|Hi all. I'm hoping a network guru can help me out here. I have a network installation project at a client site and I've mentally mapped out how I plan to set it up. |
They already have a Verizon router set up and it must stay configured as the first device in the chain. They want "guest" users (i.e. those that connect to a WAP) to have no access to the computers on the Windows domain.
Here is the config. I'd like to know if anyone sees any problem with this and can point me in the right direction on a few questions below.
Chain of connectivity
Internet -> Verizon router -> Netgear router -> Switch -> Patch panel (server & workstations)
* Note: WAP devices would hang off Verizon router
- WAN port connects to internet
- Internal IP: 192.168.1.1
- DHCP on, range 192.168.1.2 – 100
- LAN port connects to Netgear WAN port
- WAN IP: 192.168.1.250
- DHCP off
- LAN port connects to Netgear switch
- LAN IP: 192.168.2.1
- LAN port connects to server and patch panel (workstations)
- IP: 192.168.2.2
- DHCP on, range 192.168.2.2 – 200
- IP: auto-assigned
- DNS server: ***192.168.2.2 or auto-assigned?***
- Gateway: 192.168.2.1
1. Do there appear to be any major problems with the above configuration that will make it not work?
2. The item marked *** above, what should the IP's be?
3. In this configuration, will computers connected to the Verizon router be able to see/access computers behind the Netgear router, since they are on different subnets? (I don't want them to be able to).
4. Vice versa, will computers behind the Netgear router be able to see/access computers connected to the Verizon router?
5. Computers connected to the Verizon router (192.168.1.x) will need to pull an IP from the DHCP server behind the Netgear router (192.168.2.x), and computers behind the Netgear router will need to send/receive internet traffic through the Verizon router. Should this "just work" with the above config or do either of the routers need any special configuration (DHCP relay, static routes, etc) in order to be able to pass traffic in and out?
6. If I wanted to add a WAP to the Verizon router (192.168.1.x), would I just hardwire it to a LAN port on the Verizon router and set it to get an IP automatically from the Verizon router, then disable DHCP on the WAP and set client computers to auto?