Internet Splitting

roger_patel
roger_patel used Ask the Experts™
on
Hello,

Looking for some advice with branching off my internet connection into segments without spending thousands.

We have just installed a new Internet Line into our building.  The connection is a 50MB Up & Down dedicated leased line with 126 Static Public IP addresses.

My Office is 20 users and we only use it for WWW and Email.  The connection is very simple :

New Internet Router into my Sonicwall NSA 3500 Wan Port, LAN port of NSA 3500 into my Switch.
 
We are considering renting parts of our building to small 5 user companies so I'd like to offer them internet but at restricted speeds so they don't take out entire bandwidth, as a maximum it could possibly be 10 small offices with maximum of 5 users per office.

I would like some sort of device or software to let me control the usage or split the link into various connections etc.

I know that I can install a Switch after the Router and use it as a splitting device ( allocate Public IP addresses and hand out) but this wont allow me to restrict bandwidth to 1mb for example.

Hopefully there is some sort of device or software that will allow me to do this simply.

Thanks

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Author

Commented:
anyone ?
In the WAN interface you will want to go to Bandwidth Management under the Advanced tab and enter your max egress and ingress bandwidth available from the ISP. Then create a new Zone for each separate subnet you create for the other companies. One interface will be assigned to each Zone (you can use VLANs). Then go into Firewall - Access Rules and edit the Allow for NewZone1(2,3,etc) -> WAN and set the bandwidth desired in the Bandwidth Management tab for each.
Top Expert 2010
Commented:
The NSA 3500 has six interfaces. Two are currently used by your company for WAN/LAN. You said you have 5 other company's you'd like to provide Internet to. crouthamela has the right idea and it would be easiest to implament.

Essentially, give each company an interface creating a zone for each one. Then, set BWM (Bandwidth Management) using firewall rules WAN <> ComanyZone to restrict Internet access. Each zone will match the subnet of each company as it currently exists.

Here is a KB on setting the BWM stuff.

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=6076


Now, the caveat, you said 5 companies. With the configuration above, you'd be short an interface. Since these companies are separate, I'm sure they'd want to keep their LAN traffic segregated. I'm not sure what you'd do with the 5th company. The traffic MUST go through the sonicwall WAN interface if you want to regulate traffic. Of course, as crouthamela, you could select one interface, vlan it and regulate it that way. VLANs complicate things, but you may not have a choice.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial