Chuck makes some really good points. I would add that it probably makes more sense to route, rather than bridge. That way you can avoid broadcasts flowing between the two networks and more easily put in some access lists based on IP subnet numbers. I agree with Chuck that you're going to want to be careful here. It doesn't sound like you would want these two entities to see each other's resources, (printers and file servers and the like).
As far as the addressing, you just need to twiddle the bits and you'll get it. :-) The message from Murat laid it for you. Good luck with it. Priscilla The Long and Winding Road wrote: > > ""[EMAIL PROTECTED]"" wrote > in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > I have never bridged connections across a Wan before. is that > simple to > do? > > > yes, bridging across a WAN link is pretty basic. > > but I believe you need to back up a second and make a couple of > other > decisions first. > > you say the net result will be two buildings, each with a > handful of > customers, sharing a common internet connection. I am assuming > that the only > reason for linking the two buildings is to share internet. > There are no > other services that all parties will be using. Is that correct? > > so my specific questions to you: > > 1) do you want everyone involved to use a public ip address on > their > equipment? you sure about this? > > 2) how are people numbered now? does your building, your > customers, all use > addresses in the same subnet? same question for the other > building. the > question in my own mind is the wisdom of having several > unrelated units on a > common subnet, potentially with full visibility to eachother. > > if internet connectivity is the only consideration, I don't > believe internal > numbering is an issue. bridge or route internally, and use NAT > on the router > with the internet access. place a couple of access lists on the > appropriate > interfaces to protect the two separate networks. > > I would be more concerned about visibility between and among > all of the > entities involved here. "customers" means what? unrelated > people renting > offices in each building? in which case I would want to take > steps to assure > that I have taken reasonable precautions to keep visibility > limited. vlans > on the 29xx's or some other means such as access lists. > > this is probably more than you asked for. I just think you need > to start at > the toop and work your way down. Just my opinion. > > HTH > > Chuck > > > > > > > Robert > > ""The Long and Winding Road"" wrote in > > message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > Hello, > > > > > > > > I am having trouble with what appears to be a simple > problem. I have a > > > small > > > > office and I > > > > have a friend who owns a building not to far away. I am > goin to order > a > > T1 > > > > to the internet from my location and > > > > a PPP T1 to his location. He has 6 customers in his > location and I > have > > 5 > > > in > > > > mine. I want to give internet acess to > > > > everybody and give them a routable IP address. My ISP > gave me 32 > > > addresses > > > > so i am not going to run out. > > > > BUT I can figure out how to make it work. > > > > > > > > the setup is > > > > > > > > INternet---T1---2611 ---T1---2611 > > > > | | > > > > | | > > > > 2912 2912 > > > > > > > > > > > > > two thoughts come to mind. > > > > > > 1) bridge between the two locations, putting everyone on > the same > subnet. > > > > > > 2) use private IP addressing on the inside - each location > retains it's > > > original scheme, then do static nat to the internet. > access-lists on the > > > appropriate interfaces to keep the two networks alien to > eachother. > > > > > > > > > > > > > > > > thanks for your help > > > > > > > > Robert > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=60253&t=60185 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
