- Mar 11, 2008
- 358
- 1
- 81
Ok I need some suggestion on the best way to accomplish the following. This is at the small company I work for. We purchased a building that has two additional suites which just got tenants renting them. We will be sharing our internet with each suite. I will describe what need, and would appreciate the best way you can think to accomplish this. I have few hundred dollars to spend on gear if needed.
1) We have two hard lines run from our network closet, one to each tenants space. Assume that each tenant will like have there own typical home/smb wifi router as the end point which they will have control over.
2) EACH tenant will be assigned one of our unused STATIC IPs so each suite will have all traffic a separate assigned static IP.
3) EACH tenant MUST have bandwidth limits imposed that simply throttles all traffic. Not your typical QoS based on service or IP/mac, just straight throttling.
4) EACH tenant must be obviously be isolated network wise from each other and us, either by port grouping/vlans, or just connecting outside of firewalls.
In our closet we have switches provided by our ISP with unfiltered connections outside our firewall which we can use to hook up other gear/use other static IP's with. I'm look for best and simplest way to accomplish the above.
The absolute simplest way I could think of was be introducing some kind of managed switch that could do a per port or per IP bandwidth throttling and just go straight to each tenant router and give them the outside static IP's directly for their respective WAN ports. If that is not possible I was thinking some kind dual WAN router we control perhaps. But I'd also want to be able to open up all traffic and ports through the router, perhaps just DMZ from BOTH WAN ports to each tenants respective router. In this case our router would have static IP's from our ISP and would also need to be able to bandwidth throttle. Not sure if this would potentially cause any double NAT issues.
Anyways....thoughts on best/simplest way? Thanks.
1) We have two hard lines run from our network closet, one to each tenants space. Assume that each tenant will like have there own typical home/smb wifi router as the end point which they will have control over.
2) EACH tenant will be assigned one of our unused STATIC IPs so each suite will have all traffic a separate assigned static IP.
3) EACH tenant MUST have bandwidth limits imposed that simply throttles all traffic. Not your typical QoS based on service or IP/mac, just straight throttling.
4) EACH tenant must be obviously be isolated network wise from each other and us, either by port grouping/vlans, or just connecting outside of firewalls.
In our closet we have switches provided by our ISP with unfiltered connections outside our firewall which we can use to hook up other gear/use other static IP's with. I'm look for best and simplest way to accomplish the above.
The absolute simplest way I could think of was be introducing some kind of managed switch that could do a per port or per IP bandwidth throttling and just go straight to each tenant router and give them the outside static IP's directly for their respective WAN ports. If that is not possible I was thinking some kind dual WAN router we control perhaps. But I'd also want to be able to open up all traffic and ports through the router, perhaps just DMZ from BOTH WAN ports to each tenants respective router. In this case our router would have static IP's from our ISP and would also need to be able to bandwidth throttle. Not sure if this would potentially cause any double NAT issues.
Anyways....thoughts on best/simplest way? Thanks.