Segmenting Networks

DJ_EvergreenDJ_Evergreen MB, Canada Member
edited December 2007 in Science & Tech
Hello all,

I am trying to setup two networks so the two networks cannot communicate to each other but both networks can have internet access.

Here's my network diagram:
networksetupsl3.png


Router0 is a Ovislink SR-401E and Router1 is a WRT54G Router.

Right now Network 1 and Network 2 can both communicate to each other. I thought that setting it up this way would prevent this, but it doesn't. Does anyone know how this would be possible?

Comments

  • kryystkryyst Ontario, Canada
    edited November 2007
    In this configuration if you've just setup Router1 to point to router 0 as it's gateway and done nothing else then Network 2 should be able to see network 1 computers because it's wan and their ip's are on the same network. But network 1 shouldn't be able to see any devices on network 2 unless you are port forwarding them. Though it would be able to see Router 1. If you don't want network 1 or 2 devices to see each other you'd need another router to segment off network 1.
  • edited November 2007
    how about connecting them both to router 0?
  • DJ_EvergreenDJ_Evergreen MB, Canada Member
    edited November 2007
    manuleka wrote:
    how about connecting them both to router 0?
    That's what I'd like to do but router0 only has two interfaces.

    Hmm... Looks like i'll have to throw another router in the mix... Perhaps this would work?

    networksetup2vt2.png
  • RyderRyder Kalamazoo, Mi Icrontian
    edited November 2007
    Each router is "NAT'ing" so each of the networks can talk to each other.

    What are the default gateway's listed for each network?

    Are the switches you are using managed or unmanaged?
  • kryystkryyst Ontario, Canada
    edited November 2007
    You second example will definitely do what you want it to do.
  • DJ_EvergreenDJ_Evergreen MB, Canada Member
    edited November 2007
    So I was able to setup my network today like in the last picture I posted and it works! Thanks everyone for your input.
  • KinetikKinetik Ocala, Florida
    edited December 2007
    Glad it works. Could just use VLans in the future ;)
  • GrayFoxGrayFox /dev/urandom Member
    edited December 2007
    To prevent them from talking to each other you can use ACL's.


    Also you should make use of 802.1Q. With that you can do all this with one router and one interface.
Sign In or Register to comment.