How to Connect 2 Different LAN

jaabi379 · Apr 9, 2013

I'm in a Office where 192.168.2.1 Network with a Router and Switch with 10 people. On the Same Floor, there is another Company, with 192.168.1.1 Network with a Router and switch with 16 People. Both Company is Under One Management. Then also using different Internet.

Now planning to Purchase FOCUS ERP Software with One License to use on both Company.

How can I connect this two network, so when I ping from 192.168.1.1 to 192.168.2.1 , I get Pinged?

Please help. I can pull the Network cable from here to there.

UrbanMyth · Apr 9, 2013

jaabi379 :

Assume
Gateways are 192.168.1.253 and 192.168.2.253
New server on 192.168.1.252

You need a "route" between the two networks that is set up on the routers. Your routers are key, as generally only enterprise class routers support what you need:

On the ..1. network where the new server is, one port on the router need to be given a reserved IP address from the ..2. network - call it 192.168.2.251. NOTE this is a PORT on the 192.168.1.253 router. Cable this port back to the switch on the ..2. network.

On the ..2. network you then need to define a route for traffic from that network to traverse to the new server .1.252 VIA the port on the ..1. network you just set up (192.168.2.251). Depending on the router, that might need to be an entry for each client, or an overall route on a mask...

I've done this on Nortel kit connected to just about anything, and using WatchGuards. It is possible to do the routing at a point inside the router if you have a hardware proxy or firewall with added capabilities.... I believe it's also possible using small specialist routers running pfsense/iptables/monowall etc which are *way* cheaper than WatchGuards or Nortel routers

.

Good luck

s-h-a-w-n · Apr 9, 2013

Yes you can,

You only have to chose which internet you will use, you have to choose only one intrnet and that is going to be your default gateway. This way you will have two connections, wit the internet you choose.

Else, if you use DHCP for both connections, you have no control on which internet you will use since your computer will choose it for you.

eibgrad · Apr 10, 2013

If these are independent networks, you can connect them to each other like any other networks, using an ordinary router! Let’s call it the “shared” router. The tricky part is properly configuring it.

You connect the WAN of the shared router to a LAN port on the router of network 192.168.1.x, and connect a LAN port of the shared router to a LAN port on the router of network 192.168.2.x.

[192.168.1.1](lan)<-- wire -->(wan)[shared router](lan)<-- wire -->(lan)[192.168.2.1]

So now you have a physical path between the networks. The shared router acts as a gateway between them. The problem is that clients of either network don’t know that this gateway exists. By default, any network whose whereabouts are unknown will result in the client passing the request to its default gateway (usually its own router). But the router doesn’t know where the other network is either. So you need to add static routes to each network’s router so it can locate the other network, using either the WAN or LAN IP of the shared router, as appropriate. Also disable the shared router's DHCP server (we're not using it to support its own local network, it's ONLY a gateway). Finally, it works a lot smoother and easier if you drop the firewall on the shared router and disable NAT.

It sounds more complicated than it really is. All you’re really doing is defining a new gateway and using a third router to support it, and updating each network’s router so clients of that network can find that gateway and thus access clients of the other network.

s-h-a-w-n · Apr 10, 2013

I have not interpreted the question the same way...

eibgrad · Apr 10, 2013

s-h-a-w-n :

That's always a problem, understanding exactly what the OP wants. To me, it sounds like a simple problem of needing access between two different networks, both in the same physical location, but each using their own router, modem, etc. And if all you want to do is route between them, you use a router. Simple.

But hey, I could have very well have misinterpreted it myself. Only the OP knows for sure.

s-h-a-w-n · Apr 10, 2013

Indeed!
The best solution would be the one that is easier for him.

the great randini · Apr 10, 2013

http://superuser.com/questions/172501/static-ip-and-dhcp-on-the-same-network-adapter-in-windows-7

jaabi379 · Apr 11, 2013

eibgrad :

If these are independent networks, you can connect them to each other like any other networks, using an ordinary router! Let’s call it the “shared” router. The tricky part is properly configuring it.

You connect the WAN of the shared router to a LAN port on the router of network 192.168.1.x, and connect a LAN port of the shared router to a LAN port on the router of network 192.168.2.x.

[192.168.1.1](lan)<-- wire -->(wan)[shared router](lan)<-- wire -->(lan)[192.168.2.1]

So now you have a physical path between the networks. The shared router acts as a gateway between them. The problem is that clients of either network don’t know that this gateway exists. By default, any network whose whereabouts are unknown will result in the client passing the request to its default gateway (usually its own router). But the router doesn’t know where the other network is either. So you need to add static routes to each network’s router so it can locate the other network, using either the WAN or LAN IP of the shared router, as appropriate. Also disable the shared router's DHCP server (we're not using it to support its own local network, it's ONLY a gateway). Finally, it works a lot smoother and easier if you drop the firewall on the shared router and disable NAT.

It sounds more complicated than it really is. All you’re really doing is defining a new gateway and using a third router to support it, and updating each network’s router so clients of that network can find that gateway and thus access clients of the other network.

jaabi379 · Apr 11, 2013

I think, this is the easiest one. but what IP i want to give to the shared router?

Also how to do static route, please put an example. i am not that much experienced.

Also what you mean by "drop firewall" ? There is no separate firewall or anything here. Also don't have a server also.

All is just like some computers we connected to a switch and switch to normal router from the Etisalat (provider).

eibgrad · Apr 11, 2013

jaabi379 :

You assign a static IP to the WAN and LAN interfaces that’s valid on the network each happens to be facing.

Let’s assume the two networks are 192.168.1.x and 192.168.2.x. The WAN side of the shared router must face one of those networks, while the LAN side must face the other. Let’s assume the WAN faces the 192.168.1.x network, and the router used by the 192.168.1.x network is assigned 192.168.1.1. Assuming it’s available, assign the WAN ip of the shared router 192.168.1.2. Similarly, let’s assume the LAN faces the 192.168.2.x network, and the router used by the 192.168.2.x network is assigned 192.168.2.1. Assuming it’s available, assign the LAN ip of the shared router 192.168.2.2.

You’re just giving the shared router valid IPs on its WAN and LAN interfaces so it’s addressable from each network.

jaabi379 :

Most (but not all) routers will let you add static routes using the router’s GUI. You need to add static routes because the routers used by the respective networks (192.168.1.1 and 192.168.2.1 in our example) don’t know that a gateway between the two networks even exists.

Continuing w/ our example IP assignments, we go to the GUI of the 192.168.1.1 router and add the following static route:

Destination: 192.168.2.0
Mask: 255.255.255.0
Gateway: 192.168.1.2

What this says is, any ip address in the 192.168.2.x network should be routed to the gateway at 192.68.1.2 (the WAN ip of the shared router we assigned previously).

Similarly, we go to the GUI of the 192.168.2.1 router and add the following static route:

Destination: 192.168.1.0
Mask: 255.255.255.0
Gateway: 192.168.2.2

What this says is, any ip address in the 192.168.1.x network should be routed to the gateway at 192.68.2.2 (the LAN ip of the shared router we assigned previously).

So now, anytime a client on either network refers to an ip address that resides on the other network, those clients will pass the traffic to their respective default gateways (which is the router on their respective networks), which in turn will pass the traffic to our shared router, because each router now KNOWS how to reach the other network thanks to our static routing.

Admittedly, a lot of this sounds more complicated than it really is because we’re describing this in text rather than pictures, but hopefully some of it is sinking in.

jaabi379 :

The firewall I was referring to was that of the shared router. By default, most routers block all traffic from the WAN side into the LAN side, while allowing traffic to flow freely from the LAN side to the WAN side. It would make sense to drop/disable the shared router’s firewall in this case. We want traffic to flow freely in either direction. If both these networks are going to share resources, they should be considered ”friendly” to each other, making the use of a firewall between them unnecessary. But if you want to use the firewall and restrict access between them (e.g., only allow specific IPs to talk to each other), you certainly have that option. But at least for initial setup purposes, it’s a lot easier to configure everything and make sure it’s working if you disable the shared router’s firewall.

jaabi379 :

Sorry, I don’t understand the question (or if it even is a question).

billbrach · Apr 12, 2013

It seems like to me, that eibgrad's solution will work. The only issue I see is that some crossover cables are required to hook LAN ports of 2 routers together.

Maybe eibgrad might was to clarify this ??

GREAT forum and GREAT answers BTW !!

eibgrad · Apr 12, 2013

Crossover cables are rarely necessary these days. Virtually all modern networking equipment (since ~2006) has supported auto-mdix, which will automatically configure the connection appropriately using standard ethernet cabling. You don't even need auto-mdix on both devices, just having ONE endpoint w/ auto-mdix is sufficient.

I also was to stress again (which I did mention initially), the shared router should have NAT disabled! You don't want the shared router altering network packets as traffic flows between the WAN and LAN in this configuration.

billbrach · Apr 12, 2013

Oh, I just *wish* all my routers were newer than 2006 models !! I live in the world of small mom and pop businesses, where the newest bells and whistles aren't always necessary or needed.

Crossover cables would work on older -and- newer routers as well.

jaabi379 · Apr 15, 2013

eibgrad :

jaabi379 :

You assign a static IP to the WAN and LAN interfaces that’s valid on the network each happens to be facing.

Let’s assume the two networks are 192.168.1.x and 192.168.2.x. The WAN side of the shared router must face one of those networks, while the LAN side must face the other. Let’s assume the WAN faces the 192.168.1.x network, and the router used by the 192.168.1.x network is assigned 192.168.1.1. Assuming it’s available, assign the WAN ip of the shared router 192.168.1.2. Similarly, let’s assume the LAN faces the 192.168.2.x network, and the router used by the 192.168.2.x network is assigned 192.168.2.1. Assuming it’s available, assign the LAN ip of the shared router 192.168.2.2.

You’re just giving the shared router valid IPs on its WAN and LAN interfaces so it’s addressable from each network.

jaabi379 :

Most (but not all) routers will let you add static routes using the router’s GUI. You need to add static routes because the routers used by the respective networks (192.168.1.1 and 192.168.2.1 in our example) don’t know that a gateway between the two networks even exists.

Continuing w/ our example IP assignments, we go to the GUI of the 192.168.1.1 router and add the following static route:

Destination: 192.168.2.0
Mask: 255.255.255.0
Gateway: 192.168.1.2

What this says is, any ip address in the 192.168.2.x network should be routed to the gateway at 192.68.1.2 (the WAN ip of the shared router we assigned previously).

Similarly, we go to the GUI of the 192.168.2.1 router and add the following static route:

Destination: 192.168.1.0
Mask: 255.255.255.0
Gateway: 192.168.2.2

What this says is, any ip address in the 192.168.1.x network should be routed to the gateway at 192.68.2.2 (the LAN ip of the shared router we assigned previously).

So now, anytime a client on either network refers to an ip address that resides on the other network, those clients will pass the traffic to their respective default gateways (which is the router on their respective networks), which in turn will pass the traffic to our shared router, because each router now KNOWS how to reach the other network thanks to our static routing.

Admittedly, a lot of this sounds more complicated than it really is because we’re describing this in text rather than pictures, but hopefully some of it is sinking in.

jaabi379 :

The firewall I was referring to was that of the shared router. By default, most routers block all traffic from the WAN side into the LAN side, while allowing traffic to flow freely from the LAN side to the WAN side. It would make sense to drop/disable the shared router’s firewall in this case. We want traffic to flow freely in either direction. If both these networks are going to share resources, they should be considered ”friendly” to each other, making the use of a firewall between them unnecessary. But if you want to use the firewall and restrict access between them (e.g., only allow specific IPs to talk to each other), you certainly have that option. But at least for initial setup purposes, it’s a lot easier to configure everything and make sure it’s working if you disable the shared router’s firewall.

jaabi379 :

Sorry, I don’t understand the question (or if it even is a question).

jaabi379 · Apr 15, 2013

eibgrad :

jaabi379 :

You assign a static IP to the WAN and LAN interfaces that’s valid on the network each happens to be facing.

Let’s assume the two networks are 192.168.1.x and 192.168.2.x. The WAN side of the shared router must face one of those networks, while the LAN side must face the other. Let’s assume the WAN faces the 192.168.1.x network, and the router used by the 192.168.1.x network is assigned 192.168.1.1. Assuming it’s available, assign the WAN ip of the shared router 192.168.1.2. Similarly, let’s assume the LAN faces the 192.168.2.x network, and the router used by the 192.168.2.x network is assigned 192.168.2.1. Assuming it’s available, assign the LAN ip of the shared router 192.168.2.2.

You’re just giving the shared router valid IPs on its WAN and LAN interfaces so it’s addressable from each network.

jaabi379 :

Most (but not all) routers will let you add static routes using the router’s GUI. You need to add static routes because the routers used by the respective networks (192.168.1.1 and 192.168.2.1 in our example) don’t know that a gateway between the two networks even exists.

Continuing w/ our example IP assignments, we go to the GUI of the 192.168.1.1 router and add the following static route:

Destination: 192.168.2.0
Mask: 255.255.255.0
Gateway: 192.168.1.2

What this says is, any ip address in the 192.168.2.x network should be routed to the gateway at 192.68.1.2 (the WAN ip of the shared router we assigned previously).

Similarly, we go to the GUI of the 192.168.2.1 router and add the following static route:

Destination: 192.168.1.0
Mask: 255.255.255.0
Gateway: 192.168.2.2

What this says is, any ip address in the 192.168.1.x network should be routed to the gateway at 192.68.2.2 (the LAN ip of the shared router we assigned previously).

So now, anytime a client on either network refers to an ip address that resides on the other network, those clients will pass the traffic to their respective default gateways (which is the router on their respective networks), which in turn will pass the traffic to our shared router, because each router now KNOWS how to reach the other network thanks to our static routing.

Admittedly, a lot of this sounds more complicated than it really is because we’re describing this in text rather than pictures, but hopefully some of it is sinking in.

jaabi379 :

The firewall I was referring to was that of the shared router. By default, most routers block all traffic from the WAN side into the LAN side, while allowing traffic to flow freely from the LAN side to the WAN side. It would make sense to drop/disable the shared router’s firewall in this case. We want traffic to flow freely in either direction. If both these networks are going to share resources, they should be considered ”friendly” to each other, making the use of a firewall between them unnecessary. But if you want to use the firewall and restrict access between them (e.g., only allow specific IPs to talk to each other), you certainly have that option. But at least for initial setup purposes, it’s a lot easier to configure everything and make sure it’s working if you disable the shared router’s firewall.

jaabi379 :

Sorry, I don’t understand the question (or if it even is a question).

jaabi379 · Apr 15, 2013

Thanks a Lot for the well described answer from eibgrad. Thanks a lot my friend.

markspend001 · Apr 16, 2013

Hey Guys according to that topic i think that for connecting 2 different LAN is like a complex working and those whose are handy on their field can do it easily.For knowing about that connection must visit that url:

internetdunia.com/internet/how-to-connect-two-computers-of-two-different-lan-networks/1577/

navi_srao · Sep 27, 2013

connect lan port of both the routers OR connect swithes of both the networks with the help of a lan cable
systems connected to 1st router should have ip address 192.168.1.2-99 sub-net of 255.255.255.0 and gateway 192.168.1.1
systems connected to 2nd router should have ip address 192.168.1.101-200 subnet of 255.255.255.0 and gateway 192.168.1.100
simple
both local networks are connected and can share files and printers and can use different internet
dhcp should be disabled in both the routers.
I had done this in my office and is working fine.
AND PLEASE MAKE SURE TOTAL NO. OF SYSTEMS IN BOTH NETWORKS IS LESS THAN 245

Faulk55ner · Sep 27, 2013

I could have very well have misinterpreted it myself.

Keiriso · Sep 27, 2013

eibgrad :
eibgrad :

jaabi379 :

I think, this is the easiest one. but what IP i want to give to the shared router?

You assign a static IP to the WAN and LAN interfaces that’s valid on the network each happens to be facing.

Let’s assume the two networks are 192.168.1.x and 192.168.2.x. The WAN side of the shared router must face one of those networks, while the LAN side must face the other. Let’s assume the WAN faces the 192.168.1.x network, and the router used by the 192.168.1.x network is assigned 192.168.1.1. Assuming it’s available, assign the WAN ip of the shared router 192.168.1.2. Similarly, let’s assume the LAN faces the 192.168.2.x network, and the router used by the 192.168.2.x network is assigned 192.168.2.1. Assuming it’s available, assign the LAN ip of the shared router 192.168.2.2.

You’re just giving the shared router valid IPs on its WAN and LAN interfaces so it’s addressable from each network.

jaabi379 :

Also how to do static route, please put an example. i am not that much experienced.

Most (but not all) routers will let you add static routes using the router’s GUI. You need to add static routes because the routers used by the respective networks (192.168.1.1 and 192.168.2.1 in our example) don’t know that a gateway between the two networks even exists.

Continuing w/ our example IP assignments, we go to the GUI of the 192.168.1.1 router and add the following static route:

Destination: 192.168.2.0
Mask: 255.255.255.0
Gateway: 192.168.1.2

What this says is, any ip address in the 192.168.2.x network should be routed to the gateway at 192.68.1.2 (the WAN ip of the shared router we assigned previously).

Similarly, we go to the GUI of the 192.168.2.1 router and add the following static route:

Destination: 192.168.1.0
Mask: 255.255.255.0
Gateway: 192.168.2.2

What this says is, any ip address in the 192.168.1.x network should be routed to the gateway at 192.68.2.2 (the LAN ip of the shared router we assigned previously).

So now, anytime a client on either network refers to an ip address that resides on the other network, those clients will pass the traffic to their respective default gateways (which is the router on their respective networks), which in turn will pass the traffic to our shared router, because each router now KNOWS how to reach the other network thanks to our static routing.

Admittedly, a lot of this sounds more complicated than it really is because we’re describing this in text rather than pictures, but hopefully some of it is sinking in.

jaabi379 :

what you mean by "drop firewall" ? There is no separate firewall or anything here. Also don't have a server also.

The firewall I was referring to was that of the shared router. By default, most routers block all traffic from the WAN side into the LAN side, while allowing traffic to flow freely from the LAN side to the WAN side. It would make sense to drop/disable the shared router’s firewall in this case. We want traffic to flow freely in either direction. If both these networks are going to share resources, they should be considered ”friendly” to each other, making the use of a firewall between them unnecessary. But if you want to use the firewall and restrict access between them (e.g., only allow specific IPs to talk to each other), you certainly have that option. But at least for initial setup purposes, it’s a lot easier to configure everything and make sure it’s working if you disable the shared router’s firewall.

jaabi379 :

All is just like some computers we connected to a switch and switch to normal router from the Etisalat (provider).

Sorry, I don’t understand the question (or if it even is a question).

I am in the same situation like jaabi379, however my my situation is that the two location are not in the same building. And what I am trying to do is to be able to access location 1 through wifi connection from location 2. Is there a way to do what you have suggested without cabling the routers?

Daniu · Nov 28, 2013

I've tried following these instructions step-by-step, but I think I'm missing something.

This is what I did:
[Router 1] (192.168.2.1) (LAN) <-----> (WAN) (192.168.2.240) [Shared Router D-Link 655] (10.2.7.240) (LAN) <-----> (LAN) (10.2.7.1) [Router 2]

Router 1 set the Shared router to static IP 192.168.2.240 and has the static route:
Destination: 10.2.7.0
Mask: 255.255.255.0
Next Hop: 192.168.2.240
Router 2 set the Shared router to static IP 10.2.7.240 and has the static route:
Destination: 192.168.2.0
Mask: 255.255.255.0
Next Hop: 10.2.7.240

From LAN 1 (192.168.2.x) I can ping the Shared router at 192.168.2.240
From LAN 2 (10.2.7.x) I can ping the Shared router at 10.2.7.240

However that's where the communication stops. I can't ping anything on LAN 2 from LAN 1, or vice versa.

Do I need static routes inside the Shared router too? Or is the D-link router not appropriate for this test?

I think the D-link is probably the problem because I think NAT cannot be disabled and it may be interfering with WAN-port functionality.

eibgrad :

eibgrad · Nov 28, 2013

navi_srao :

Sure, it's simple in theory, but you make it sound like a trivial exercise to have one of location in the same enterprise change their network scheme to coincide w/ the other. Perhaps it was a mistake for them to have done so, perhaps it was intentional. We’ll never know. So we have to assume that’s not a practical solution.

Essentially what you’ve done is bridge the networks. But having to disable DHCP is crazy; who wants to be manually configuring/updating clients? That’s simply not realistic for most businesses, at least not for clients (servers, ok). So rather than disabling DHCP, why not *block* it w/ firewall rules! That’s why the use of a router is so valuable here; we don’t need to burden ourselves with disabling DHCP because we resorted to a LAN cable. Instead we firewall it.

Also, if you’re willing to change networks schemes anyway, there’s no need to limit yourself to 255 ips. You can simply increase the number of hosts by using a different network mask, say 255.255.0.0 (64k!).

eibgrad · Nov 28, 2013

Daniu :

I've tried following these instructions step-by-step, but I think I'm missing something.

This is what I did:
[Router 1] (192.168.2.1) (LAN) <-----> (WAN) (192.168.2.240) [Shared Router D-Link 655] (10.2.7.240) (LAN) <-----> (LAN) (10.2.7.1) [Router 2]

Router 1 set the Shared router to static IP 192.168.2.240 and has the static route:
Destination: 10.2.7.0
Mask: 255.255.255.0
Next Hop: 192.168.2.240
Router 2 set the Shared router to static IP 10.2.7.240 and has the static route:
Destination: 192.168.2.0
Mask: 255.255.255.0
Next Hop: 10.2.7.240

From LAN 1 (192.168.2.x) I can ping the Shared router at 192.168.2.240
From LAN 2 (10.2.7.x) I can ping the Shared router at 10.2.7.240

However that's where the communication stops. I can't ping anything on LAN 2 from LAN 1, or vice versa.

Do I need static routes inside the Shared router too? Or is the D-link router not appropriate for this test?

I think the D-link is probably the problem because I think NAT cannot be disabled and it may be interfering with WAN-port functionality.

eibgrad :

As far as you’ve described it, it appears correct. The static routes are only relevant to each network’s respective primary router, NOT the shared router.

Remember what I stated previously. Ideally you want to disable NAT and the firewall (and for completeness, DHCP). Otherwise, the WAN will not expose the ip scheme on the LAN side. You'll only be able to access the LAN network via port forwarding on the WAN ip. Not very convenient imo. The idea here is to make this as seamless as possible. However, you should be able to ping from the LAN side to the WAN side regardless of configuration, unless you’re simply encountering personal firewalls on those devices.

Daniu · Nov 29, 2013

I'm puzzled why the D-Link isn't working in either direction, but I think it'll be less headaches trying again with a DDWRT router instead. Thanks, your posts above helped me a lot.

eibgrad :

How to Connect 2 Different LAN

Honorable

Honorable

Honorable

Splendid

Honorable

Splendid

Honorable

Distinguished

Honorable

Honorable

Splendid

Honorable

Splendid

Honorable

Honorable

Honorable

Honorable

Honorable

Honorable

Honorable

Honorable

Honorable

Splendid

Splendid

Honorable

Share this page