Linking Different LANs via WDS

Guizemen · Oct 23, 2014

So, I was curious how one might link together multiple different LANs through a wireless bridging system?

Currently, I have 3 different buildings, each with their own WAN setups, connected via VPN so users in one building can access the camera feeds and databases in another. I wish to eliminate the VPN, and reduce WAN overhead as a result, by deploying 3 different long-range Wireless Bridges (2x EnGenius ENH500 models, 1x EnGenius ENH700EXT). All 3 buildings have line-of-sight to each other, and all 3 buildings are within 1 block of each other, so range or LoS is not an issue.

The question I have, is what configuration would be necessary so that DHCP and WAN traffic stays within each building, so users in Building 1 with 192.168.10.0 addresses do not pull a 192.168.20.0 address from building 2, and subsequently, don't try to send WAN data over the wireless bridge as well, but users in Building 1 can still access a database of camera feed from Building 2 or Building 3.

boosted1g · Oct 23, 2014

You would need to change the subnet to 255.255.0.0 on all routers and leave DHCP set for the current address range.

ADDED: You will need to apply some firewall rules if you want to keep PCs from building 1 from accessing Shared folders/printers in building 2, etc

Guizemen · Oct 23, 2014

boosted1g :

What exactly do you mean by "leave HDCP set for the current address range" ?

As well, no firewall rules will be required. Theoretically, I want these 3 buildings to all be one "office" but with differing Subnets.

bill001g · Oct 23, 2014

You are going to need actual routers to accomplish this. DD-wrt is a option.

Pretty much you need 2 wan ports...assuming you are going to keep local internet at all the sites. So you need to pretty much keep the setup as you have it at each building so they can continue to get internet. Then you need to connect to a second wan port between the routers using your outdoor wireless. The details will depend how exactly you connect the buildings but for example between building 1 and buildiung 2 you would define another network just to connect them. say 10.1.1.0/30. You would then put in static route saying 192.168.x.x goes to 10.1.1.x so the router know which network is behind which router. The key here is you need a true router you do not want the device to be natting the ip addresses as they pass between the sites.

Guizemen · Oct 24, 2014

bill001g :

Well, we have two RV082s at two sites, and one new RV325 at the newest site. The problem with your solution is that each site is already using Dual-WAN. 1 Primary for the T1 connection (Incredibly slow at each site) and 1 Secondary for the Business DSL (Which offers a faster up and down pipe, but lacks the uptime and other features of the T1). So without attempting some very sneaky L3 tactics, I am unsure of how I would go about getting more WAN ports, aside from buying completely new Quad-WAN routers for each location (And potentially sacrificing the availability of VPN to us in the future to connect to a more remote location).

I know Static Routing would likely be a part of the solution, but I was unsure of how I could go about it. If WAN would be the only option, or if it would be possible for each router to point to it's local bridge as a Gateway to another LAN. But my thought was also that if people in Building 3 wanted to connect to a machine in Building 1, where would I point the static Route?

bill001g · Oct 24, 2014

These devices are getting close to real routers but they only allow routing between the lan and 2 different wan ports. Maybe there is a way but I am not familiar enough with these the one way I though might work was with vlans but these devices only partially support that.

The only way I can see to do this is maybe by using the engenius devices in router mode. The huge problem with this is you need to put all the routing in the end device. For example say you would assign a lan address of 192.168.10.200 to the engenius and that connects to the other building that has 192.168.20.x. You would have to put a static route in the end devices that says 192.168.20.x is behind 192.168.10.200.

Maybe your routers can use a similar static route I do not know but the traffic then runs asynchronously which can cause issues. The user would send his traffic to the main router which would then forward it to the engenius but traffic coming the other direction would go directly from the engenius to the end users.

This is all a hack really. It would be much better if your routers had another port they would route on. A cheap layer 3 switch between your router and you lan would work.

Guizemen · Oct 27, 2014

I think the Static Routes might be the trick if they do not wish to add more hardware to the equation. And yeah, I'm understanding that it's not an ideal method of use, but it may be the one that has to be done.
Thank you for all your help, Bill

Search

Linking Different LANs via WDS

Guizemen

Reputable

bill001g

boosted1g

Titan

Guizemen

Reputable

bill001g

Titan

Guizemen

Reputable

bill001g

Titan

Guizemen

Reputable

TRENDING THREADS

Latest posts

Moderators online

Share this page