Hey all, I'll try to explain the best i can what i need to do, I currently have to deploy a network on which there are going to be Administrators and Clients, I want them both to connect to the Internet (DSL Connection, Modem configured as Bridge). My current network topology is like this: Modem(Bridged) > Linux Server > Switchpanel > Desktops; Swithcpanel > Wireless Routers (linksys) > Laptops. The Linux Server (thinking of CentOS 5.1) currently works as Dialer and DHCP server. Basically the desktops are Administration Computers but also some of the laptops. All the clients are notebooks and connect to the wireless routers. What I need is to share the inernet connection between both, but I don't want the Clients computers on the same network as the adminitration computers as of security, I dont want the clients seeing the files shared between administrators (Windows XP computers), They are all currently on the same subnet 192.168.1.X, thats why clients can see the files and even connect to the server i want to block that, How can I do this? Also should I install CentOS as LAMP, as im also thinking of using it as a firewall and using backuppc which has a web interfence to back up all administration computers on the server. Thanks in Advanced Isaac
Well the easiest way to archieve this is having a swtich/router supporting VLANs. Then you'd have three, one for the Internet, one for the Adminmachines and one for the "rest". For the wireless you either have to find a router with intergrated WLAN supporting multiple SSIDs to also split the WLAN or you connect two WLAN routers to the switch, one to the admin-LAN and one to the rests'. A DSL-Router that would have such features could be sth. from Funkwerk (formerly Bintec) or more expensive from Juniper / Cisco. Those routers do not have that much Ports so you might need switches anyway.
Ben Thanks for the replay, actually my hardware installation has already been done by the staff who was before me, they did a horrible job setting it up this way. I just started working here and really want to make it better. the problem is that it is already up and running so i cant do a lot of hardware changes. After I read you post, i got an idea, my DSL modem is 2wire 2071, I currently have it configured as bridge but i cant return it as dialer and router and was thinking what happens if i connect the router directly to the switch then pull a connection from the switch to the server which has two ethernet cards and use the server as a second dhcp for administrators and let the router manage the wireless connections???? DSL MODEM > Switch 1 > SERVER > Switch 2 > Admin Computers """""""""""""""" > Switch 1> Linksys Routers > Wireless but then i need to check which nodes go from the switch to the linksys router and which nodes go from the switch to desktops? I Have two 3com 24 ports switches is it ok configured as i mapped it just above? Thanks Isaac
From the above mentioned setup this would work, you just have to make sure, that the server denies requests from the WLAN IP-Range. If the server has two interfaces you could also use the server as router, and connect the Linksys + the Adminswitch to the server.
This is can be done with linux firewall, right? The desktops PC will have static IPs i will configure them manually ranging from 192.168.1.2 - 192.168.1.15, the rest will be for DHCP. (Im thinking for the admin notebooks to register there MAC and give them there ip based on that so they stay on the admin range). This was my inital thought but could you elaborate a little more on this idea?? maybe put a little diagram, in how to do it?, what configurations do i need? and any other thing i could be missing? I still want to do it this way. By the way I decided to stick with Fedora 8 Thanks Isaac
