Connect two LANs that use different WAN.

neider · Nov 3, 2014

Hello everybody,

I am planning a new network infrastructure and I was expecting some help because I'm missing the main point.

The idea is to have two different LAN networks, each one with a different ISP, and to be able to connect from one LAN to another. how is this possible?

Router1:
192.168.1.1
public ip -> 218.89.62.125
Laptop1 -> 192.168.1.171

Router2:
192.168.2.1
public ip -> 213.78.96.54
Laptop2-> 192.168.2.69

What do I need to connect this two LANs to be able to ping Laptop2 from Laptop1 and vice-versa?

Richter888 · Nov 3, 2014

You can create and use : VPN connection with Router1 to Router 2.

rhysiam · Nov 3, 2014

I don't believe there's a simple way of doing this with consumer level, off the shelf routers. You can use a VPN to connect the two networks. A layer 3 switch would also do the job, or a software router with a dedicated link between the networks. The other problem you have is that Windows clients, by default, will drop all traffic that originates from an external network. So even if you configure your network to properly route traffic between laptop1 & laptop2, unless you're running NAT between the networks the receiving laptop will just drop the packets as they originate from an external network.

Can I ask what the problem is you're trying to solve? Why two ISPs? There may be better ways to achieve what you want. Some routers, for example, support multiple simultaneous gateways (in your case Internet connections) and you could then define rules for which clients or what sort of traffic uses which ISP. It depends on what you want to do.

If you really need to do what you're asking it is certainly possible. It's just not completely straightforward. I'm actually running effectively what you're asking for via a wireless link to a friend's house which we use to sync backups to one-another. Both networks have their own Internet connection, but traffic is routed seamlessly between the networks. We did it by building a M0n0wall router each (it's an open source software router & firewall that runs off pretty much any hardware). We threw a couple of extra network cards in some spare computers and got it all working. It does take some time and network knowledge though, so if there's an easier (or 'one device') way of meeting your needs I'd recommend going with that.

bill001g · Nov 3, 2014

You need a actual router to do that. Most devices you buy in the store should be called "gateways". They allow a single lan network to be translated to a single wan ip.

What you now need is a way to connect these networks together. It really depends what feature your devices have if you can even use them at all. Some have a few extra features. If you happen to have ones that have dd-wrt on or if you happen to be using commercial router then it is pretty easy.

There are a number of solutions depending on how much equipment you need to replace. The simplest one is to place a layer 3 switch or cheap router between the internet routers and the lans.

You would put both networks lan networks on this device so it would be the gateway. You would then build new networks between the switch and the 2 routers. It would allow traffic to flow between the 2 networks but it would send traffic to the proper internet connection based on the users source address.

The other way is to replace both your internet routers. You would then connect between them with a cable and build a point to point network. On each of the routers you would put in static routes telling it to pass over this cable to the other router to reach the other network.

The third option is to buy a single larger router and put both internet connections and both lan connections on it.

This is not a trivial project unfortunately.

rhysiam · Nov 3, 2014

Richter888 :

While lots of routers will function as a VPN server, I don't know of many (any!) at a consumer-level price which will function as a VPN client. I'd be glad for a reference if you know of one that does this as it would help me immensely!

Unless you establish the VPN from a router, you'll only have single device -> network connectivity, rather than network-network connectivity.

You could establish a VPN from laptop 1 to the router providing laptop 2's internet. That would allow laptop 1 to ping laptop 2, and vice versa. But it's not actually connecting the networks, just connecting a single device to laptop 2's network. If that's all OP needs, then I agree that's the most straightforward solution. However I'm not sure whether that's what OP is describing.

neider · Nov 3, 2014

rhysiam :

I don't believe there's a simple way of doing this with consumer level, off the shelf routers. You can use a VPN to connect the two networks. A layer 3 switch would also do the job, or a software router with a dedicated link between the networks. The other problem you have is that Windows clients, by default, will drop all traffic that originates from an external network. So even if you configure your network to properly route traffic between laptop1 & laptop2, unless you're running NAT between the networks the receiving laptop will just drop the packets as they originate from an external network.

Can I ask what the problem is you're trying to solve? Why two ISPs? There may be better ways to achieve what you want. Some routers, for example, support multiple simultaneous gateways (in your case Internet connections) and you could then define rules for which clients or what sort of traffic uses which ISP. It depends on what you want to do.

If you really need to do what you're asking it is certainly possible. It's just not completely straightforward. I'm actually running effectively what you're asking for via a wireless link to a friend's house which we use to sync backups to one-another. Both networks have their own Internet connection, but traffic is routed seamlessly between the networks. We did it by building a M0n0wall router each (it's an open source software router & firewall that runs off pretty much any hardware). We threw a couple of extra network cards in some spare computers and got it all working. It does take some time and network knowledge though, so if there's an easier (or 'one device') way of meeting your needs I'd recommend going with that.

Thanks for your reply,
Currently there are two small offices with their own ISP each one, now they want to both share a server and possibly some resources in the future, this is why I need to connect both LANs.

As I see it, possibly a VLAN would be the easiest solution, could you point me to some direction/article to read about what I need and how to implement?

Thank you very much.

rhysiam · Nov 3, 2014

It would be vastly, vastly easier if the offices decided, given that they're sharing a server, that they should share ISPs too!

VLANs doesn't really help you. VLANs just give you a way of running multiple networks from the same equipment. Think in a school you might want a separate staff & student network, but you don't want to have to have two separate switches in each classroom. VLANs (in their simplest implementation) allow you to allocate ports on a network switch onto different networks such that the port on the teacher's desk can be on the staff network, while those connected to student computers are on the student network. You have one physical switch, but because it's segregated in VLANs students cannot see/hack/mess with the staff computers over the network.

The issue with VLANs is that, just like with separate physical networks, you still need a device (or devices) to ROUTE the data between the separate networks.

You sure you can't convince them to share an ISP?

I did just think of a real hack of a way to achieve this by only buying two cheap off the shelf routers. It would work and I'm happy to explain it in detail (not now... I gotta go), but there's no way I'd advise running it in a tech-reliant home, let alone a business to communicate with a server. You could use practically any router (with DHCP DISABLED!) to connect between the two networks (WAN on network 1, LAN on network 2) and get a second router connected the other way around. On each of the new routers, configure a static IP on the LAN side (within it's network) and DHCP on the WAN side. If the "main" routers (providing the Internet) can then be configured with a static route, which sends traffic destined for the other network (e.g. 192.168.1.0/24) to the LAN IP of the router located on it's own network... that should all work. It's far from best practice though... Convince them to share an ISP!

bicycle_repair_man · Nov 3, 2014

If both sites can't share an ISP who can then offer inter-site connectivity, then most DrayTek Vigor routers support VPN tunnels.

Like the others said, a VLAN simply directs existing LAN traffic. It doesn't allow you to connect WANs together.

Guest · Nov 3, 2014

OP- the common way that business meet this requirement is to build a single LAN that shares resources internally. Often two sites are linked with a private circuit, rather than routing local traffic out over the wide area connection and then back in. This is more scalable and secure for the business.

You might choose to enquire with a local telecomms supplier as to a private circuit with two small routers, budget permitting. Depending on your throughput, this topology might allow you to consolidate onto a single ISP.

Hope this helps.

cowboydude99 · Nov 3, 2014

If you want a consumer level router - check out the Netgear FVS318G.

I have used this to do exactly what you're asking about. No change in ISP or anything.

Install one on both ends of the VPN tunnel. It is very simple to do.

Richter888 · Nov 4, 2014

cowboydude99 :

Yes of course, it is the best solution.

Search

Connect two LANs that use different WAN.

neider

Reputable

cowboydude99

Richter888

Honorable

rhysiam

Splendid

bill001g

Titan

rhysiam

Splendid

neider

Reputable

rhysiam

Splendid

bicycle_repair_man

Splendid

Guest

Guest

cowboydude99

Honorable

Richter888

Honorable

TRENDING THREADS

Latest posts

Moderators online

Share this page