• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Site with two LAN's - accessing eachother

N

naimcohen

Senior member
Hi guys,

I have a site with two LAN's and each with their own internet connection.

LAN 1 has all the office PC's, WiFi, etc and has a default gateway of 10.0.1.1 and subnet of 255.255.255.0 - the internet connection is fibre with 70 down and about 20 up. The router is an Apple Airport Extreme router.

LAN 2 has the CCTV NVR's connected, about 25 IP cameras and 2 PC's which are used for accessing the cameras and light internet use. The default gateway is 192.168.1.254 and subnet of 255.255.255.0 - the internet on this is 20 down and about 5 up. The router is a standard Netgear router, I think the N600

The question is, if people on LAN1 want to access the cameras, it currently has to go through the internet as they are not on the same network. This is slow and annoying especially as all the cameras are recording in HD 1080P.

Is there a way to link LAN2 to LAN1 so they can access the NVR's locally?

I would want the NVR's to use the internet and routing on LAN2 so it keeps all the traffic separate.

Is that possible and if so how?

Hope that's all clear!

Thanks
 
What you're looking for is a point-to-point VPN. Basically you're setting up an encrypted channel between Router A and Router B. However, it's still going "over the internet" to get from location to location, so it's not going to be any faster than whatever you're doing now, i'd be a little weary of streaming 1080p over a connection with 5Mbps up. I'm not sure if Apple Airport routers support point-to-point VPNs, the N600 probably doesnt with it's default firmware, but flashed with Tomato or DDWRT it should. Either way, I wouldn't really be trusting these consumer-level devices with keeping a stable VPN up. Once you have the VPN configured, you can take the next steps of configuring the routers to route traffic between the two LANs. If you have domains, you can also set up trust relationships between them so that everything works like one big, happy network.
 
Hi,

Thanks for the reply.

I should have meant that I can run a cable to connect the two networks together, therefore not using the internet but using it over the local network.

So LAN1 is able to access LAN2 devices (but no internet) over the network but LAN2 uses its own internet connection

Hope that's clearer

Thanks
 
Connect the 2 network routers together and have the routers export a route to each other. The netgear should be able to do that, no idea on apple since that is "advanced" in apples world. You will need a something to isolate the networks from each other if they have DHCP etc.
 
Does it need to be a direct connection? or can it be through a switch?

Any more info/guides on how to do this?

Thanks
 
It doesn't need to be direct. I am not sure of any guide that has your gear in it. The jist of it is you attach the routers, IP the interfaces and then set up routes to the other network. In reality you might not even need to connect both routers, and just have one acting as a gateway and putting some static routes in the 2 routers.

Basically attach the netgear to both networks. Give the interface in the computer network a valid IP address in the computer network. Then put static routes in the apple and netgear pointing to the other network.
 
Hmm seems a little confusing. Is there any guide you're aware of that I can take a look at and from there I should be able to figure it out?

Also, is there a name for what I'm trying to do?

Thanks!
 
imagoon said:
Connect the 2 network routers together and have the routers export a route to each other. The netgear should be able to do that, no idea on apple since that is "advanced" in apples world. You will need a something to isolate the networks from each other if they have DHCP etc.
Click to expand...

QFT, this is just routing. If you only had two switches you'd just throw a router between them and use it to handle your internet connection.

Set up a 192.x.x.x route out the one interface and a 10.x.x.x route out the other interface to the proper switches. On each switch setup the router as a the default gateway.

done.
 
I would use vlans.

Internet => router/firewall => managed switch with 2 vlans => both networks

You could then set the appropriate firewall rules for communication between both networks to access only what is needed.
 
Red Squirrel said:
I would use vlans.

Internet => router/firewall => managed switch with 2 vlans => both networks

You could then set the appropriate firewall rules for communication between both networks to access only what is needed.
Click to expand...

That would require changing his whole infrastructure.

If you have two switches you don't need to go to VLANs really you have real LANS.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top