2 (layer 3) networks over a single flat unmanged network.
I have a random question. What are the issues with running two separate /24 networks over a single unmanaged flat switched network?
My situation is that we're at a very small school district with close to a zero budget. We currently have random wireless APs which provide decent coverage through the district. They are really nothing more than a WPA encrypted extentions of our flat networks without a RADIUS of any kind. (obviously not the best scenario, but hey we're cheap here and it's what we have...)
The networks are switched together with random unmanaged switches that just boost and pass the signal for a 10.0.0.0 /24 network. So with that information...
What would happen if I set my APs to a separate 192.168.0.0 /24 network on the same flat unmanned switching equipment as my 10.0.0.0 /24 uses? (Sure separate VLANs would be wonderful, but costly and it's not an option).
Could I potentially put a RADIUS server with one NIC set on the 192.168.0.0 network and a second to the 10.0.0.0 network? What are some problems? Would even work? Am I nuts on a thursday?
Just brainstorming... thanks for any info...
My situation is that we're at a very small school district with close to a zero budget. We currently have random wireless APs which provide decent coverage through the district. They are really nothing more than a WPA encrypted extentions of our flat networks without a RADIUS of any kind. (obviously not the best scenario, but hey we're cheap here and it's what we have...)
The networks are switched together with random unmanaged switches that just boost and pass the signal for a 10.0.0.0 /24 network. So with that information...
What would happen if I set my APs to a separate 192.168.0.0 /24 network on the same flat unmanned switching equipment as my 10.0.0.0 /24 uses? (Sure separate VLANs would be wonderful, but costly and it's not an option).
Could I potentially put a RADIUS server with one NIC set on the 192.168.0.0 network and a second to the 10.0.0.0 network? What are some problems? Would even work? Am I nuts on a thursday?
Just brainstorming... thanks for any info...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It depends on what WAP's you have. The more inexpensive ones would also accepct DHCP requests on the LAN ports, which would mean they could hand out IP addresses to any wired comptuer also.
ASKER
Well they weren't cheap, but they probably fall into the SOHO category.
APs = Dlink 3200
You've given me a great amount of information. It's probably best to just vlan out and segment the networks.
On top of everything else it really leaves a vulnerability to something like firesheep. I was just trying to think outside the box.
Thanks for all the great info.
APs = Dlink 3200
You've given me a great amount of information. It's probably best to just vlan out and segment the networks.
On top of everything else it really leaves a vulnerability to something like firesheep. I was just trying to think outside the box.
Thanks for all the great info.
Those AP's are actually fairly decent. Infact they seem to support most anything most businesses would need. Way more advanced that your switches.
If you could somehow upgrade your switches to support VLAN's those AP's already support them and would be ready to provide multiple VLAN support. You can have multiple SSID's and each one can be its own VLAN/IP Subnet.
If you could somehow upgrade your switches to support VLAN's those AP's already support them and would be ready to provide multiple VLAN support. You can have multiple SSID's and each one can be its own VLAN/IP Subnet.
ASKER
I wonder what would happen if I allowed the separate WAPs to handle their own DHCP/NAT... Then the only traffic on the 192.169.0.0 /24 would be the known static IPs assigned to the WAPs.
Of course it would defeat the mesh coverage that we currently have as you would be dependent on each WAP for connection... Guess that wouldn't be very good.