Get GNU / Linux
News Feed
Search
Members
Popular Content
Polls
Screen Shots
Event Photos
Blogs
Wall Papersmy problem
there are 2 networks each one have it's own internet connection .. each one have it's own router and switch .. is it possible to connect these 2 networks so they can share files without sharing the internet connections ? .. and if it possible is there any security can be made to stop anyone trying to use the other network internet connection ?
if that is possible how it can be done .. can i connect both switches with a cable and what configuration will be made to each router and each PC on the networks ..
i have a good background of router configuration i just want to know what can i do and if there a software to be used what is it ? thnx in advance.
ANOTHER BRIEF
link up the two networks, have them all be in the same subnet. each internet connection being a different ips. split the networks based on gateway
for security, have each gateway only forward packages for the machines on its 'network'
having proper subnets for the two, and with routing between would be a bit cleaner, but more complicated
- I'm a code junkie security enthusiast
i search alot and
i search alot and understand something from ur comments here what i will do and u tell me right or wrong first i will connect the 2 switches with crossover cable , the default gateway for the first network is 192.168.1.1 so i will make all users using this router have IPs with range 192.168.1.X , and make the other network default gateway 192.168.2.1 and the users that using this gatway have IPs with range 192.168.2.X . now i have 2 networks , now can users from 1st network share files with users from 2nd network ?
note : should i disable DHCP server on both routers and work with static IPs ? or that will make no difference
no this would not
no this would not work
as I said connecting the two switches will create a single network.
what you need to do is put an extra network card on one of the pcs and use it as a router between the two networks
cheers,
Alaa
http://www.manalaa.net "context is over-rated. who are you anyway?"
so u say that connecting 2
so u say that connecting 2 switch with each other will creat a single network . and i cant connect 2 routers to a single network and direct every routers to its user ?
is there anyway that i can do this .. i know alaa u said that u not an expert but think in anyway to do this . i can try and give u the updates .
thnx to everyone in advance
yes there is a way, get an
yes there is a way, get an extra network card and use a pc with two cards to connect the two networks
cheers,
Alaa
http://www.manalaa.net "context is over-rated. who are you anyway?"
Alaa if he connected the
Alaa if he connected the tow networks as you said lets say its 2 networks now
192.168.1.1/24 192.168.2.1/24
the 1st network config is
iprange 192.168.1.2 192.168.1.254
gateway 192.168.1.1
sub 255.255.255.0
2nd network
iprange 192.168.2.2 192.168.2.254
gateway 192.168.2.1
sub 255.255.255.0
now he have 2 routers would you tell me how he will have access to internet and the other network..???
if pc from netwokr one wanna access resource on netwrk 2 how would that pc wll know the IP of the pc with 2 netwokr cards ..???
now you have pronco solution that you but them in same sub net and
chnage the router ip to
192.168.1.1 1st router ip = the gateway of the 1st network
192.168.1.2 2nd router ip = gateway of the second network
pronco he asked how he can pervent the users from network 2 from using router of network 1 even if he made rule to not forward expect frm its network that won`t stop users from chnaging there ip and access the other network
laplac you have pronco solution and it will work for access internet and resource on other network and if you wanna use diffrent ipranges and diffrent subnets you can do the following
you said you can deal well with routers you will use 2 diffreent range
192.168.1.1/24 192.168.2.1/24
and you add static routing on each router that direct the request t the other router
mean when packet ceom from 192.168.1.1/24 wanna reach 192.168.2.1/24 its goes to 192.168.2.1 and vice versa
ps : on all above cases you will connect the 2 switches with cross cable now we have solved a proplem and we have new proplem how we stop users from using the other network.....
if you have enough money you may pay cico router :) or you can do more complicated solution....
you will need software to bind the MAC address to IP and it exist on sourceforge as i remember now lets go to how will you design it
PC with 4 NIC
2 NIC will be connected the 2 routers 2 nic will be connected the 2 switchs
i think its clear now the pc will forard the request from network to other and the software we will use will pervent them from chnaging there IPs
and every network will have its own internet connection based on your roouting configuration
i know its the longest post i ever made , but i am at good mode :)
Best Regards
I Was Known as POSIX
you will need a freaking
you will need a freaking pc with two network cards
one card will be connected to the first network with ip address say 192.168.1.64
and the other network card with 192.168.2.64 for instance
that computer will have to access the internet through only one gateway (let's say 192.168.1.1)
now that computer will also be setup to forward packets from one network to the other and vice versa (which is why it is a router). I assume this will involve enabling packet forwarding only, but it might involve more.
the other computers will have to have an extra setting, the gateway is not enough, you will have to set a rule in the routing table that says anything going to 192.168.2.0/32 or whatever goes through 192.168.1.64
so you have two routing rules for each pc, one for the internet gateway and one for the between networks gateway.
it's a very simple and doesn't require all that stuff you wrote. (which I didn't understand to be honest)
cheers,
Alaa
http://www.manalaa.net "context is over-rated. who are you anyway?"
i said he may use pc if he
i said he may use pc if he wann assign an ip address to MAC and the user don`t be able to chnage it , or if he chnaged it he won`t get access to internet ,
if he is ready to leave that option then he don`t need pc at all,
he can use diffrent subnets and add route rule at each router to send packets to the other network
he he may do pronco thing and but them in same netwokr with diffrent gateway IPs
the PC that act as router is needed only if he should assign an IP to MAC and don`t tell me he can do it by DHCP he wanna force users not to chnage there ip :)
----------------------------------------------------------------- I Was Known as POSIX
assigning ip to mac is
assigning ip to mac is not easy with dummy switch (only priced switches has this feature cisco maslan).
if your users have no privilege on networking configuration ,the best thing is to have dhcp(you have to read more on dhcpd,dhcp can force ip according to the givin mac).
IMO you will need pc with two network cards one say for network A and one for B,normal ip forwarding will solve the two networks connection issue.
for the Internet if the default gw is the pc with two nics traffic will pass to the other network and you may loss the control over internet traffic.and this is the real problem here. and if you didn't set the default gw the pc with two nics you won't see the other network.
solving this problem could be easily done with heavy configured iptables between the two networks.to check if the dst is the other network or it is an external request (Internet).
Diaa Radwan
Diaa i think he can`t mix
Diaa i think he can`t mix up netwokr bandwidth although he would do it long time ago and save the price of the second DSL line.
i think he should do pronco solution that is less complicated and won`t mix the internet lines
or do the complicated one with pc with 4 NIC to assign an IP to mac there is FOSS to do that but i can`t remember its name right now...
or i have another one he won`t need the 4NIC he will only need 2 NICs
there will be PC with 2NIC act as router and the idea is we will add ip route if unknown destination sent to the PC with2NIC it forward it to the network router and the same with the second network
mean
we have 2 networks
192.168.1.1/24 NIC 1 192.168.2.1/24 NIC 2
192.168.1.2 ADSL router of network 1
192.168.2.2 ADSL router of network 2
if pc/router recived packet for other network it forward it to the second NIC if it recived packet to Unknown destination it send it to
the ADSL router of the network ...
what you think guys like that
1- we didnot mix the internet bandwidth
2- both network have there own subnet or even they would be the same subnets
3- he can using FOSS to assign ip to mac
i think that is the best solution that solve all his proplem from making 2 netwokrs communicate to control the ip to MAC assign
Best Regards
I Was Known as POSIX
thnx Mohammed Ahmed and
thnx Mohammed Ahmed and Alaa and Conceptor for ur comments . Mohammed Ahmed comment were some hard to understand but i think i get some from it .
i need to connect the 2 networks with minimal cost so if avoiding users from network A to use the router of network B will add additional cost so i can ignore it . anyway i can know who is connecting to my router from the router page and i can deal with it .
so i will start connecting the 2 networks with pronco solution but i need help in static routing . first i change one router IP gateway to 192.168.2.1 and leave the other on 192.168.1.1 here is what i see in the router configutation page in the static routing for router 192.168.1.1 :
choose a connection : |RedaADSL(internet connection) |OR| LAN |
New Destination IP :
Mask :
Gateway :
Metric :
i have to fill these blanks and add it in the table . i need help filling these information to achieve what i want .
about preventing users to use the other gateway i thought of MAC address but i cant find anything about MAC add in the router page except "Bridge Filters" and i dont think that wil help me . i will try to search for a software to bind the MAC to the IP as Mohammed said .
Alaa solution with 2 NIC i saw it in alot of forums and it work but i need a PC acting like a router and this PC will be busy all 24 hours routing the traffic and i cant sacrifice my PC . so i will go for the static routing solution as it is the simple one and really thnx for ur help but plz ( kamelo gamayelko ) and tell me what i can do in static routing pahe :) .
destniation IP : ip of the
destniation IP : ip of the other network router
mask : 255.255.255.0
gateway : eth0 or the interface which the packet will exit from or the ip of the interface
metric : 1
try it and tell me
I Was Known as POSIX
We did our job
You said
i have a good background of router configuration i just want to know what can i do
i think we did our job make a little search , belive me you gonna like it
I Was Known as POSIX
in fact i did search alot
in fact i did search alot before posting here in this forum and i posted in alot of other forum but the only thing that i cant find is the last touch to make thing work .
in any forum i get a lot of solution when i move to how to make it .. no one answer .. anyway i'm really thankful for ur help and if i did it right i will let tou know how i did it to help others having the same problem .
this is really late, but i
this is really late, but i am kinda having a similar problem right now..
i guess this could be easily solved using a linux box with two nic's working as a "bridge", not a router. then you can use iptables/ebtables to put access rules between the two network segments
hope this helps any one :P
I'm not network expert. so
I'm not network expert. so please someone review my words
if you connect the two switches they become one network, I'm not aware of anyway to split them when switches are connected.
what you need is a router between your two networks, the easiest way is to fit one pc with two NICs, then setup a routing table to deliver between the two networks.
the two networks should follow the same IP pattern but differ so that when netmask is applied it is obvious which pc belongs to which network
for instance we can do 192.168.1.0-255 for one network, and 192.168.2.0-255 for the other network.
the routing table is set using the route command, and an iptables firewall is enough to restrict what happens between the two networks.
cheers,
Alaa
http://www.manalaa.net "context is over-rated. who are you anyway?"