[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


2 Domains - 1 LAN

Posted on 2011-03-09
Medium Priority
Last Modified: 2012-05-11
I've been doing a lot of reading, and it appears very possible, I just want to put it out there to reassure me before I go ahead with it.

I have a client that has two separate business in the same office. Company 1 just upgraded to a 12MB Internet Connection and VOIP Phones, Company 2 is going to share the internet connection and phones.

Before this, they each had their own DSL lines.

Company 1 has a Windows 2003 SBS, domain controller, running DNS but a router is doing DHCP.
Company 2 has a Windows 2003 Standard Server, domain controller, also doing DNS but their router is also doing DHCP.

Company 2 is only 4 users.

They do want to keep their domains (relatively) separate.

Can I put both servers on the LAN, same IP addressing, using one router, and statically assigning Company 2 PCs static addresses, gateway, and DNS (pointing to their server) without interfering with the other domain server? Still having all users log into their respective domains?

Question by:toe_mas
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
  • 2
  • +1

Expert Comment

ID: 35089498
Yes this could be done but you will have to set exclusion in DHCP on the other server to ensure that the ip's you have assigned do not get used.

I would suggest running two different subnets and using the same gateway and or a proxy server for both.  This will keep everything separate and you will still be able to access the internet connection from either subnet

Author Comment

ID: 35089514
Yes, I'd make sure of the DHCP issue.
Are you saying I should have one network be 192.168.0.X and the other be 192.168.1.X but using the same Gateway IP, i.e.

Author Comment

ID: 35089520
Then of course the DHCP issue wouldn't exist if course...
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.


Expert Comment

ID: 35089534
yes you will have the two subnets (192.168.0.x and 192.168.1.x)  They can use the same gateway.  As toe mas has said you will loos the DHCP on the static assigned subnet but if this is ol for you then no problem.  You could also put in another switch and have each subnet on its own switch and connect the new one to be able to access the gateway.  You will have to configure the switches to allow this though.
LVL 77

Expert Comment

by:Rob Williams
ID: 35089771
If you have two subnets how are they going to use the same gateway?
If you have a router that supports multiple LAN IP's (i.e. 2 gateways) you could do that.

You can accomplish what you want but it is not an ideal situation, there can be IP conflicts, major DNS issues, and security concerns.
Ideally if you can get 2 public IP's from your ISP isolate them completely by configuring such as:


Both networks can then be on different subnets, different physical networks, and protected by one another by the routers/firewalls.

Ignoring that you can use a single DHCP server (preferably the SBS) and use exclusions, reservations (assigning appropriate DNS), and static IP's. However when you have a new machine or guest in the office all sorts of havoc breaks out.

Author Comment

ID: 35089853
Gottcha, RobWill, what if I had a second router (for Company 2), go into Company 1's router? And ran Company 2 off just that router? Then it can have two different subnets. Kind of like adding public wireless into a wireless LAN , router into router...

Author Comment

ID: 35089859
Geez... I meant, adding public wireless into a private lan, router into router... I've looking at screens to long today!
LVL 26

Accepted Solution

Fred Marshall earned 1000 total points
ID: 35089874
RobWill has given very good advice.  It's easy to manage and it works with low cost equipment.  

If for some strange reason that you don't want to do it quite this way then note:

You can run different subnets on the same LAN.  Then the only trick is how to connect to the internet from both LANs.
- Suppose that one LAN with internet connection already exists.
- Simply add computers on another subnet onto the same wires and switches.
Then, for the new subnet you might:
1) add an internet router/gateway with its own public IP address.
2) add an internet router/gateway on the same "interim" LAN / subnet as in RobWill's diagram to connect to a common internet router.  This means that the "outside" Internet/WAN address will be on the "other" subnet.  It also means that the computers on the new LAN/subnet will likely be able to "see" the computers on the first subnet.   If that's not OK then back to RobWill's suggestion.

Author Comment

ID: 35089929
FMarshal;, I think we were both typing at the same time! That is what I suggested just seconds before you. Yes, I understand one LAN will be able to see the other. Like I said in the original question, they want it relatively separate. Meaning someone would have to really go digging to find it, rather than accidentally browse to it while saving a file. The employees in question are not the "Digging" type. So router into router would be perfectly acceptable for my set up. Other people might want to go for the extra security.

The fact that one LAN will be able to see the other, even though they are on different subnets, is the same reason I originally thought that two different subnets could use the same gateway as was originally suggested at the beginning of this question. I understand now why that isn't quite right.

LVL 77

Expert Comment

by:Rob Williams
ID: 35089947
You can connect one router to the other and it works fine for outgoing services. As you mentioned one network can see the other but not the reverse.
You do run into problems with incoming services (SMTP, RDP, RWW, OWA, VPN) having to be NAT'd twice. Some service like a VPN just will not work.

Author Comment

ID: 35089987
For the main router and main server I have Exchange and Terminal Services that come in.

For the second router (the router into the router) I also have Terminal Services running and a VPN for someone in AZ... I can do Terminals Services on a different port for that one... In the First Router, can't I forward those ports to the Second Router, then in the Second Router, forward those ports to the Server?

What a tangled web :)
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 1000 total points
ID: 35090020
VPN will not allow NAT x 2
Terminal services you can change the port on the outer router and map to the inner router, then map to the TS. That will work.

How expensive is a second IP? This will work but it is rather "rinky dink". Generally a second IP is $5-$10 a month or if you have a business account with a static IP you may already be alloted 5 IP's. It's just that that would be a better business solution.

Author Closing Comment

ID: 35287483
Went another router... although the above would have worked in my situation, they opted for an additional DSL line and everything is separate as was before.

Featured Post

What’s Wrong with Your Cloud Strategy ?

Even as many CIOs are embracing a cloud-first strategy, the reality is that moving to the cloud is a lengthy process and the end-state is likely to be a blend of multiple clouds—public and private. Learn why multicloud solutions matter in this webinar by Nimble Storage.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question