Network routing, maybe I am confused!

Started by szuguan, November 08, 2023, 08:12:59 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

szuguan

November 08, 2023, 08:12:59 PM
Dear all,

I have a situation here:

- DHCP is managed by a Windows Domain Controller.
- I have a sophos xg210 firewall.
- I have a Dlink DGS-1510-28X network switch, assumed this is "A"
- I have another 2 network switches, assumed these are "B" and "C"
- A, B and C are linked.
- Please refer to attachment (Pciture 1).

I already set a vlan in the Dlink switch(port 1 to 6) and the vlan port is able to issue ip addresses to devices connected
to these ports(port 1 to 6).

My question is:
I don't know what the next configuration to do to let those devices connected to ports 1 to 6 have internet access and access my local network.

*I may ask more questions along the way, please bear with me, and be patient. Thank you so much ;)





deanwebb

#1
November 09, 2023, 08:40:15 AM
If the Windows DC is doing DHCP, then each switch with devices that need a DHCP address should have a setting that points to the DC as the DHCP server. The setting would be for an "IP Helper" or "DHCP Relay". If another device is handing out DHCP addresses, that can lead to a conflict with the Windows server.

"Next step" is either what the business needs are. If you're not in a business and this is a lab, then it's to set up a scenario you want to work with. If it is your lab, I'd make sure that the firewall is set to block incoming traffic from the nasty old Internet. :)
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

szuguan

#2
November 13, 2023, 07:13:46 PM
Hi, please refer to this new "picture 2". It is more clear on what I want to achieve and my current network setup.

Please guide/advise me, thank you.

szuguan

#3
November 13, 2023, 07:17:51 PM
Quote from: deanwebb on November 09, 2023, 08:40:15 AMIf the Windows DC is doing DHCP, then each switch with devices that need a DHCP address should have a setting that points to the DC as the DHCP server. The setting would be for an "IP Helper" or "DHCP Relay". If another device is handing out DHCP addresses, that can lead to a conflict with the Windows server.

"Next step" is either what the business needs are. If you're not in a business and this is a lab, then it's to set up a scenario you want to work with. If it is your lab, I'd make sure that the firewall is set to block incoming traffic from the nasty old Internet. :)

So glad to have your reply, thank you.
With my current network setup, I want to let those devices connected to vlan 1 have internet access, refer "picture 2".
Possible? Or you have better/easier suggestion?

deanwebb

#4
November 14, 2023, 01:54:05 PM
Granting that VLAN access would be a matter of making sure the routing tables on the switch and firewall (or just firewall if the switches have no routing functions on them) are able to reach the VLAN. If they can, then it can be permitted Internet access with proper firewall configuration - likely defining that VLAN as part of the inside or trusted zone on the firewall.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.
Print
Go Up Pages1
User actions