How to connect a routed network to a non-routed network

[GiZzO]

I just set up my Linksys BEFW11S4 V.2 (AP + Router /w 4-Port Switch). A wireless laptop and a wired comp sits behind the router. The router connects to the internet through another D-Link switch then to the cable modem. I wanna be able to connect to my current network that does not go through the router, it commincates through that same D-link Switch to share resources and printers and junk.

FYI: All comps are on Win XP

 

[ScottMac]

Going outbound from behind the router shouldn't be a problem. Going from "outside" the router in will be a pain, but can be done.

You have a couple options. You can set the outside ports for the applications to point inside to specific machines (one port, like FTP, points to one machine), or you can put ONE machine in the router's DMZ and it'll be accessable from the outside (everything, all ports).

The problem is that whatever you open up for the outside network, also allows anyone from the Internet to get to it as well. Everything on the outside (the other network, the Internet) is treated the same. If you open FTP for the other network, then the Internet population can see it too. There's no getting around it with the consumer-grade router/firewall/switch boxes (none that I know of).

Since the other network is exposed to the Internet all the time as well, connecting the two behind the firewall would be a big security risk. Once one machine is compromised, it's possible for the attacker to leapfrog from that machine to the others (depends on the attack).

Good Luck

Scott

 

[Pheran]

GiZzO,

Hopefully I'm understanding your setup correctly. Is there any reason you can't simply reverse your setup? In other words, connect your Linksys router directly to your cable modem, then uplink your D-Link switch to the Linksys. That way all your systems share a network segment with Internet access. That would probably be the simplest solution.

 

[GiZzO]

I should have mentioned security is not a big issue, everything important is stored on disk. Reason for the router is just to expand on my existing network that only allowed me 3 IP's (2 comps outside the router and 1 the router itself). I didn't wanna put these 2 comps behind the router because I didn't wanna deal with the problems it might have with some apps having problems connecting through it and maybe possible slower connection. The two other comps the wireless laptop and wired comp that sits behind the router I don't care about there security.