This will be a post, but with lots of stuff and questions if the [H] community can jump in.
I recently took a job at a private school in St. Pete, FL as their IT person as a favor for a friend. I have always worked by myself for the most part except for the typical IT vendors and such. I have my MCSE in 2012R2 and stopped there because my teaching duties took over more than my actual IT duties. I had AD setup with Exchange/Office 365 over the last 15 years. One of the schools I worked at had two locations that were connected via a Watchguard Firewall and both networks could see each other no issue. People just wanted their files and such.
Fast-forward 10 years we decided to pickup and move to St. Pete from Annapolis, MD to help my friend out where he is now head of school and I became his IT director. The last IT person was strictly a teacher who didn't know anything about networking (my weak area) I got the school a Microsoft Educational license to bring them into compliance as far as licensing goes. They had illegal copies of Office and a ton of machines that said "Windows needs to be activated" I also migrated them to a new AD domain on Server 2019 (They were running Server 2003R2) with ADSYNC running for their office accounts. We are keeping G-Suite and I will sync that in the future. I got all the teacher laptops upgraded from Win 7 to Win 10 Education because of the A3 O365 license. So on that end, no more login or printing issues and also no security problems about people being able to access files. The physical network at the school is very nice...Cisco switches that are less than a year old with a five year warranty. The internet connection is coax from Spectrum that is 100/10 decent, but could be faster. My firewall is another story, that is a Cisco 5510 with is EOL. So that is getting replaced with a Sophos XG310. The other building is a nightmare....
The other building has a decent internet connection from Spectrum with a static IP at 50/10. It serves 30 ipads, 8 laptop/desktop computers and two wireless access points. I have decided to migrate to Sophos for wireless because they are now cloud based. As far as networking equiplment, I will be using TP-Link POE switches (2600 series) connected via fiber foir QOS and other networking protocols. There will be 8 VOIP phones that will be handled by Frontier with a virtual trunk and will forward to our ancient PBX system at the main school and do internal calling, which we don''t have right now. Frontier said that FIber "Should" exist in my area as the guy said there are customers in the area that already have it. If not, I have to bump up the Spectrum speeds on both ends. The firewall I decided to get for the smaller school is a Sophos XG 135 r2.
My question is the following: My internal network at the school is a simple/flat 192.168.4.0 (,1 gateway, .2-.50 blocked off for servers, printers and networking gear) DHCP has a superscope of 192.168.4.51-192.168.5.250 with a subnet of 255.255.254.0 When I setup the new network across the street, can i give it a 192.168.1.x with the same subnet? If my thinking is correct, the vpn will route traffic, I will stick a small domain controller in the small school to handle DNS and login drive mapping issues (I plan on ruining DFS as I had at another job with two physical locations connected via a VPN so that the files can replicate)
Am I mental for thinking this or am I correct in my thinking? Windows used to have issues with VPN if there wasn't an NAT on the network to translate in earlier years and you needed a repeater. But with DNS working properly, I should have no issues at all. No?
I really need to keep this as simple as possible because I don't want to have to really tinker with anything because of my other duties at he school.
Thx for reading my long winded post. And I look forward to your answers.
I recently took a job at a private school in St. Pete, FL as their IT person as a favor for a friend. I have always worked by myself for the most part except for the typical IT vendors and such. I have my MCSE in 2012R2 and stopped there because my teaching duties took over more than my actual IT duties. I had AD setup with Exchange/Office 365 over the last 15 years. One of the schools I worked at had two locations that were connected via a Watchguard Firewall and both networks could see each other no issue. People just wanted their files and such.
Fast-forward 10 years we decided to pickup and move to St. Pete from Annapolis, MD to help my friend out where he is now head of school and I became his IT director. The last IT person was strictly a teacher who didn't know anything about networking (my weak area) I got the school a Microsoft Educational license to bring them into compliance as far as licensing goes. They had illegal copies of Office and a ton of machines that said "Windows needs to be activated" I also migrated them to a new AD domain on Server 2019 (They were running Server 2003R2) with ADSYNC running for their office accounts. We are keeping G-Suite and I will sync that in the future. I got all the teacher laptops upgraded from Win 7 to Win 10 Education because of the A3 O365 license. So on that end, no more login or printing issues and also no security problems about people being able to access files. The physical network at the school is very nice...Cisco switches that are less than a year old with a five year warranty. The internet connection is coax from Spectrum that is 100/10 decent, but could be faster. My firewall is another story, that is a Cisco 5510 with is EOL. So that is getting replaced with a Sophos XG310. The other building is a nightmare....
The other building has a decent internet connection from Spectrum with a static IP at 50/10. It serves 30 ipads, 8 laptop/desktop computers and two wireless access points. I have decided to migrate to Sophos for wireless because they are now cloud based. As far as networking equiplment, I will be using TP-Link POE switches (2600 series) connected via fiber foir QOS and other networking protocols. There will be 8 VOIP phones that will be handled by Frontier with a virtual trunk and will forward to our ancient PBX system at the main school and do internal calling, which we don''t have right now. Frontier said that FIber "Should" exist in my area as the guy said there are customers in the area that already have it. If not, I have to bump up the Spectrum speeds on both ends. The firewall I decided to get for the smaller school is a Sophos XG 135 r2.
My question is the following: My internal network at the school is a simple/flat 192.168.4.0 (,1 gateway, .2-.50 blocked off for servers, printers and networking gear) DHCP has a superscope of 192.168.4.51-192.168.5.250 with a subnet of 255.255.254.0 When I setup the new network across the street, can i give it a 192.168.1.x with the same subnet? If my thinking is correct, the vpn will route traffic, I will stick a small domain controller in the small school to handle DNS and login drive mapping issues (I plan on ruining DFS as I had at another job with two physical locations connected via a VPN so that the files can replicate)
Am I mental for thinking this or am I correct in my thinking? Windows used to have issues with VPN if there wasn't an NAT on the network to translate in earlier years and you needed a repeater. But with DNS working properly, I should have no issues at all. No?
I really need to keep this as simple as possible because I don't want to have to really tinker with anything because of my other duties at he school.
Thx for reading my long winded post. And I look forward to your answers.
Last edited: