General discussion

Locked

student network puzzle

By maradonna ·
hi folks, i hope one of you network wizards can help a dim student, trying to get thro HNcomputing,with a view to be a master networker(a dot in the horizon), i cant get a hold of my tutor for help

2 lans split by router(cisco 2600) in the same office. Now i have an office 400 metres
away to link by wireless adsl router/switch/hub (whatever is best).internet is also needed but new office should have web and ftp blocked, BUT should be able to send and recieve email both internally and from the internet . Easy peasy for one of you giants of IT networking. please can you give me a few ideas. i would greatly appreciate it.
maradonnaisgod

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Ports.

by seanferd In reply to student network puzzle

A not-entirely-elegant simple solution would be to block the ports FTP and HTTP(S) use, but not those used by email, regardless of the design of the network. If there is to be some differential between subnets, you'd have to look further into the abilities of the Cisco device.

Collapse -

distance

by maradonna In reply to student network puzzle

its an old device so blocking the ports sounds a good enough solution (cheers)but would the wireless router reach 400 metres away?
the ethernet cable for the web gets plugged into existing (cabled) router which is splitting the main office (192.168.2.1 and 192.168.1.1) then cabled to wireless router/switch which sends signal 400 metres to wap? does this make sense ???
how would the configuring go. ??
cheers sean ferd for your input . much appreciated.anybody else give me a hint?

Collapse -

Doable

by IcebergTitanic In reply to student network puzzle

It's very much possible to run a wireless connection that far, but there's lots of variables. Your antenna hardware and broadcasting power, interference from physical structures such as trees and buildings, and interference from other electromagnetic sources such as power lines and other wireless transmitters.

You can certainly apply an ACL to your router to limit the traffic leaving the branch LAN. Cisco ACL's run in sequential order, so you would just set a couple "Allow" orders first, for the email and such, and then if you wanted to do so an explicit "deny all" just for clarity.

example (not certain how if this works on a 2600, I usually work with ASAs):
access-list branch_outbound permit tcp 192.168.1.0 255.255.255.0 any eq 25
access-list branch_outbound permit tcp 192.168.1.0 255.255.255.0 any eq 110
access-list branch_outbound deny ip any any

Your biggest "gotcha" is going to be making sure that your routing is set up correctly for your dis-contiguous network...

Back to Networks Forum
3 total posts (Page 1 of 1)  

Hardware Forums