Hey guys,
Have a setup question regarding proper protocol to having a secure video feed from IP cameras and keeping it completely isolated from the larger network. I'll first start off that I only know enough about networking to be dangerous....far from a professional.
So I purchased a Dell SonicWall NSA 3600 firewall router for our office. I have it all set up with VPN and pretty well locked down. Problem is, I installed a security camera system that has IP ability to be visible from the outside world. My boss wants me to put it on the net so he can check up on the office if/when we get calls from our alarm company (not sure why it happens, but it does).
Anyway, my thoughts about installation are as follows: I'd like to keep our current LAN on a completely different network/subnet. I believe the NSA 3600 has the capability to do this (it's a $2000+ router with many assignable ports). We also have 5 static IP's from our ISP. So I'd like our LAN to utilize one static IP address, while the camera system would utilize another....either via direct WAN IP assigned straight to the DVR or via a second LAN dedicated to the IP video system using a second static WAN IP. If utilizing a secondary subnet LAN, then i'd just open up the appropriate ports to allow outside connections to the one LAN ip on that subnet (the IP video system is literally the only thing that would be connected to that LAN).
Problem is, the NSA 3600 doesnt seem to want to allow the port I assigned as "WAN 2" to use the same subnet mask as the primary "WAN 1". It tells me there's a conflict or overlap, so I dont know how to assign a secondary static WAN to a secondary LAN.
Am I even going about this the right way? I've read that I should be using VLAN's for this but I have never created one and I feel I'd have to learn quite a bit in order to set it up this way, when the NSA 3600 seems that it should be able to do what I want using the Hardware's assignable ports. Yes, our managed switches (HP ProCurves) can handle VLANs. I'm just hoping to avoid taking this route.
Any advice or direction? Something tells me that all I need to do is create the WAN 2 and connect the DVR, and assign the DVR the static WAN IP. But the NSA isnt liking the identical WAN 2 subnet.
Any help or insight would be much appreciated.
Thanks
Have a setup question regarding proper protocol to having a secure video feed from IP cameras and keeping it completely isolated from the larger network. I'll first start off that I only know enough about networking to be dangerous....far from a professional.
So I purchased a Dell SonicWall NSA 3600 firewall router for our office. I have it all set up with VPN and pretty well locked down. Problem is, I installed a security camera system that has IP ability to be visible from the outside world. My boss wants me to put it on the net so he can check up on the office if/when we get calls from our alarm company (not sure why it happens, but it does).
Anyway, my thoughts about installation are as follows: I'd like to keep our current LAN on a completely different network/subnet. I believe the NSA 3600 has the capability to do this (it's a $2000+ router with many assignable ports). We also have 5 static IP's from our ISP. So I'd like our LAN to utilize one static IP address, while the camera system would utilize another....either via direct WAN IP assigned straight to the DVR or via a second LAN dedicated to the IP video system using a second static WAN IP. If utilizing a secondary subnet LAN, then i'd just open up the appropriate ports to allow outside connections to the one LAN ip on that subnet (the IP video system is literally the only thing that would be connected to that LAN).
Problem is, the NSA 3600 doesnt seem to want to allow the port I assigned as "WAN 2" to use the same subnet mask as the primary "WAN 1". It tells me there's a conflict or overlap, so I dont know how to assign a secondary static WAN to a secondary LAN.
Am I even going about this the right way? I've read that I should be using VLAN's for this but I have never created one and I feel I'd have to learn quite a bit in order to set it up this way, when the NSA 3600 seems that it should be able to do what I want using the Hardware's assignable ports. Yes, our managed switches (HP ProCurves) can handle VLANs. I'm just hoping to avoid taking this route.
Any advice or direction? Something tells me that all I need to do is create the WAN 2 and connect the DVR, and assign the DVR the static WAN IP. But the NSA isnt liking the identical WAN 2 subnet.
Any help or insight would be much appreciated.
Thanks
Facebook
Twitter