This discussion may help,
Connect two subnets
http://top5lists.org/netforums/viewtopic.php?p=247#247
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"dean.carrefour" <(E-Mail Removed)> wrote in message news:BB1D785F-E030-41DA-9D83-(E-Mail Removed)...
I work in an office that contains two separate, but sort-of-related
companies. I am the IT Manager for both. Right now, their networks are
completely separate. I want to be able to connect them both together (maybe
a bridge?) so that I can administer both of them from my main workstation.
What are my options?
Right now, there is only one network drop in my office, so I can only access
one of the networks. I have thought of a couple of options, but I don't know
which would be best:
1. Add a second network card to my machine, have another drop put in my
office to connect me to the other network.
2. Add a wireless router to the other network (the one I don't have a
connection to currently) and then add a wireless card to my machine.
Basically same outcome as #1.
3. Bridge the two routers together somehow. They are both located in the
same server room.
4. Leave the single network card in my machine, have another network drop
added to my office, put a router in my office that has both networks
connected to it, as well as my workstation.
I want to make this as seamless as possible. Right now, the network I'm
connected to has several Windows 2003 Servers (SQL, Exchange, Terminal
Services, etc.), Active Directory and a domain name. It is the largest of
the two networks by far. Both networks have their own internet connections
and separate ip's, routers, etc.
The other, smaller, network doesn't currently have a real server, just a PC
that shares files, so its only a workgroup right now. I will be upgrading
that network at some point in the near future with its own server, domain,
etc.
I need to be able to access, browse, connect to shares, remote desktop
connections, administer the servers, users, printers, etc. for both networks.
I don't want to have to login every single time I need to access something
on the network, outside of the normal login of my machine. So I'm concerned
about access priviledges, rights, etc. If I'm accessing files on the
current, large, network, then need to do something on the server for the
smaller network, I don't want to have to login to it, then have to login to
the large network again the next time I need to access something there.
Is there a way to set this up where I have access/rights on both networks so
that I only have one login?
The small network will always be much smaller and will never have as many
servers or equipment. Maybe I could make the small network some type of a
sub-network or tree in the larger network? There are only a couple of people
that would need to access shared files between the two companies. Because
its healthcare related companies, it must have adequate security and ensure
that someone from one company is not getting access to something they
shouldn't be accessing on the other company network.
From the outside (web, email, etc.), the companies must appear to be
completely separate. How hard would it be to change the Active Directory to
make a top level network (forrest), then have each of these networks setup as
separate trees in that forrest? Would that allow me to do what I need?
Access both, with a single login (enterprise admin) while maintaining
security and separation where needed? Is this even possible to do with AD
(by modifying the current setup) or would it have to be built from scratch to
end up that way?
I'm going to be adding some new servers (Web, SQL (for web access),
Exchange, one of which will be the new primary domain controller) to the
larger network soon, one of which will be a dedicated web server. I will be
hosting separte web sites for both companies on this one machine. It will be
multi-homed. I don't see a need at this time for the users of the smaller
network to have direct directory-level access to this machine for any reason,
they will only need to access the web pages via a browser. But if the
networks were connected together seamlessly, it would be a non-issue. With
the new Exchange server, I want to host email for both companies on this one
machine. I don't know if that will be possible if the networks aren't
connected? I can't see how the smaller network could connect directly to the
Exchange server via Outlook, it seems like they would only be able to use the
webmail interface because they would otherwise not be members of that windows
domain?
Thanks for any and all information. I'm not an AD pro at all, so I need all
the advice I can get.
Similar Threads
Linear Mode
