09-27-2012 07:52 AM - edited 03-07-2019 09:09 AM
I am doing a job for a local boro, which has the police department inside the same building. Right now they share the same internet connection which first goes through the county network. This network is slow and really not usuable. The police use it for JNet, which is required since JNet is a secure system to obtain criminal data on individuals.
What I want to do is get a cable internet into the place and have them use this new ISP except for when the PD has to reach JNet which will use the county network. What router would be best? The boro only has two machines, the police has four. Could you give me a general example on how to setup the routes so that this could be accomplished?
09-30-2012 11:32 AM
There is not enough information here for us to give you very much help. If you can provide more information we might be able to provide some better suggestions.
As a start I am puzzled about whether it really is one network or is two networks. You say that the police are in the same building and that they go through the county network to get to the Internet. So this sort of implies that the police have one network which is separate from the county network, and which uses the county network for outside connectivity. Can you clarify whether this is the case?
It would also help if you would tell us what kind of network equipment is being used, by the police and by the county. If the equipment in place would not support the new cable network or the kind of processing required to separate the policy Internet traffic from the JNet traffic is purchase of additional equipment a possibility?
10-01-2012 11:57 AM
They (both the boro and PD) are currently on one network, which the DHCP is on their Netgear router. The netgear router is connected to the county's fiber connection for internet.
As you can tell, not much money has been given to them in regards to technology and when I was brought in they were actually on a lease from a supplier that really ripped them off bad.
Basically I will be moving them to a server/client network (they are using a cheap NAS for their server) and have the switch go into a cisco router when then will be configured to go through the county's fiber for the internet connection for the JNet website or the cable internet for all other internet communications.
10-01-2012 09:59 PM
There are still some things about that environment that puzzle me. But if you will be introducing a Cisco router then we can talk about possible solutions.
The first challenge would be whether you can distinguish between a host that is police from a host that is county. And a question associated with this would be whether hosts from the county should be able to use the cable network for Internet access?
For the solution that I am thinking about you would need a router with at least three Ethernet interfaces. Of these interfaces one would be for the local LAN connection where the users are connected. The second interface would connect to the cable network. And the third interface would connect to the county network.
You would configure a default route on the router to use the cable network as the default route to reach the Internet. You would configure Policy Based Routing to send policy traffic through the county network.
In PBR you would configure an access list that identifies traffic going to JNet. You would then configure a route map which uses the access list to identify the traffic and would set the next hop for this traffic to be through the county network. And you would apply the route map on the LAN interface to do PBR.
10-02-2012 07:30 AM
Thanks for the reply Richard.
The Boro and PD are only using the County's network for access to the internet. Yes, I know it's strange but the county gave them the connection for the purposes of JNet and they are using it for all their internet needs. The county purposely throttled down the connection rate since the county is sharing it's connection to all other boro's, PDs, libraries, etc.. I know it doesn't make sense. It's politics..
What I want is what you described, the Boro & PD to use the cable internet as the default, and for the PD to use the county's connection when they hit the JNet website. I will be looking into PBR, I started my CCNA training but I know I have alot to learn yet. What cisco model do you think would work best?
Thanks for the help!
10-02-2012 07:57 AM
I think something like the Cisco 881 would work for your purposes. It has a built in 10/100 Ethernet that you could use for the cable network connection. And it has a built in 4 port Ethernet switch. With this switch you could configure a vlan and some ports for the LAN connection and configure another vlan and one port for the connection to the county network.
The PBR solution would be the most appropriate solution based on what I understand about your requirements. The access list and especially the route map are advanced topics and would be a stretch for someone is starting CCNA training. But as you progress in your studies you should be able to do these kind of configurations.
Good luck in your studies and in accomplishing this project.
10-02-2012 10:11 AM
Wouldn't I need a router with two WAN interfaces? I believe their current setup has their county internet coming into their router's WAN interface or should I just plug their router into one of the Cisco's router's LAN interface?
10-02-2012 03:17 PM
Yes, in a sense you would need 2 WAN interfaces. But what does it take to be a WAN interface? Cisco labels the builtin 10/100 interface as a WAN interface, but would anything prevent you using it for LAN if that is what you really needed? And they consider the ports of the built in switch as LAN. But what prevents you from using one of those ports (configured with an appropriate VLAN) for the second WAN?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: