Community discussions

MikroTik App
 
User avatar
GlueGuy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 62
Joined: Tue May 16, 2006 10:57 pm
Location: San Francisco Bay Area California (CA)
Contact:

NetBIOS DHCP subnets: Ugh

Wed Jun 04, 2008 7:12 pm

I think I may be making this more complicated than it needs to be, so perhaps someone that has done this before can help me out.

We have a wired network, with two separate LANs: Corp & Guest.

We set up the Corp network for the business, and all the Windows machines can see each other. We set an network of 192.168.2.0/24 (addresses 100-150 in DHCP pool1) for it.

On the Guest LAN, we set it with network 10.1.1.0/24 (addresses 100-150 in DHCP pool2) for it.

So far, so good.

There is exactly ONE machine on the Guest LAN that needs direct access to the Corp LAN. Unfortunately, because it is on a separate subnet/LAN, it cannot browse anything (with the Windows browser) on the Corp LAN. The problem being NBT not able to cross a router .border.

So we changed the Guest LAN to network 192.168.2.0/24 (addresses 200-245 in DHCP pool2 now). Then we bridged the Guest LAN to the Corp LAN.

This caused the DHCP server display to show RED TEXT because the pools need to be assigned to the bridge.

However, if I assign the pools to the bridge, the separation of the IP addresses is not possible.

OK. Is there a simple way to get:
  • A separate subnet for each LAN
  • Ability to browse the Corp LAN from the One machine on the Guest LAN
Kind Regards
 
Schnulch
newbie
Posts: 43
Joined: Wed May 23, 2007 9:04 am
Location: Germany

Re: NetBIOS DHCP subnets: Ugh

Wed Jun 04, 2008 7:30 pm

Hi,

if you really need to browse the lan, you need to set up a DNS server, so the single client on Guest lan can ask for IP's. If there are only a few shares on a few computers /Servers, which this client has to access, just use "net use x:\\IP-adress\sharename" on that client to map the shares to his computer.

If It's just for one client, you could download "softperfect netscan" (google will help you), so he can scan for other computers. This program will show him network shares he can right-click to open in Explorer.

Personally i would not bother to change to much of the network for one user.

If you have a special guest network, security might be an issue....

I would seperate the guest and corporate network totally from each other, but that would prevent the one client to connect to corporate network. On the other hand, if you don't have at least strong passwords on your network shares, the guests may be able to browse your corporate network too...

Your choice

Sincerly

Schnulch
 
User avatar
GlueGuy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 62
Joined: Tue May 16, 2006 10:57 pm
Location: San Francisco Bay Area California (CA)
Contact:

Re: NetBIOS DHCP subnets: Ugh

Wed Jun 04, 2008 7:54 pm

Personally i would not bother to change to much of the network for one user.

If you have a special guest network, security might be an issue....
Well the "one user" is actually a sales computer that "belongs" on the Corp LAN. Unfortunately, it's in a different building than the Corp LAN, and the only option (physically) was to attach it to the Guest LAN.

We set up a firewall rule that blocked access for all computers on the Guest LAN except for the sales computer. That part was working fine, but we were unable to access shares on the Corp LAN from the sales computer.

Part of the problem was that they had several of their computers using NETBEUI instead of NBT.

We've since switched all their computers to use NBT exclusively, but we're still having the problem access the shares from the sales computer on the Guest LAN.
 
Schnulch
newbie
Posts: 43
Joined: Wed May 23, 2007 9:04 am
Location: Germany

Re: NetBIOS DHCP subnets: Ugh

Thu Jun 05, 2008 11:44 am

Another option comes to mind:

If your routerboard has more than 3 lan ports, you could just use different subnets with dhcp for guest and company lan, using ether1 and ether2 of the routerboard.

Then You use ether 3 of routerboard and connect it to a switch of the company lan. Then user ether4, connect it to a switch in guest lan. Then bridge ether3 and ether4 and give that bridge an IP of your company lan. Use static IP, (Gateway if necessary) and DNS for the one computer in guest net, you want to access the company net with IP of company net (not inside DHCP-range, of course).
Enable arp on the bridge, then it should work properly.

Sincerly

Schnulch
 
User avatar
hilton
Long time Member
Long time Member
Posts: 634
Joined: Thu Sep 07, 2006 5:12 pm
Location: Jozi (aka Johannesburg), South Africa

Re: NetBIOS DHCP subnets: Ugh

Thu Jun 05, 2008 3:49 pm

[quote="GlueGuy"]
Well the "one user" is actually a sales computer that "belongs" on the Corp LAN. Unfortunately, it's in a different building than the Corp LAN, and the only option (physically) was to attach it to the Guest LAN.
[/quote]

I think you need to look at VLANs for this set-up.

They are designed for this type of requirement.