Re: Best solution to segment subnets

Vince wrote:
Hi Kurt,

thanks for the quick anwser. Sorry, here is more information.

The problem is that swicthes are not managed, so they don't support Vlan's. Foundry Networks 2402CF switches awasome models, i didn't know them. But now we can't afford this cost.

There are three subnets and y don't know if it's posible to segment them with the nowdays network layout. I have this:

subnet 1
|
switch
|
[Central Rack] switch--------------------- subnet 3
ADSL router
Windows Server 2003 2 NICs
[Central Rack]
|
switch
|
subnet 2
Router ADSL 192.168.0.1 there is no way to manage this router because my ISP installed it. I think what i want to do it's no posible, ins't it?
i am wondering if add to my windows 2003 server (DC) RRAS services and segment this 3 subnets. Of course Vlan's it's the way to go but not posible nowdays, no managed switches installed.

Sorry about my english.

Regards,
Vince.


Your English is fine.

Since you can't manage your ISPs router, the simplest thing to do is add a router for two subnets (R1 and R2 below). One subnet should be the same as the ISPs router. If that's not possible, just add another router for subnet 3 exactly the same as for subnets 1 and 2 below. Note that these are just cheap SOHO routers that perform NAT. Any $39.95 SOHO router should do the trick.

subnet 1 192.168.1.x
192.168.1.1 |
R1---------------switch
192.168.0.2 |
| [Central Rack]
ADSL router----------switch-------------------- subnet 3 (192.168.0.x)
192.168.0.1 Windows Server 2003 2 NICs
| [Central Rack]
192.168.0.3 |
R2---------------switch
192.168.2.1 |
subnet 2 192.168.2.x



That'll give you Internet for the other two subnets. I'm assuming the switches aren't uplinked to each other, but even if they were it would still work. You'll have a "double-NAT" situation which would give you problems if you're running L2TP VPNs from subnets 1 or two. Otherwise, for just general internet stuff (email surfing, etc) it'll work just fine. You should be able to just configure your extra routers WAN ports to be DHCP and get those addresses form your ISP's router.

....kurt






.

Relevant Pages

  • Re: DNS replication on 2 domain on 2 forests
    ... Switches "route" (hate to use that term with a switch since it is ... to use when referring to those switches (layer 3 or router switches.) ... subnets, therefore, the answer is you need a router. ... It makes the network more efficient. ...
    (microsoft.public.win2000.dns)
  • Re: Best solution to segment subnets
    ... so the switches wouldn't be uplinked each other... ... the uplink would be the ... router, wouldn't be? ... Three subnets need internet. ...
    (microsoft.public.win2000.ras_routing)
  • Re: DHCP and routing across subnets
    ... > You cannot fix this problem by changing things in DHCP or on the RRAS ... > (ie the router option in DHCP should be to the DSL router). ... > subnets access to the Internet. ... > static route to each DSL router to redirect the local traffic to the RRAS ...
    (microsoft.public.windows.server.networking)
  • Re: Different terms for the same or more secure?
    ... >>Logically seperated subnets, I suppose, would be vlaned subnets ... subnet into a router, ... If a VLAN breaks up broadcast domains, then what is a vlaned subnet? ... On a switch, each port is its own collision domain, unlike ...
    (Security-Basics)
  • Re: subnets
    ... You can do it with a Windows Server setup to work as a router. ... Switches will acknowledge and use VLANs but will not route between them, ... > I'm thinking of isolate or divide them in subnets (a subnet of sales, ...
    (microsoft.public.win2000.networking)
Loading