Jump to content

Creating two different IP ranges in one network with internet connectivity

Insider47
By Insider47
in Networking
 Share
Posted

Hello there, 

 

to make it short, I have a problem by setting up my new network correctly.

First of all I tell you what I have, then what I want to do with it and then what is not working  :D

 

I attached a picture where you can see how my setup looks at the moment.

 

What I want to do is to separate the two networks. So that all the systems which are connected to the router can not access the systems, which are connected to the switch. The switch itself is capable of clan, the router isn't.

 

I already had the two networks separated with the help of the access point by just giving the AP a mixed IP in a different range than the DHCP on the router. But with the firmware update the capability of the AP where cut down so I just can use the DHCP-adress given from the router.

 

Now my question. How do I need to configure the managed switch that I can share the internet connection From port "1" but have a separated network which isn't accessible from any other than the systems connected to the switch or the access point.

 

If I just change all IP addresses to a different range I have the problem that I receive no internet connection.

 

Any suggestions for this one?

 

Thank you already for your help.

 

Greetings from Germany,

 

 

Insider47

post-195142-0-81325000-1429533687_thumb.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author

Yes thats correct and my switch has vlan support and I am trying to get it running. Usually I just need to give the switch the IP of the router as the standard gateway and change the IP addresses of all my systems to for example "192.168.10.XX" if the regular router is on "192.168.0.1". So I separate all the systems connected to the router from the systems on the switch but still get my connection to the internet. Is that right? 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

need a L3 switch with ACL support

A little knowledge is very dangerous
CPU: I7 6700K CPU Cooler: CORSAIR Hydro H110i Motherboard: Asus Maximus VIII Hero GPU: 2x Asus GTX980 STRIX RAM: 4x4 (16GB) Corsair DDR4 Case: Corsair 900D Storage: 750GB SSD PSU: Corsair HX1000W Displays: 2xAsus PB287Q (4k) 2x1080 Monitors Keyboard: QPAD MK50 Mouse: 1xRazor Naga Elite 2x Razor Naga Sound: Asus Essence STX, Quad Elite Pre Amp, Quad 909 Power Amp, Monitor Audio GR20 Speakers Headphones: Logitech G930, Sennheiser Momentum Black Microphone: Rode NT1-A, Behringer Xenyx 802, Behringer Ultra-Curve Pro EQ OS: Windows 7 64bit

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I would throw OpenWRT on the D-Link and physically seperate the LANs, run different subnets on the connected interfaces.

 

Or have different pools, put all your known devices in a safe pool, and unknown devices in a different pool with firewall rules to isolate them from each other.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

You need a layer 3 switch.

 

You will setup your L3 switch as the default gateway for the second network and a default route pointing to the router

 

You then need a route put on your router for the second network pointing back to the switch.

 

You then configure an access list on the L3 switch that disallows any traffic going from the first network to the second network.

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Networking

×