Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!
Solved
1 WAN to 2 LAN
Posted on 2016-09-25
Hi all
Im working on a school. For now we used 2 routers with its own WAN to seperate student and admin network.
I want to get rid of 1 router, to use the new advanced router for both networks.
Its a Zyxel Zywall 310.
I managed to make 1 WAN, and 2 LAN (see image)
It works fine because i got seperate switches and cables for each network. So its not a vlan and i guees its not important to create a vlan?
Thats what im asking for.
Is this setup valid? Can the 2 networks connect to each other? They may not be able to.
I know they can ping eachother, but a part from that, the networks most be completely seperated. Are they?
Is there anything to take into consideration, before deploying this pretty simple setup?
Best regards
Mike Kristensen
IT admin
Im working on a school. For now we used 2 routers with its own WAN to seperate student and admin network.
I want to get rid of 1 router, to use the new advanced router for both networks.
Its a Zyxel Zywall 310.
I managed to make 1 WAN, and 2 LAN (see image)
It works fine because i got seperate switches and cables for each network. So its not a vlan and i guees its not important to create a vlan?
Thats what im asking for.
Is this setup valid? Can the 2 networks connect to each other? They may not be able to.
I know they can ping eachother, but a part from that, the networks most be completely seperated. Are they?
Is there anything to take into consideration, before deploying this pretty simple setup?
Best regards
Mike Kristensen
IT admin
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2-
2
4 Comments
Active today
I can only base advice on the User Manual.
ge3 is configured as LAN, ge4 as DMZ by default. Did you change the zone for latter?
To be able to use firewall policies to the full extent, you'll need to put the LAN interfaces into different zones, as policies are applied whenever traffic crosses zones (not interfaces). For intra-zone traffic you can only set up allow-all or deny-all (not sure about that, the manual is ambiguous at page 209).
I recommend to use two zones like "Students" and "Admin", and put each interface into one of them, then set up policies to define which kind of traffic may be passing. You can set up different rules for the admin network to have full access to the students', while blocking anything but ICMP coming from students network.
ge3 is configured as LAN, ge4 as DMZ by default. Did you change the zone for latter?
To be able to use firewall policies to the full extent, you'll need to put the LAN interfaces into different zones, as policies are applied whenever traffic crosses zones (not interfaces). For intra-zone traffic you can only set up allow-all or deny-all (not sure about that, the manual is ambiguous at page 209).
I recommend to use two zones like "Students" and "Admin", and put each interface into one of them, then set up policies to define which kind of traffic may be passing. You can set up different rules for the admin network to have full access to the students', while blocking anything but ICMP coming from students network.
Active 2 days ago
Okay cool. I will try to fix that. For now they are in zone "LAN". But both in that zone. Whenever i pick LAN1 or LAN2 zone, the WAN connection seems to not be connected to LAN1 or LAN2.
Are zones just something you configure? Or does it actually does something specific? Or can you create your own zone, with your own rules? And that is kinda how zones work?
For me it seems like zones are doing something to the ports. But i dont have to use them. I can use port 1 as WAN if i like, and port 2 as LAN etc. etc .?
Is this true?
Are zones just something you configure? Or does it actually does something specific? Or can you create your own zone, with your own rules? And that is kinda how zones work?
For me it seems like zones are doing something to the ports. But i dont have to use them. I can use port 1 as WAN if i like, and port 2 as LAN etc. etc .?
Is this true?
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Arrow Electronics was searching for a KVM (Keyboard/Video/Mouse) switch that could display on one single monitor the current status of all units being tested on the rack.
- Networking Hardware-Other
- Switches / Hubs
- Components
- ATEN Technology
- Hardware
- *Kernel-based Virtual Machine (KVM)
WARNING:
If you follow the instructions here, you will wipe out your VTP and VLAN configurations. Make sure you have backed up your switch!!!
I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg).
If you're interested in additional methods for monitoring bandwidt…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses
Course of the Month8 days, 6 hours left to enroll
715 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.