0

I have a somewhat limited knowledge of network configuration, but would like to achieve something like the following:

  • have two work areas set up
  • the "admin" work area happens to be physically separate from the second "general" work area
  • the gateway to the IP cloud is physically located within the "admin" area
  • users in the "admin" area will be able to access all resources within the "admin" and the "general" work areas, as well as the internet
  • users in the "general" area will not be able to access any of the resources in the "admin" area
  • users in the "general" area will be able to access the internet

I would like to think this is possible with the use of subnets, but am not sure. Is anyone able to tell me if this is possible?

Many thanks.

Jon Pawley
  • 185

1 Answers1

3

With the exception of 'the gateway to the IP cloud is physically located within the "admin" area' which is a statement I would need clarified, the answer is yes.

Separating into subnets places a requirement that traffic crossing between the subnets passes through an ip router. ip routing is a common function to complement with tcp/ip filtering which defines what traffic may pass where, and under which conditions.

The rest is up to your equipment.

Physical separation (for instance using separate switches for admins and users )is one way of creating separation, and which is perhaps easiest to picture. Logical separation using vlans is another, which makes for equipment sharing and greater flexibility for change for instance. Using vlans makes for a steeper learning curve, so wheigh time requirements in.

The router would be a central node tying both networks together in both solutions. However, in a world where time is money, 'messing about with DD-WRT based router' sounds like a costly way of solving a business task.

Read more here:

How does IPv4 Subnetting Work?

How do VLANs work?

Community
  • 1
ErikE
  • 4,896