Solved

Best way to wire our new network equipment, and what type of cables to use?

Posted on 2014-11-24
8
275 Views
Last Modified: 2014-12-15
Hello, I am not trained in networking but I have to install our new network equipment.  

We currently have Comcast Business Class cable modem internet service.  We have purchased a Sonicwall NSA 220W device and 2 Cicso SG102-24-NA 24-port switches.  To add to this, we have a Synology DSW213+ NAS device used for centralized file storage.  I have planned to connect the Sonicwall NSA 220W WAN port to the Comcast modem LAN port with a straight ethernet patch cord.  Then connect one of the Sonicwall LAN ports to the first port of Cisco 24-port switch with a straight Ethernet patch cord.  Then connect the first Cisco switch from one of it's ports to the first port of the second Cisco switch with another straight Ethernet patch cord.  Then lastly I'm not sure where I should connect the Synology NAS?  To one of the switches or directly to the Sonicwall?  I am asking for the correct/best way to connect these devices and the correct type of Ethernet cable to use?  The Sonicwall or Comcast modem will be providing DHCP with a Sonicwall IP of 192.168.1.1 as the Gateway and providing a range of 192.168.1.2 thru 192.168.1.254.  Thanks for your help!
0
Comment
Question by:mjchevalier
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 7

Accepted Solution

by:
tolinrome earned 300 total points
ID: 40463227
The NAS device should connect to one of the switches since its the local subnet (users) that will be using it and having them make the extra hop to the firewall is unnecessary. I would also setup the DHCP on the switch as well and not the firewall, not that its wrong per se to put it on the firewall, but I like to let the firewall be seperate from other duties and again, having the DHCP server on the firewall just adds another unnecessary layer of  complexity as it has to pass those IP requests to the switch. Just setup the DHCP and NAS on the switch.
The cabling method you described is correct and you'll use ethernet 10/100 cables.
If you have to or want the sonicwall to provide DHCP then just setup the scope there. I wouldnt put my DHCP on Comcast. I wouldnt let their equipment have anything to do with my internal network, except just connecting directly to the firewall.
0
 

Author Comment

by:mjchevalier
ID: 40463263
Thanks tolinrome, the Cisco switches we have are unmanaged and I don't think I can setup DHCP on them?  At least I don't know how to do that?
0
 
LVL 5

Assisted Solution

by:Aaron
Aaron earned 200 total points
ID: 40463279
I would put the NAS on the first switch that has the second switch connecting into it.

As for the ethernet cables I suggest Cat6. I find that the shielding comes in handy though Cat5e is fine if you are looking to save some money. I usually like to plan for the future so I would suggest the Cat6. I wouldn't use 10BaseT or 100BaseT as 1000/10000 is cheap enough these days and I think less than 1000 Base cable is going to be a bottle neck for your network.

Link to Cat6 wikipedia definition.
0
 
LVL 7

Expert Comment

by:tolinrome
ID: 40463283
thats right, I just checked. I would put it on the sonicwall then. Do you really need such a large range for the IP's though? Usually most network admins conserve the first 20 or so IP's for static devices such as other switches, printers, etc, things like this so they have a dedicated IP address. So you can make your scope from .30-.254 or something similar.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:mjchevalier
ID: 40463295
I do not need that large of a range. Will that help the speed of the network if I cut it in half, which I can easily do. We have a max of 40 devices connecting to the network.
0
 
LVL 5

Expert Comment

by:Aaron
ID: 40463297
I would agree with tolinrome and even say leave 50 available unless you plan to use a 192.168.2.--- option
0
 
LVL 7

Expert Comment

by:tolinrome
ID: 40463323
It wont do anything to help with the speed of the network by cutting down your DHCP scope range. Keep in mind apart from laptops and desktops that if people are going to be using their smartphones to connect one day to a wireless device router you may setup in the future you'll need IP's from the DHCP scope to serve those as well.

But for now if you have a max of 40 devices and leave some room for growth, you can still have a range from .100 to .254 for DHCP and that gives you plenty of IP addresses. You can always rearrange the scope in the future.
0
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 40463390
Is this network a workgroup or a Windows domain? If it's the latter, common best practice (at least for a network of the size you describe) is to let the Windows server provide the network services.

If it's just a workgroup or you're using a flavour of Linux, then I'd use the Sonicwall to provide DHCP, DNS, etc. The Comcast could provide these services, but the router has a more spare grunt available for doing so, and its firewall is designed to keep external and internal networks apart except for permitted and controlled traffic.

I second (third?) tolinrome's recommendation to connect the NAS to a switch rather than the firewall; if external access is needed to the Synology unit it will ordinarily be more occasional and the firewall can easily be configured to permit such access, but as tolinrome says, it's pointless to have LAN traffic traversing more hops than necessary.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Security is one of the biggest concerns when moving and migrating your data from your on-premise location to the Public Cloud.  Where is your data? Who can access it? Will it be safe from accidental deletion?  All of these questions and more are imp…
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now