Connecting two LAN's

S

Slow

Weaksauce
Joined
Mar 28, 2002
Messages
122
At work, in our administration building we have two LAN's. We'll call them the Company network and the Security Network. The Company network is connected to the internet via a T1 line and the Security network is connected to the internet via the Company network (Company network plugs into a router which plugs into a switch).

Should look something like this:

Internet--->Company Network--->Router--->Switch--->Security Network Computers

As everything is currently setup, the company network is unable to access security network computers and the security network is unable to access any company network computers. However they are physically attached.

The Problem:
A computer on the company network has an access database shared that I need to access from a single computer on the Security network. I would like to keep things as separated and secure as possible. Mainly I don't want computers from the company network being able to connect to any of the computers on the Security network.

Is this even possible? if so, how?


Thanks for any help.
 
What type of router, and can you post a configuration? (with ip and confidential info removed)
 
moetop said:
What type of router, and can you post a configuration? (with ip and confidential info removed)
Click to expand...


Well, there is the next problem. Up to this point we've just been using a standard D-link router (something you'd go to best buy and get, can't remember the exact model number). We're under the assumption that we'd need a more full-featured router to make this happen, I just don't know what I need the router to do, so I don't know what to buy (feel free to recommend something).

As for the configuration, I'm not currently at work, but it is nothing special. Each computer in our network is assigned a static IP and the router is only used to either allow or disallow port 80 and 443 based upon the computers IP address.

The company is stuck in the technological stone-age (mostly still running windows 98, one department still has Windows 95). Our department has succeeded from the rest of the company network (to form the Security Network) for two reasons: 1. we're trying to catch up technologically and the company was unwilling to budget money to upgrade the company network and 2. Security reasons - the information on our server needed to be separated as much as possible from the rest of the company network (windows 98 doesn't provide much network security).

All of the computers on the Security network are running either Windows 2000 or XP.
 
The Security network should be able to "talk" to the Main Network without issue, it is just NAT on the Dlink router letting the traffic through.....
 
gjvrieze said:
The Security network should be able to "talk" to the Main Network without issue, it is just NAT on the Dlink router letting the traffic through.....
Click to expand...

Right, I guess I am concerned about computers on the company network being able to access the security network. Right now the firewall on the Dlink is preventing any computer outside of the security network see our network. I'm afraid that if I change something so that I can access the company network, that it will open up our network?!?!

I'm somewhat networking challenged, so maybe it is not as big of a deal as I am making it out to be?!
 
Wow,still running Win98? Not even much budget for new hardware,eh? Windows XP has only been out for the last five years, and 98 is now 10 years old! Doesn't sound like there's really any chance of paying to have someone who knows what they're doing come in, eh? Glad to hear the section you're trying to secure is at least 2000 or XP. Anyhow, I digress.

If you're truly using a dlink, consumer class router, what you've got is a NAT device. By the way NAT devices work, you should be able to access resources on the non-secure network without allowing recipricol access, and you really shouldn't need to make any provisions to make this possible...
 
jpochedl said:
Wow,still running Win98? Not even much budget for new hardware,eh? Windows XP has only been out for the last five years, and 98 is now 10 years old! Doesn't sound like there's really any chance of paying to have someone who knows what they're doing come in, eh? Glad to hear the section you're trying to secure is at least 2000 or XP. Anyhow, I digress.

If you're truly using a dlink, consumer class router, what you've got is a NAT device. By the way NAT devices work, you should be able to access resources on the non-secure network without allowing recipricol access, and you really shouldn't need to make any provisions to make this possible...
Click to expand...

Yea, the state of our technology is, at best, laughable.

I guess I'm a bit confused on how I would access the company network from the security network!?

Keeping in mind that I am network-illiterate, if I browse the network via 'network neighborhood' I only see the Security network computers.
 
You could probably use the "Route" command and the "HOST" file if need be to allow the single PC to see a share on the other network.

It will take some reading up and experimenting on your part, but should be do-able.
 
You must log in or register to reply here.
Back
Top