cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
709
Views
10
Helpful
7
Replies

connecting remote using wan as a lan

wesleyjay
Level 1
Level 1

Hi,

We have a cisco 1700 series and two 2500 series these routers connect our three branches using leased line. presently each branches have different subnet. eg. Branch1 - 192.168.0.0/255.255.255.240, Branch 2 - 192.168.0.32/255.255.255.240, Branch 3 - 192.168.0.64/255.255.255.0. we would like to change change the setup that all our branch will be on the same network eg. 192.168.0.0/255.255.255.0. our purpose is to connect our 3 branches like a single lan. based from my readings what we need is bridging, is this what we are looking for? can you give me sample configuration on this kind of setup?

TIA,

Wesley

7 Replies 7

scottmac
Level 10
Level 10

Yes, you could bridge the WAN to the LAN.

Generally speaking, it would be a bad idea.

First, all the broadcast traffic from each site (HQ as well as the branches) would transit the WAN link ... eliminating a fair amount of bandwidth (unnecessarily).

Second, from a security standpoint, you're opening up your entire network to worm/trojan/virus propagation.

You will be, in essence, putting three low-speed links in the middle of your LAN. It will affect the performance of the entire network.

What issue are you having that would make you want to tie everything together?

If you post your curent issues, I'm pretty sure the forum posters will have some good suggestions on how to resolve them.

Give it a shot. Bridging three remotes to your LAN (with extremely rare exception) is a seriously bad thing to do (and probably unnecessary).

FWIW

Scott

Scott hit the nail on the head.. really nice reply. dont ever think of bridging traffic through WAN. controlling them will be really difficult...

Raj

Thanks for the quick response. I'm expecting that will the problem but do you have other solutions? my main purpose is to have the 3 branches on the same network 192.168.0.0/24.

TIA,

Wesley

Wesley,

Why do you wnat all three branches on the same network? What is wrong with the setup you have now?

Kevin Dorrell

Luxembourg

Hi,

Actually nothing is wrong with our present setup. THe main reason is we are transferring to another provider and the applications we are using, also the familiarity of our staffs if we change our network setup. THis is only a temporary solution still looking for ways to have a permanent solution

TIA,

wesley

You should seriously reconsider what you are trying to do. Things are working fine as they are...but now you want to introduce a non-recommended configuration, which will most likely cause problems of one sort or another.

This is a very unusual thing you are trying to do, and goes counter to almost every network design principle. It's not that it can't be done, but there is seldom a good reason to do so, and it should only be done after careful consideration of the potential impacts.

I assume by 'transferring to another provider' that you mean you are swtiching to a new carrier for your current WAN links? If that's true, talk to potential new carriers and ask them if they would recommend or even support this (especially if they are managing your routers).

mjcole_mcp
Level 1
Level 1

Is anyone still following this conversation? If so just a few things are screaming at me for attention,

1. Use of subnet zero, in this case it is really network zero, but its still bad form, since 192.168 is reserved anyway, don't use 192.168.0, unless you really have to. This is very poor form and could lead to problems later on if you want to supernet. If you are considering re-IPing your network, use 192.168.1.0 or 192.168.100.0 or something similar.

2. I have a hard time reading the 255 notation when it spans lines, but I get This:

Site 1: 192.168.0.0 /28 (*)

Site 2: 192.168.0.32/28

Site 3: 192.168.0.64/24

(I hope my new lines come out when I submit this!)

Anyway the astrixed (*) entry is a real example of subnet zero and should always be avoided.

Now that everything is nice and readable you don't need an expert to tell your your IP address scheme is basically garbage. Why? Because site 3 is really:

192.168.0.0/24 since the subnet mask is going to wipe out all the bits in the last octet... ooops! Now site 3 is basically eating up site 1 and 2.

Oh and while I'm on it, why don't you expend your masks? 255.255.255.224 would still work for site 1 and site 2. Site 3 is going to have to become:

192.168.0.128/25. (If you can fit all of your users in site 3 into the 126 addresses you have, I would suggest moving site 1 to 192.168.0.64/27 to get out of subnet zero.)

Now that the IP address mess is tidied up, why on Earth would you want to create a LOCAL Area Network out of a WIDE Area Network? That is silly, but other people, who seem a lot smarter than me already explained that.

Michael

Review Cisco Networking for a $25 gift card