Setting up two separate networks on two routers on one Network?

Discussion in 'Network Routers' started by steve, Aug 8, 2008.

  1. steve

    steve Guest

    Im a teacher at a small school. We have one 2003 server and several
    teachers computers. We also have student computers some which are
    laptops.

    I don't know some about networking but don't know how to do what I
    want at this point.

    We have one connection to the internet. What I want is two separate
    networks. One that accesses the Windows server and other resources on
    that network. eg printers, small library database computers etc. but
    also allows you to surf the net. But I also want another network that
    students can connect to just to surf the net. They would not be able
    to access the server or any resources on its network. Now of course
    this is already achieved by passwords and active directories etc. But
    I would also like to separate it by the network. One added feature of
    this is that I could put wireless networks on the one network (student
    Net) eg the one that is just for surfing which helps a little in the
    area of security.

    I don't really know how to do this. I'm sure that its just primarily
    through IP settings etc. on the router but I dont know know how to do
    this. Does anyone know of a web site that would help me here or give
    me a simple description of how to do this that would help to get this
    started.

    As an added question if I may. I bought a wireless N router and a
    wireless N card. This is suppose to travel farther than other wifi
    signals. I have not found this to be true any anyone give me any
    feedback on their findings.

    Regards
     
    steve, Aug 8, 2008
    #1
    1. Advertisements

  2. steve

    Intuitive Guest

    Using passwords in Active Directory is not a proper way of preventing
    access to it.

    What you should do is have a Wireless subnet which students can use to
    surf the Internet, and use access lists to prevent that subnet from
    accessing the Servers (which you will put on another subnet).

    What sort of router you have, and what sort of interfaces that router
    has on it will determine how this is set up. Of course - the equipment
    is your only limitation. :)

    So, if you replied with some Make & Models of the network equipment that
    you already have, or if you were open to spending; then someone (even on
    this newgroup) could help you to start planning.

    Regards,
    Jason
     
    Intuitive, Aug 8, 2008
    #2
    1. Advertisements

  3. steve

    steve Guest

    Jason or others.

    Thanks for your advice.

    We have several routers, no consistency I'm afraid. As the place grew
    and more and more area wanted wifi then they got added.

    Dlink ebr2310 (which is our dhcp and our gateway to the world)
    USR8054 x2
    Linksys wrt54gs
    Linksys WRT300N

    I provide these to show you waht we have. And of course we can buy
    more. But I think what Im looking for is to understand the concept.
    Because of course I think (if your not too picky) any router can
    basically do what you have mentioned. eg set up a sub net. (Please
    feel free to correct me on anything)

    IF my presumption is true(?) That most routers can do this. I have
    several questions. BTW our current addressing scheme is 192.168.1.x
    and we have one Router doing dhcp. The server does not do this. This
    is the system I inherited.

    Lets call the two networks Office and Student.

    Would I just plug the Wifi routers in the office network. Set one up
    to do DHCP based on 192.168.2.x (or even 10.1.0.x just to make it
    really different) Then give all the student wifi routers static ip's
    of the 192.168.2.1 , 2, 3, etc. Any Wifi that I wanted Teachers to
    access the network say the teachers lounge I would give the
    192.168.1.x address. (yes I know there will be some leakage from the
    lounge but Im really just trying to understand the concept at the
    moment.


    By the way if anyone wants to read a great relatively simple article
    on routers and basically how they work and how to set up two routers
    to create a super secure network here are a few links. I have read
    them and they are great. However they dont quite do what I want.

    http://www.grc.com/nat/nat.htm
    http://www.grc.com/nat/nats.htm



    Here is a suggested diagram. Cut and paste into notepad or some other
    mono spacing text editor.


    DMZ
    .-------.
    |NatRout|< Office DHCP
    '-------'
    |
    | ()
    .-------. .-------. .-------. /\/\/\/
    |Switch|----------|Switch|--|NatRout|-------------| NWFR |
    '-------' '-------' '-------' \/\/\/
    | | |
    | | |
    | | .----------|
    | | | |
    | | () | |
    | () /\/\/\/ | | ()
    /\/\/\/ | NWFR | | /\/\/\/
    | NWFR | \/\/\/ | | NWFR |
    \/\/\/ Student | \/\/\/
    Student | Student
    | ()
    /\/\/\/
    | NWFR |Office
    \/\/\/

    ----Table------------------------------------------------------------

    -
    .-------.
    |Switch| == Switch NAT WIFI ROUTER
    '-------'
    ()
    /\/\/\/
    .-------. | NWFR |
    |NatRout|==NAT Router \/\/\/
    '-------'
    (created by AACircuit v1.28.4 beta 13/12/04 www.tech-chat.de)
     
    steve, Aug 11, 2008
    #3
  4. steve

    steve Guest

    Ken I didnt see your post untill now.

    Im trying to understand your answer. If I put a router on the
    network. so >>dmz - [router-dhcp]--- students --- [router] ---
    teachers---- Does this mean that I can use the same ip scheme eg
    192.168.1.x on both networks but the students will not be able to
    access anything behind the teachers router that is downstream ?( I
    get the term downstream and upstream confused so I may mean upstream)
    Basically that students will not be able to access teachers stuff.
    Also If I use a separate numbering scheme eg 10.1.0.x do I have to set
    up the teachers router to do that. and will it do it for different
    "legs" of the net that have wifi or network connections. What would be
    the pros and cons of using the same subnet (if thats what the
    192.168.1.x is ) from using and setting up a second one for the
    teachers.
    Hope Im clear and dont ask to goofy questions.

    Thanks.
     
    steve, Aug 11, 2008
    #4
  5. steve

    steve Guest

    So one router would do IP's for Students and another would do IP's for
    teachers is what I hear you saying.
    Yes I agree 192.x and 10.x Nice and clear.
    Yes I understand, love that NAT.

    Ok I need a little more fleshing out here I don't quite understand
    what you mean here.

    Say you have a network that looks like Pitch fork. There are 3 spikes
    on the fork. Along the fork there are wireless routers and computers
    for the students. However at the end of the tines (the spike of the
    fork) you put a Teacher router. Can you set one of these teacher
    routers to do dhcp for the teachers, then give each of the teachers
    routers a different IP address, say 10.1.0.1. & .2 & .3 set each of
    the subnet masks to 255.255.255.0 and I'm done. This will mean that in
    total I will allow roughly 255 computers on this subnet 10.1.0.1-255
    (this is way more than we need by the way).
    Can one dhcp figure out who it is suppose to give IP's though on a
    network that has other traffic on it.

    Will the routers at the end of spike 2 and 3 find the DHCP on 10.1.0.1
    despite the fact that the network is also the students network.
    Do ya get what I mean??
    Sure and frankly subnets 192.x and 10.x makes it clearer.

    Hope Im clear enough. Frankly its sort of fun figuring it all out.

    Regards
     
    steve, Aug 11, 2008
    #5
  6. steve

    Major Minor Guest

    The person who wrote this is s teacher? Egad!
     
    Major Minor, Aug 12, 2008
    #6
  7. steve

    steve Guest

    Yes thanks for the compliment I should really be in IT Instead of the
    History department.

    Regards
     
    steve, Aug 12, 2008
    #7
  8. steve

    steve Guest

    Let's back up a little. How many student computers do you need to
    Student computers would be about 5 Wired and 10-15 Wireless.
    Teachers computers and library are about 15.
    Campus is several Buildings and residences (Row Houses) The buildings
    are around 70-100+ years old, Some buidings are 20 feet away others
    are maybe 75 feet away.Not that far apart really. That means SOLID
    construction, stone brick thick walls. We have several WIFIs now but
    struggle with conectivity.
    In thinking this through one of the problems is that Im going to have
    to go through and change all the ip's on all the devices, printers etc
    and possibly reconfigure the server. And add Routers onto the existing
    line to create the second layer of defense (second network.)

    Your comment back to me leads me to think that the the question
    regarding DHCP is no! eg if you have one teacher router connected to
    the upstream student network, that the one teacher router will not be
    able to see the second teacher router connected upstream to the
    student network.
    That there needs to be a separate network cable connecting the
    teachers network and students network.

    Right now its basically network cable running here and there and
    trying to separate the lines upstream and down stream may be very
    hard?? I could diagram it basically if it would like to show you how
    its configured now.
    Regards
     
    steve, Aug 12, 2008
    #8
  9. steve

    steve Guest

    In other words NO one wireless router would not work. We have several
    now!

    Regards
     
    steve, Aug 12, 2008
    #9
  10. steve

    Kerry Liles Guest

    lol - a fine retort!

    People seem to forget that usenet postings aren't usually used as doctoral
    theses or even papers.
    Nevertheless, the (amateur) grammar and usage police are everywhere! Beware!
    Hide the women and children!
    PS: consider how much more interesting the original post might have been had
    it come from a CrackBerry or simlar mobile phone with a next to useless
    keypad!
     
    Kerry Liles, Aug 13, 2008
    #10
  11. steve

    steve Guest

    Here is a diagram. Cut and paste it into a notepad or other mono
    spacing editor.

    It goes through walls and floors and building. I have not listed that.
    There is actually another device in front of the DHCP router. Thats
    provided by the phone company, presumably a dsl device. Not mine I
    dont mess with it.

    You can see its a mess. But thats what happens when someone says hay
    this internet thing lets get a computer and then someone else says hay
    thats neat lets get a router, then we have a teacher who had a phd in
    computer science and says you need a server with active directories
    and databases yadda yadda yadda. You keep adding and before you know
    it its a mess of wires and stuff. He's gone and someone else has to
    pick up the pieces.


    Regards
    steve.






    -----------------------------------------------------------------------------------------------------------------

    DMZ - World
    .-------.
    A |NatRout|DHCP
    '---o---'

    | .--------.
    o----------------------
    o----------------------------------------| Switch |
    |
    | | 1 |
    | SOME RESIDENT
    | 'o-------'
    | STUDENTS PICK UP |
    ACEDEMIC | |
    | THIS SIGNAL |
    OFFICES | #-2003 Server
    C | () |
    o---------------o | Active Dir
    /\/\/\/ |
    | |
    | NWFR | ADMIN |
    | | 3
    o\o\/o/ OFFICE | |
    2 .-------.
    | | |
    o .-------. |Switch|
    | | | # |
    Switch| '-------'-o
    | | | 'o-o-o-
    o' | | |
    | | | | | |
    | | | |
    o o | | | |
    | | | |
    # # | | | |
    | | | |
    | | | |
    | o o o
    | o o o
    o | # #
    D | () # # #
    # |
    /\o\/
    \/ |
    THIS | NWFR | LIBRARY STUDENT
    COMPUTER |
    WIFI IS o\o\/o/
    ROOM |
    FOR | |
    | B | ()
    STUDENTS | |
    | /\/\o\/
    ALSO | | o DATABASE FOR
    CATELOGUES | NWFR | WIFI WE ATTEMPT
    | |
    # \o\/o/
    TO BROADCAST
    |
    o |
    | TO RESIDENCES
    | # CARD CATELOGUES COMPUTER FOR SERCHEING CARD
    DB | |

    o | |
    # CARD CATELOGUES COMPUTER FOR SEARCHING CARD
    DB | |
    +--------------------------------------------------------------------
    + o o--------o
    () TABLE
    SCHEMATIC # |
    /\/\/
    \/
    | ()
    | NWFR | NatWifiRouter B C
    D /\o\/\/
    \/\/
    \/
    | NWFR |

    \/o/\/

    o
    |
    # Wired
    Computer
    |

    |
    .-------.
    |
    |NatRout|Nat router
    A o

    '-------'
    #
    .-------.
    |Switch| Switch 1 2 3
    '-------'
    (created by AACircuit v1.28.4 beta 13/12/04 www.tech-chat.de)
     
    steve, Aug 13, 2008
    #11
  12. steve

    steve Guest

    Here is a diagram. Cut and paste it into a notepad or other mono
    spacing editor.

    It goes through walls and floors and building. I have not listed that.
    There is actually another device in front of the DHCP router. Thats
    provided by the phone company, presumably a dsl device. Not mine I
    dont mess with it.

    You can see its a mess. But thats what happens when someone says hay
    this internet thing lets get a computer and then someone else says hay
    thats neat lets get a router, then we have a teacher who had a phd in
    computer science and says you need a server with active directories
    and databases yadda yadda yadda. You keep adding and before you know
    it its a mess of wires and stuff. He's gone and someone else has to
    pick up the pieces.

    Regards
    steve.

    I hope this diagram works.


    DMZ - World
    .-------.
    A|NatRout|DHCP
    '---o---'

    | .--------.
    o----------------------
    o----------------------------------------| Switch |
    |
    | | 1 |
    | SOME RESIDENT
    | 'o-------'
    | STUDENTS PICK UP |
    ACEDEMIC | |
    | THIS SIGNAL |
    OFFICES | #-2003 Server
    C| () |
    o---------------o | Active Dir
    /\/\/\/ |
    | |
    | NWFR | ADMIN |
    | | 3
    o\o\/o/ OFFICE | |
    2 .-------.
    | | |
    o .-------. |Switch|
    | | | # |
    Switch| '-------'-o
    | | | 'o-o-o-
    o' | | |
    | | | | | |
    | | | |
    o o | | | |
    | | | |
    # # | | | |
    | | | |
    | | | |
    | o o o
    | o o o
    o | # #
    D| () # # #
    # |
    /\o\/
    \/ |
    THIS | NWFR | LIBRARY STUDENT
    COMPUTER |
    WIFI IS o\o\/o/
    ROOM |
    FOR | |
    | B | ()
    STUDENTS | |
    | /\/\o\/
    ALSO | | o DATABASE FOR
    CATELOGUES | NWFR | WIFI WE ATTEMPT
    | |
    # \o\/o/
    TO BROADCAST
    |
    o |
    | TO RESIDENCES
    | # CARD CATELOGUES COMPUTER FOR SERCHEING CARD
    DB | |

    o | |
    # CARD CATELOGUES COMPUTER FOR SEARCHING CARD
    DB | |
    +--------------------------------------------------------------------
    + o o--------o
    () TABLE
    SCHEMATIC # |
    /\/\/
    \/
    | ()
    | NWFR | NatWifiRouter B C
    D /\o\/\/
    \/\/
    \/
    | NWFR |

    \/o/\/

    oO
    |
    # Wired
    Computer
    |

    |
    .-------.
    |
    |NatRout|Nat router
    A o

    '-------'
    #
    .-------.
    |Switch| Switch 1 2 3
    '-------'
    (created by AACircuit v1.28.4 beta 13/12/04 www.tech-chat.de)
     
    steve, Aug 13, 2008
    #12
  13. steve

    steve Guest

    DMZ - World
    .-------.
    A|NatRout|DHCP
    '---o---'

    | .--------.
    o----------------------
    o----------------------------------------| Switch |
    |
    | | 1 |
    | SOME RESIDENT
    | 'o-------'
    | STUDENTS PICK UP |
    ACEDEMIC | |
    | THIS SIGNAL |
    OFFICES | #-2003 Server
    C| () |
    o---------------o | Active Dir
    /\/\/\/ |
    | |
    | NWFR | ADMIN |
    | | 3
    o\o\/o/ OFFICE | |
    2 .-------.
    | | |
    o .-------. |Switch|
    | | | # |
    Switch| '-------'-o
    | | | 'o-o-o-
    o' | | |
    | | | | | |
    | | | |
    o o | | | |
    | | | |
    # # | | | |
    | | | |
    | | | |
    | o o o
    | o o o
    o | # #
    D| () # # #
    # |
    /\o\/
    \/ |
    THIS | NWFR | LIBRARY STUDENT
    COMPUTER |
    WIFI IS o\o\/o/
    ROOM |
    FOR | |
    | B | ()
    STUDENTS | |
    | /\/\o\/
    ALSO | | o DATABASE FOR
    CATELOGUES | NWFR | WIFI WE ATTEMPT
    | |
    # \o\/o/
    TO BROADCAST
    |
    o |
    | TO RESIDENCES
    | # CARD CATELOGUES COMPUTER FOR SERCHEING CARD
    DB | |

    o | |
    # CARD CATELOGUES COMPUTER FOR SEARCHING CARD
    DB | |
    +--------------------------------------------------------------------
    + o o--------o
    () TABLE
    SCHEMATIC # |
    /\/\/
    \/
    | ()
    | NWFR | NatWifiRouter B C
    D /\o\/\/
    \/\/
    \/
    | NWFR |

    \/o/\/

    oO
    |
    # Wired
    Computer
    |

    |
    .-------.
    |
    |NatRout|Nat router
    A o

    '-------'
    #
    .-------.
    |Switch| Switch 1 2 3
    '-------'
    (created by AACircuit v1.28.4 beta 13/12/04 www.tech-chat.de)
     
    steve, Aug 13, 2008
    #13
  14. steve

    steve Guest

    Internet
    .-------.
    |NatRout| DHCP
    '--o----'
    |
    o--------o---------o
    | | |
    | () | |
    /\/\/\/ | .-------. Active Directory
    | NWFR | | |Switch|o---o#Win2003 Server
    o/\o\o | 'o--o---'
    | | | | | |
    | | | | | |
    | | | o | o----------o
    | | | # | |
    | | | .-------. .-------.
    o | | |Switch| |Switch|
    # o | 'o-o-o-o' 'o--o--o'
    # | | | | | | | |
    | | | | | | | |
    | | | | | | | |
    | () | | | | | | |
    /\/\/\/ o o o o o o |
    | NWFR | # # # # # # |
    o/\o\o |
    | | | | ()
    | | | /\/\/\/
    o | o | NWFR | ()
    # | # \o\/o/ /\/\/\/
    o | | | NWFR |
    | | \/o/\o
    | o------------o |
    o |
    # |
    o
    #
    Table
    ================

    NATWifiRouter
    ()
    /\/\/\/
    | NWFR |
    \/\/\/


    NATRouter
    .-------.
    |NatRout|
    '-------'


    Network Switch
    .-------.
    |Switch|
    '-------'


    Wired Computer
    o
    #
     
    steve, Aug 14, 2008
    #14
  15. steve

    steve Guest

    View with courier font in notepad.

    Hopefully it will work.

    As you cna see its pretty messy to try to divide up. It goes through
    walls and floors etc. And there isnt much space where existing wires
    are. That what happens when someone says hey lets try this internet
    thing and it keeps expanding.

    What I really want to do is create two networks one that is for the
    students and one that is for the staff/faculty/office.

    Regards
     
    steve, Aug 14, 2008
    #15
  16. steve

    steve Guest

    Rats.

    Thanks ken.

    Strangely I cut and pasted and it worked. But those darn auto wrapping
    things in the news groups and in notepad sometimes screw things up.

    Thanks for your diagram. Your solution is the cleanest and best. Part
    of my problem is the fact that the network already exists. And its
    pretty much like a tree eg it starts at the trunk where the signal
    comes in and then brances off in all directions. Each brance has
    routers and switchs and wifi. To set up the network in your
    configuration really means re wireing a second cable to all the places
    that need wifi access. Perhaps not an impossible feat but none the
    less strenuous.


    Regards and thank you.
     
    steve, Aug 14, 2008
    #16
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.