My company’s network contains various LAN workstations and Servers, controlled by a Smoothwall firewall/gateway.
Currently the Smoothwall routes outbound traffic automatically to an ADSL model (it can’t have a new network card sadly, so can’t load balance). Incoming traffic is routed, and must remain routed, through the ADSL connection to various servers.
We want to get a Virgin Fibre Broadband line and for users to be able to use this connection, if they wish, whilst also being able to use the current ADSL connection.
I know I can turn off DHCP on the new router and configure workstations, manually, to use this gateway. I have done this before. However, people will be coming in and out of the business (guests and employees) who will use the wireless connection (phones/tablets/laptops included) and they don’t want to (and sometimes can’t) change their IP settings constantly, on devices where it might not be very easy.
What I want, is for uses on a wireless connection (new is fine) to default to using the new gateway/router, without impacting the existing, complex (somewhat precarious) structure and for wired users to be able to use the new gateway/router (with manual configuration I suppose) or the existing/default gateway/router (Smoothwall box).
I can’t make any changes to this Smoothwall box, or servers, including replacing them.
I can make any changes to workstations and insert additional devices (wireless access points/routers etc).
I wasn’t sure if I could create a second network, somehow, that can route outbound traffic through the second line, while also being accessible by the existing network (manual configuration).
Basically, I can add to the structure, but I cannot take away.
Answer
I’m assuming you currently have all your devices in a single segment (everything connected to a switch) and that the switch/firewall/gateway devices related to the servers should be remain unchanged.
With that in mind, you can add a new router with 3 interfaces:
- int0 – connected to the old switch that has the servers and ADSL gateway
- int1 – connected to the new switch for the office wired network
- int2 – the wireless network
The reason for segregating the old network to a separate segment is to avoid broadcast (like DHCP requests) from reaching the office workstations. You can leave DHCP enabled in the Smoothwall device and it won’t interfere with the DHCP server in the wireless/office network.
You can also have the new router with only 2 interfaces and have a separate Access Point connected to the office switch for wireless users.
Attribution
Source : Link , Question Author : Dom , Answer Author : Giovanni Tirloni
