David Coulson on 27 Jan 2013 07:58:57 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] dual networking question

because a church wants to maintain a linux firewall, right? :)

Wait until someone moves away, or is unavailable, and you have a huge mess on your hands. Better to make it really simple.

On 1/27/13 10:53 AM, Carl Johnson wrote:
one router with iptables and three interfaces should be all you need. you can keep both segments completely segregated, and/or pinhole the traffic between the two.

"Eric at Lucii.org" <eric@lucii.org> wrote: 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm meeting Monday morning with an IT consultant to discuss setting up dual wireless networks in our church.  One will be staff only and will have access to the network resources (printer, shared drives, etc. as well as the Internet.)  The other will be public access and only have access to the Internet.  The consultant has said that we'll need a second connection to the Internet (currently we have Comcast.)

I think he's wrong.  I think we can have two separate networks with different ip address ranges and the server (Windows Server 2008) will only allow one of those ranges to have access to the network resources.  Everybody would have access to the Internet.  My idea is that the staff network would be 192.168.1.x and the public network would be 192.168.100.x.  The staff wireless network would be the same ip range
as the Ethernet network in the office.

Am I right?  Can this be done this way?  Maybe we'll need two routers connected to the Comcast modem or configure the existing router (Linksys IIRC) to handle two network ip ranges?

Thanks,
Eric
- -- 
#  Eric Lucas
#
#                "Oh, I have slipped the surly bond of earth
#                 And danced the skies on laughter-silvered wings...
#                                        -- John Gillespie Magee Jr
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlEFTKMACgkQ2sGpvXQrZ/6DkgCgpK8bpuuP53pFstpzResDoriR
ekwAn3srg/KiTRD6McOzJsueAXdHWxOb
=QHag
-----END PGP SIGNATURE-----


Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug





Sent from my Motorola DynaTAC8000X 

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug


___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug