I am setting up a small network for 14 devices. These devices are 2 wireless printers, a (wireless) SONY Google TV, 2 (wireless) iPads/iPods, several (wired) desktop computers, a (wired) Blu-Ray player, and an X-Box (wireless). All of these devices are connected to a Fujitsu Primergy MX130S2 Server with a Intel PWLA8492MT PRO/1000 MT PCI/PCI-X Dual Port Server Adapter. Included in the pile are two wireless netgear routers. One is a 54Mbs b/g and the other is a 300Mbs N router.
I started with this setup → [internet]=>[server]=>[wireless router]=>[devices]
This WORKED fine until I started monitoring packets. I could only see packets from the internet to the server and packets going from the server to the router. I could NOT see which individual machine in the network the packets were going to/from. How do I setup a system where all wired and wireless devices are on the same subnet and I can track packets to each machine on the localnet through the internet server? The idea here is to spot security breaches in the network and be able to trace it to an individual device (mainly).
On 11/03/2012 08:06 PM, kwaywhite wrote:
>
> I am setting up a small network for 14 devices. These devices are 2
> wireless printers, a (wireless) SONY Google TV, 2 (wireless)
> iPads/iPods, several (wired) desktop computers, a (wired) Blu-Ray
> player, and an X-Box (wireless). All of these devices are connected to a
> Fujitsu Primergy MX130S2 Server with a Intel PWLA8492MT PRO/1000 MT
> PCI/PCI-X Dual Port Server Adapter. Included in the pile are two
> wireless netgear routers. One is a 54Mbs b/g and the other is a 300Mbs N
> router.
>
> I started with this setup → [internet]=>[server]=>[wireless
> router]=>[devices]
>
> This WORKED fine until I started monitoring packets. I could only see
> packets from the internet to the server and packets going from the
> server to the router. I could NOT see which individual machine in the
> network the packets were going to/from. How do I setup a system where
> all wired and wireless devices are on the same subnet and I can track
> packets to each machine on the localnet through the internet server? The
> idea here is to spot security breaches in the network and be able to
> trace it to an individual device (mainly).
If you only use a single router, you will be able to keep everything on a single
subnet. Do not use the WAN ports on the wireless access points. Connect them to
the main server through one of the wired LAN ports. Assuming you are using the
standard Netgear firmware, then In the “Basic Settings” screen of the wireless
routers, assign them a static/unique address in the subnet. Anything plugged
into the LAN ports will get an address from the main DHCP server, but the
wireless clients get theirs from the DHCP server in the wireless routers. The
tricky part is getting their DHCP ranges set up so that they do not overlap with
each other, or the main server/router.
On 11/03/2012 10:37 PM, Larry Finger wrote:
> On 11/03/2012 08:06 PM, kwaywhite wrote:
>>
>> I am setting up a small network for 14 devices. These devices are 2
>> wireless printers, a (wireless) SONY Google TV, 2 (wireless)
>> iPads/iPods, several (wired) desktop computers, a (wired) Blu-Ray
>> player, and an X-Box (wireless). All of these devices are connected to a
>> Fujitsu Primergy MX130S2 Server with a Intel PWLA8492MT PRO/1000 MT
>> PCI/PCI-X Dual Port Server Adapter. Included in the pile are two
>> wireless netgear routers. One is a 54Mbs b/g and the other is a 300Mbs N
>> router.
>>
>> I started with this setup → [internet]=>[server]=>[wireless
>> router]=>[devices]
>>
>> This WORKED fine until I started monitoring packets. I could only see
>> packets from the internet to the server and packets going from the
>> server to the router. I could NOT see which individual machine in the
>> network the packets were going to/from. How do I setup a system where
>> all wired and wireless devices are on the same subnet and I can track
>> packets to each machine on the localnet through the internet server? The
>> idea here is to spot security breaches in the network and be able to
>> trace it to an individual device (mainly).
>
> If you only use a single router, you will be able to keep everything on a single
> subnet. Do not use the WAN ports on the wireless access points. Connect them to
> the main server through one of the wired LAN ports. Assuming you are using the
> standard Netgear firmware, then In the “Basic Settings” screen of the wireless
> routers, assign them a static/unique address in the subnet. Anything plugged
> into the LAN ports will get an address from the main DHCP server, but the
> wireless clients get theirs from the DHCP server in the wireless routers. The
> tricky part is getting their DHCP ranges set up so that they do not overlap with
> each other, or the main server/router.
The part about IP addresses being assigned by the wireless routers is wrong. I
just switched my 3 APs to a single subnet, and the addresses are all being
assigned by the one connected to the modem, i.e. the one that is actually
routing now.
I moved one wire and turned off the DHCP server in the router and MAGIC! Wow, that solution makes sense but I never would have figured it would have worked so smoothly.
>snif< I love you guys. rotfl! Thanks