Using RVS4000 within existing Network to isolate network group

Answered Question
Jul 7th, 2010

I have an existing network with the primary router being a Motorola Netopia 3000 provided by AT&T for their DSL service.  Internal gateway is 192.168.1.3

I want to isolate a network group on their own router behind the Motorola, while still providing them internet access.

I want to use an RVS4000 as the internal router, but am unclear as to what changes I would have to make (if any) in the Netopia, and what changes I make in the RVS4000.

Thank you ..

Michael

I have this problem too.
0 votes
Correct Answer by kenrandrews about 6 years 4 months ago

Ok so I was screwing part of that add printer process up. Now that I am staring at an XP machine (which hopefully you have) Click Add Printer> Next> Local Printer and uncheck the box to automatically detect> create a new port (standard TCP/IP port)

Next> Printer name will be 192.168.1.50 > Standard and Generic Network card should work just fine>

Click Have Disk and point it to your drivers for the printer or browse the list if the have been installed on it before.

This is how you can manually install a printer. After that your printer should install and you can try a test page.

I would recommend you try this on the same subnet the printer is on first to make sure you have the settings right. Once you get it working there you should then give it a try on the other side of the firewall.

Are you still having trouble with the NAS? what happens when you try putting \\192.168.1.200\ into the Windows Explorer bar (not Internet Explorer) or you could also create a shortcut with this link to test it.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
kenrandrews Wed, 07/07/2010 - 11:35

It seems to me that all you would have to do is set up the RVS4000 to have a static IP for its WAN that is on the same subnet as the Internal Gateway. Then just setup the inside LAN subnet of the RVS4000 ideally to DHCP if the Netopia is setup to server DHCP addresses or to something like 10.0.0.0 (anything not on the 192.168.1.0 network). Then plug a cable from the WAN interface of the RVS4000 to the switch in the Modem. This would effectively stop all users on the 192.168.1.0 network from accessing the 10.0.0.0 network.

I hope this was clear enough and is what you were looking for.

mssecurity Wed, 07/07/2010 - 13:24

Thank you for your response ..

Could you show me an example of the network addressing for the subnetwork ..

router

network system within the subnet ..

in the RVS4000 the settings would be ..

Gateway not router ?

In Setup .. what do I use as Internet IP address .. Gateway, subnet, DNS, etc ..

Assuming the main Gateway router is 192.168.1.3, with subnet 255.255.255.0 ?

Thank you ..

Michael

kenrandrews Thu, 07/08/2010 - 05:52

For the new network that will be behind the RVS4000 just use 10.0.0.0 with a mask of /24 or 255.255.255.0 ( they are the same thing)

Router Internet IP: 192.168.1,4 (Can you just let it use DHCP, this is the easiest way?)

Router LAN IP 10.0.0.1 /24(Make sure to change the DHCP address to 10.0.0.0 /24 if there is a setting for it)

If you can not use DHCP these are the settings:

Router Internet IP: 192.168.1.4

DNS: 192.168.1.3

Gateway: 192.168.1.3

You should keep in mind that there may be something at 192.168.1.4 already so ping it ahead of time.

mssecurity Thu, 07/08/2010 - 18:22

Thank you .. that gets the subnet working and internet access functioning also.

So with your help, my RVS4000 is a subnet of the Netopia network.

Now I need to be able to allow people on the new subnet to access file servers on the other netopia network.  I thought a routing table should do it.  I set it up like this ..

Destination IP address 192.168.1.200 (Network device on Netopia network I want them to have access to)

Subnet Mask 255.255.255.0 (Subnet for that network)

Gateway 192.168.1.3 (Netopia gateway)

Hop count  2  (default, assumed correct)

when I try to save it shows a conflict .. but doesn't display where the conflict.  message is truncated ..

What am I doing wrong ?

Thank you .. Michael

kenrandrews Thu, 07/08/2010 - 19:48

You don't need a route. Right now all traffic leaving the new subnet is sent to the gateway of the netopia subnet. That traffic should then be sent out that interface because they are on the same subnet. You could be having a problem in one of two places. First what you should do is download wireshark on one of the file servers. It is fairly easy to use so I will leave that up to you. Then start a capture and see if you get any packets coming from the RVS4000 Internet IP address. Let me know what happens.

mssecurity Fri, 07/09/2010 - 16:06

Perhaps I explained this wrong ..

Primary Internet Router   - 192.168.1.3

Within this network are hostPC, PC and NAS file servers, printers, etc., addressed 192.168.1.10 - 254

Subnet Router 0 Cisco RVS4000 WAN External IP is set at 192.168.1.4

                                                 LAN  Internal IP is 192.168.16.1

Within this network are host PC's addressed 192.168.16.10-50 (DCHP)

I need to be able to have PC's within the subnet be able to access Hosts, File servers, and printers on the Main network ..

I can access the internet from within the subnet but not any hosts on the upper level network.  How do I get them to show up on Network Places or ?

Thank you ..

kenrandrews Fri, 07/09/2010 - 20:46

You won't be able to see them on Network Places because they are on different subnets. However you should try to access them by typing \\192.168.1.x\ into the address bar of a Windows Explorer window. I don't think it will work, but it depends on the firewall. Unfortunately I think you may be out of luck if this does not work, I can't think of a setting that would allow this, this is a more advanced function. I will think about it and see what I can come up with.

You could however try to open up the ports on the Firewall, but that would allow access both ways.

mattymcfly Tue, 07/13/2010 - 16:00

I was in the exact same boat as the original poster, so this thread already helped me to get everything set up. I, however, need access the other direction I think. We need the computers on the wireless network to be able to print from a printer inside of the RVS4000. This is where it gets a little confusing.

All of the computers on the network are already using a VPN to access remote desktops at another office, so setting up a VPN on the RVS4000 isn't really an option I don't think. Is there anything I can do short of setting up a different printer outside of the RVS4000 on the wireless network? Thanks in advance, I've already been helped a great deal.

kenrandrews Tue, 07/13/2010 - 18:09

You could use port forwarding to forward all traffic on that port to the printers IP. Then when you add the network printer in computers outside the RVS4000 just set the printers IP to the external IP of the RVS4000. The hardest part is finding the port, I think most standard printers use 9100, but I believe you can check it under the printers port properties as well. If that does not work use wireshark or MS network monitor to see what ports packets are being sent to when you print from a machine.

Let me know if that helps.

mssecurity Wed, 07/14/2010 - 11:23

I am able to enter the network printer address and go straight to it's Web interface .. I cannot however seem to get ADD printer to find it that way.  Any ideas ?

Michael

kenrandrews Wed, 07/14/2010 - 12:02

I am not sure what OS you are using, but I would try to add it manually, like this:

On Win 7

Add Printer> add network printer> the printer I want isn't listed> add printer using tcp/ip address>

change device type to TCPI/IP Device, enter the IP address and port( usually 9100 but depends on your printer)

Michael, is the printer behind the Firewall similar to Matthew's. If so did you forward port 80 to the printer and thats how you are hitting the printer? I am a little confused on your setup because I was actually answering the question as if Matthew had posted it because he was asking about printers as well. Is your printer in the netopia subnet or the RVS4000 subnet?

mssecurity Wed, 07/14/2010 - 12:38

(Michael, is the printer behind the Firewall similar to Matthew's. If so did you forward port 80 to the printer and thats how you are hitting the printer? I am a little confused on your setup because I was actually answering the question as if Matthew had posted it because he was asking about printers as well. Is your printer in the netopia subnet or the RVS4000 subnet?)

SORRY about answering on their question, but seemed relevant.

The HP printers are network printers.  They have their own IP address and port 80 is the default for their web interface.
I am trying to use NAS and printers on the primary main Gateway / router .. 192.168.1.3 ..
Network printer for example is 192.168.1.50
NAS for example is                192.168.1.200
PC's on the subnet 172.16.1.1 Gateway can connect via browser to the Network printer web interface no problem.
For example, PC at 172.16.1.139 can connect to the interface through the browser to 192.168.1.50 and check printer status, health, etc.
I cannot though, add the printer through the ADD Printer wizard.  I have tried entering the http://192.168.1.50, tried using what HP calls the host name, and have tried to use the actual network name given to the printer that shows when added from any system on the main 192.168.1.x network.
Subnets are the same for both the 172 and the 192 networks. Printer subnets are the same.
Maybe just not entering correct format in IP section .. tried most obvious configurations.
Hope this helps.
Michael
Correct Answer
kenrandrews Wed, 07/14/2010 - 13:03

Ok so I was screwing part of that add printer process up. Now that I am staring at an XP machine (which hopefully you have) Click Add Printer> Next> Local Printer and uncheck the box to automatically detect> create a new port (standard TCP/IP port)

Next> Printer name will be 192.168.1.50 > Standard and Generic Network card should work just fine>

Click Have Disk and point it to your drivers for the printer or browse the list if the have been installed on it before.

This is how you can manually install a printer. After that your printer should install and you can try a test page.

I would recommend you try this on the same subnet the printer is on first to make sure you have the settings right. Once you get it working there you should then give it a try on the other side of the firewall.

Are you still having trouble with the NAS? what happens when you try putting \\192.168.1.200\ into the Windows Explorer bar (not Internet Explorer) or you could also create a shortcut with this link to test it.

mssecurity Wed, 07/14/2010 - 15:10

YEAH .. Got the printer working by manually setting it up the way you showed through create new port. Works great.

NAS entered into explorer address bar brought up web browser and thus web browser interface .. Getting closer though. Can you MAP a drive to an IP address .. ?

Thanks for the help so far ..

Michael

kenrandrews Thu, 07/15/2010 - 03:36

Good glad it worked, I had my concerns.

If it brought up a web browser than reverse the first two slashes, should be \\IPADDRESS\

Yes you can map a drive, but it requires the same path as the one you are already trying so you need to get this working first.

Actions

This Discussion

Related Content