Subnetting a Small Office Network

December 7, 2012 at 10:38:25
Specs: Windows 7
I work in a small office that uses one basic Linksys router (model EA4500) with a LAN IP of 192.168.1.1 and DHCP enabled. All the other network devices are either hardwired or wirelessly connected to this router. The company now wants to add another computer to this network to allow outside individuals the option to remote access in and test software installed on this particular computer.

Ideally, I'd like to separate this computer from the rest of the network for the sake of security. If I remember my basic networking correctly, this can be done by either setting up two VLAN and/or two subnets. Since the router is pretty basic, I'm ruling out the VLAN option since it doesn't appear that the stock firmware even supports it-- that leaves me with subnetting.

Now my understanding of subnetting is very limited so please bare with me. Based on the current size of the office, I can only imagine having a maximum of 50 devices on any given network at a time; thus using the 255.255.255.192 subnet mask make sense to me. With this setup, I'd like to have all the company's private resources located in the first subnet (192.168.1.1-62) and the new remote access computer on the 2nd subnet (192.168.1.65-126). Now for the questions...

Can this be done with one router? My assumption is no, but I figured I'd ask.

Assuming two routers are needed, how should they be setup? I'll describe my best guess, but please correct me if I'm wrong.

Router 1: (LAN)
IP: 192.168.1.1
Subnet Mask: 255.255.255.192
DHCP Enabled
DHCP Range: 192.168.1.3-62

Router 2: (WAN)
IP: 192.168.1.2
Subnet Mask: 255.255.255.192

Router 2: (LAN)
IP: 192.168.1.65
Subnet Mask: 255.255.255.192
DHCP Enabled
DHCP Range: 192.168.1.65

I'm assuming at this point, I'd connect Router 2's WAN port to one of Router 1's free LAN ports.

Please correct me if I have any errors in my logic here. I haven't purchased the 2nd router yet, and I'd like to wait on that until I have a clear understanding on if and how it would be used in this scenario. Thanks in advance for any help.


See More: Subnetting a Small Office Network

Report •


#1
December 7, 2012 at 13:10:27
You've got the general idea down but rather the supernet, I would just use a different subnet on router 2.

Your present router is more than likely setup as follows:
LAN:
IP: 192.168.1.1
Subnet Mask: 255.255.255.0

I would continue using /24 (ie: 255.255.255.0) and give router 2 the following:
WAN:
IP: 192.168.1.2
SM: 255.255.255.0
Default Gateway: 192.168.1.1

LAN:
IP: 192.168.2.1
SM: 255.255.255.0

You may want to click on my name above in this response and read my “how-to” guide titled, “Add a second router to your LAN

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#2
December 7, 2012 at 13:35:10
FYI but most SOHO routers don't support subnet masks past the basic A, B or C class subnets so a 255.255.255.192 wouldn't be supported. You would only be able to do 255.255.255.0 for example.

Given two routers you would not need to subnet anyway. Do note the remote access pc would need to be off router 1 which is directly connected to the internet. This segregation works because by default gateway there is only a route back out to the internet and not upstream to router2.

But this configuration is not secure.

All someone has to do is know router2's subnet and they can do a route add to get to it.

This is why putting in a managed switch and using two vlans instead of two routers is a more secure way of going.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

Related Solutions


Ask Question