Solved

1 WAN to 2 LAN

Posted on 2016-09-25
4
74 Views
Last Modified: 2016-09-27
Hi all

Im working on a school. For now we used 2 routers with its own WAN to seperate student and admin network.

I want to get rid of 1 router, to use the new advanced router for both networks.

Its a Zyxel Zywall 310.

I managed to make 1 WAN, and 2 LAN (see image)
1 WAN to 2 LAN
It works fine because i got seperate switches and cables for each network. So its not a vlan and i guees its not important to create a vlan?
Thats what im asking for.
Is this setup valid? Can the 2 networks connect to each other? They may not be able to.
I know they can ping eachother, but a part from that, the networks most be completely seperated. Are they?

Is there anything to take into consideration, before deploying this pretty simple setup?

Best regards
Mike Kristensen
IT admin
0
Comment
Question by:Mike Kristensen
  • 2
  • 2
4 Comments
 
LVL 69

Accepted Solution

by:
Qlemo earned 500 total points
ID: 41814699
I can only base advice on the User Manual.
ge3 is configured as LAN, ge4 as DMZ by default. Did you change the zone for latter?

To be able to use firewall policies to the full extent, you'll need to put the LAN interfaces into different zones, as policies are applied whenever traffic crosses zones (not interfaces). For intra-zone traffic you can only set up allow-all or deny-all (not sure about that, the manual is ambiguous at page 209).
I recommend to use two zones like "Students" and "Admin", and put each interface into one of them, then set up policies to define which kind of traffic may be passing. You can set up different rules for the admin network to have full access to the students', while blocking anything but ICMP coming from students network.
0
 

Author Comment

by:Mike Kristensen
ID: 41814713
Okay cool. I will try to fix that. For now they are in zone "LAN". But both in that zone. Whenever i pick LAN1 or LAN2 zone, the WAN connection seems to not be connected to LAN1 or LAN2.

Are zones just something you configure? Or does it actually does something specific? Or can you create your own zone, with your own rules? And that is kinda how zones work?

For me it seems like zones are doing something to the ports. But i dont have to use them. I can use port 1 as WAN if i like, and port 2 as LAN etc. etc .?

Is this true?Unavngivet.jpg
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 41814830
You can create and names zones as you like. New zones require new firewall rules, though.
Interfaces have a default zone, but you can change that. Interfaces can be member of exactly one zone.
0
 

Author Closing Comment

by:Mike Kristensen
ID: 41819207
I did what you said and its working fine.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Network bottleneck identifier 13 52
Blacked by spamhaus? 26 73
what is mstp 6 37
IP range 6 32
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question