Connecting separated internet locations with a LAN

[gajus]

Hi,

I would like to connect 4 locations. (total distance = 500 meter) 2 Locations already have an internet connection. I would like to connect these 4 locations with a gigabit LAN and share internet.

I was wondering if this is possible and what kind of firewalls I need.

This is what I had in mind:

Please feel free to share your thougths!

My budget is limited.

Thanks for your help!

 

[tommyj27]

Sharing Internet access should definitely be doable. Your network diagram doesn't look quite right (or I'm not understanding something). Does this diagram represent your current configuration, or the topology that you would like to build?

 

[triumdh]

A few comments.
Cat 5e should not exceed 100m in any one horizontal run.
You could achieve this with one router/firewall and vlans (requires managed switches) to save money and administration (beware: certain level of layer 2 and 3 knowledge required).

 

[SirDice]

There are different networks all sharing the same 192.168.1.0/24 network. This will not work without some serious effort and should generally be avoided. I suggest getting in touch with someone that understands networking and how to subnet everything.

And yes, you may end up renumbering everything. Not uncommon when 2 or more businesses merge. I had to do it several times for different employers.

 

[gajus]

Thank you for your comments! I do appreciate that!

I have no professional experience in building a computer network - sorry.

The drawing I made should give you an idea of what I would like to do.

At this moment I have connected 3 locations, but
1) they don't share multiple internet connections (when I connect the 4th location I would like to share both internet connections)
2) all computers/devices use the same IP range 192.168.1.x

I have already connected 3 locations with a CAT 5e cable, but no security is implemented

So to recap; this is what I would like to do:
1) share 2 or more internet connections from different locations
2) provide some security
3) share some recources to all locations (camera servers, file servers, web servers, ...)
4) if possible, I like to keep 2 locations in the same subnet because they need to be connected. All other locations should have their own subnet or ip range. (if possible)
6) share all access points (or at least as many as possible)
7) only use 1 DHCP server (if possible)

I don't really care about what ip ranges I should choose for. I only mentioned the ip addresses to indicate that
- most locations should not be able to communicate with each other
- some devices should be shared like access points and a camera server

Finally, if all works well, I would like to add more additional locations.

I guess my main problem is that I don't know what options I have, what kind and how many firewalls or routers I need.

Thank you for all your help!

 

[aragon]

I have no professional experience in building a computer network - sorry.
[..]
I guess my main problem is that I don't know what options I have, what kind and how many firewalls or routers I need.

Frankly no, your main problem is that you're asking for a lot in an inappropriate place. This is the FreeBSD forum - do you have FreeBSD specific questions?

For general networking there are professionals who can help you. You can try looking here for starters.

 

[DutchDaemon]

Aragon is right.

You can't expect FreeBSD users who are here giving up free time to help out other FreeBSD users to play the role of (unpaid) network architects for your organisation, when there is in fact no sign of you even using or considering to use FreeBSD anywhere for anything.

Once you have a proper network design implemented and are using (or planning to use) FreeBSD in it, come see us again.

As it stands now, this is still way too general/abstract for any FreeBSD-specific advice to make sense. All we can say is: "Yes, you can use FreeBSD for routing, or PF/IPFW for firewalling". Which is pretty bland 'advice' at this stage.

 

[gordon@]

I will tell you it will be unlikely that you will be able to have any sort of load balanced redundant network solution if you are using DSL and Cable modems. To have redundant uplinks to multiple providers requires you to have an AS number and BGP sessions. If you don't know what that means, you are way in over your head.