- Apr 17, 2001
- 3,650
- 0
- 76
I'm no networking expert, but am trying to maintain a quickly growing network at our small office. We believe we have a rather simple 'flaw' in our network, but are unsure what the 'fix' is. We're willing to buy whatever hardware we need, but don't know what that is.
We have a T1 line, which allows us the public static IP range: 216.#.#.144/29. We then have this tied into a simple "residential-grade" switch ("the switch").
One port of "the switch" goes into a Linksys WRT54G router ("LAN" side - 192.168.30.1), which then has one of it's "LAN" ports connected via a xover cable to the "WAN" port (216.#.#.146). We are using the WRT54G as a local router, managing all WAN traffic, which is sent through the router (192.168.30.1) to our WAN gateway (216.#.#.145).
"the switch" then has two ports going to two other switches in different parts of the building, each hosting public ips (216.#.#.#) and private ips (192.168.30.#). It also has a few (3) local devices tied into it (192.168.30.#).
-----------------------------------------------------------------
What we are wondering is:
1) Is there a security concern with having our private ip traffic and public ip traffic essentially all tied into the same switches?
2) What equipment do we need to replace "the switch", which will allow us all the routing we currently have, yet can be more secure?
We have a T1 line, which allows us the public static IP range: 216.#.#.144/29. We then have this tied into a simple "residential-grade" switch ("the switch").
One port of "the switch" goes into a Linksys WRT54G router ("LAN" side - 192.168.30.1), which then has one of it's "LAN" ports connected via a xover cable to the "WAN" port (216.#.#.146). We are using the WRT54G as a local router, managing all WAN traffic, which is sent through the router (192.168.30.1) to our WAN gateway (216.#.#.145).
"the switch" then has two ports going to two other switches in different parts of the building, each hosting public ips (216.#.#.#) and private ips (192.168.30.#). It also has a few (3) local devices tied into it (192.168.30.#).
-----------------------------------------------------------------
What we are wondering is:
1) Is there a security concern with having our private ip traffic and public ip traffic essentially all tied into the same switches?
2) What equipment do we need to replace "the switch", which will allow us all the routing we currently have, yet can be more secure?