's suggestion.
0
 
toe_masAuthor Commented:
FMarshal;, I think we were both typing at the same time! That is what I suggested just seconds before you. Yes, I understand one LAN will be able to see the other. Like I said in the original question, they want it relatively separate. Meaning someone would have to really go digging to find it, rather than accidentally browse to it while saving a file. The employees in question are not the "Digging" type. So router into router would be perfectly acceptable for my set up. Other people might want to go for the extra security.

The fact that one LAN will be able to see the other, even though they are on different subnets, is the same reason I originally thought that two different subnets could use the same gateway as was originally suggested at the beginning of this question. I understand now why that isn't quite right.


0
 
Rob WilliamsCommented:
You can connect one router to the other and it works fine for outgoing services. As you mentioned one network can see the other but not the reverse.
You do run into problems with incoming services (SMTP, RDP, RWW, OWA, VPN) having to be NAT'd twice. Some service like a VPN just will not work.
0
 
toe_masAuthor Commented:
For the main router and main server I have Exchange and Terminal Services that come in.

For the second router (the router into the router) I also have Terminal Services running and a VPN for someone in AZ... I can do Terminals Services on a different port for that one... In the First Router, can't I forward those ports to the Second Router, then in the Second Router, forward those ports to the Server?

What a tangled web :)
0
 
Rob WilliamsCommented:
VPN will not allow NAT x 2
Terminal services you can change the port on the outer router and map to the inner router, then map to the TS. That will work.

How expensive is a second IP? This will work but it is rather "rinky dink". Generally a second IP is $5-$10 a month or if you have a business account with a static IP you may already be alloted 5 IP's. It's just that that would be a better business solution.
0
 
toe_masAuthor Commented:
Went another router... although the above would have worked in my situation, they opted for an additional DSL line and everything is separate as was before.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 7
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now