Hello everyone 
.
Im just taking a look at this OS and thought i might upgrade my home network a bit.
My net consist of 2 households connected with one cat7 where each household has several pcs, its own wan modem and currently its own router connected to that modem.
I would like a clear os server as gateway serving both wans to the lan of both households. later on i would then integrate firewalls and the like in the gateway. my question now is first about the physical layout where to main problem is the single cat7 cable connecting the two households (i guess).
would such a gateway need to be layouted such, that it has 3 physical network adapters where 2 of them are each connected to one wan modem and the third one is connected to the lan in order to be efficient/secure/working ? or could i just connect everything via the same lan and have the clear os server somewhere inside that lan. every pc would then use the clear os ip as gateway. i thought that the 2nd layout would not prevent anyone inside the lan to directly access the 2 routers currently installed after each single wan modem ? or is it efficient if i use some ip whitelisting or mac adress whitelisting on the 2 routers currently installed which only allow the clear os gateway to access the routers ?
putting a 2nd cat7 between the 2 households (1 for lan to the other household, 2nd one for wan of the other household) requires me to dig 80m earth up ... so i might be a bit to lazy for that at the moment.
thank you very much for your time! happy sunday!
.Im just taking a look at this OS and thought i might upgrade my home network a bit.
My net consist of 2 households connected with one cat7 where each household has several pcs, its own wan modem and currently its own router connected to that modem.
I would like a clear os server as gateway serving both wans to the lan of both households. later on i would then integrate firewalls and the like in the gateway. my question now is first about the physical layout where to main problem is the single cat7 cable connecting the two households (i guess).
would such a gateway need to be layouted such, that it has 3 physical network adapters where 2 of them are each connected to one wan modem and the third one is connected to the lan in order to be efficient/secure/working ? or could i just connect everything via the same lan and have the clear os server somewhere inside that lan. every pc would then use the clear os ip as gateway. i thought that the 2nd layout would not prevent anyone inside the lan to directly access the 2 routers currently installed after each single wan modem ? or is it efficient if i use some ip whitelisting or mac adress whitelisting on the 2 routers currently installed which only allow the clear os gateway to access the routers ?
putting a 2nd cat7 between the 2 households (1 for lan to the other household, 2nd one for wan of the other household) requires me to dig 80m earth up ... so i might be a bit to lazy for that at the moment.
thank you very much for your time! happy sunday!
In Multiwan
Share this post:
Responses (2)
-
Accepted Answer
-
Accepted Answer
hi madtulip,
In the ideal world you would have two cables, as you suggest one for wan, and the other for lan. the cos box would then directly connect to the internet, possibly authenticating by ppoe. With your physical constraint I would propose that you continue to make use of the two routers you have at each endpoint. These routers would control the wan connection authentication and have a static IP on the network. your cos box would then act in standalone mode (but all lan PC's would look to the cos as the DG), the cos box could then do filtering / proxy / server roles and control the connections to either of the two router IP's. I might advise that the two routers are put onto a different subnet from your lan, for security and configuration logic simplicity.
I had the above working for over a year (before the static IPSEC vpn app became part of cos), relying on two routers to handle the vpn connections.
your existing routers can be 'dumbed down' - ie turn much of the firewalling / dhcp etc off - this will be handed by the cos box - effectively these become wan bridges.
no digging required :-)
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »