Solved Sharing across two networks in same office

Microsoft Windows 2003 server - 5 users
August 6, 2011 at 16:29:20
Specs: Windows Server 2003, 8GB
My workplace currently has one AD Forest. Slowly we have drifted in to two slightly separate businesses and my boss wants us to create a new AD Forest and segregate the users doing each business. Although we will all be in the same office, each side will authenticate to a different DC. The problem is, that we have some resources that still need to be shared and I would like to share them as eloquently as possible without converging the networks too much.

The two networks will be in the same server rack but they will logically appear as this:

Forest1.local (original)
Cable Internet -- Router A (192.168.1.x) -- 48-port switch A -- PC/Phones/Domain Controller A

Forest2.local (new)
Cable Internet -- Router B (10.1.1.x) -- 48-port switch B -- PC/Phones/Domain Controller B

The problem I have is that the users in the "new" network need access to a shared folder, shared customer DB, and shared printers on the original Domain Controller, named "DC A" above. I have complete control over both networks but cant figure it out the best way.

My main concern is physical access between the networks. How will a pc on the 10.1.1.x network know where printer is? I thought about creating a forest trust in order to assign proper permission but how will they resolve the names on a different subnets? The two "routers" are just simple SOHO type routers so I cant do much there.

I thought about connecting the two switches together but dont know if that would work. Wouldnt the data just get passed to the default gateway (router) anyway. The router would then just drop it. I also though about using the 2nd NIC in each DC and connecting them in each other's subnet. But again Im not sure if it matters if the DC's can reach each other or if the PC's would have to be able to reach the other subnet etc. I also thought about just creating some kind of VPN (hamagachi) or whatever to go out into the internet then back into the other router to the network.The problem is wouldnt every computer wanting to access the shared folder have to have this setup. I would like to limit setting things up on workstations and just limit config to the DC's if possible.

Any help would be greatly appreciated. I cant figure this out for the life of me. I basically just want users in subnet two to be able to map a drive and access printers on DC in subnet one.


August 6, 2011 at 17:38:37

That should get you started.

August 7, 2011 at 05:21:27
✔ Best Answer
The only way two distinctly separate networks can communicate is through a router with static routes between subnets.

August 7, 2011 at 16:34:39
Thanks curt! I think i will attempt to connect the two routers. I want to attempt to keep each on separate broadcast domains and each to have there own Internet still. Since these are both SOHO routers and the 4 non-wan ports are really just switches this would mess up DHCP and other broadcast stuff. Right?

Is it possible to route between the ports on the "switch" part of a SOHO routers? I think one can handle VLAN's, could I put in a static route or does it just depend on the routers? I have 1 Cisco/Linksys RSV4000 and 1 Dlink DIR-650. I learned networking on so-called traditional routers and switches so these SOHO router/switch/bridges confuse me on logic,

Thanks again for the replies!

