Communication between 2 LAN's subnets: Firewalla Gold
My current setup is rather simple. Using one Lan Port to create a 192.168.1.x subnet which all devices are then connected through, both wired (switch) and wireless (eero mesh). I am not sure how simple or complex this is but what I am looking to do is use a second Firewalla port to create a 192.168.2.x subnet and then connect a switch to it to connect additional devices.
What would I need to do to allow open communication between the devices on both subnets?
Thanks in advance.
-
When you create the new network, you can choose between different types: Local Network, Guest Network, and Lockdown Network. If you choose Local Network, no additional rules will be created, so traffic will be allowed to and from this new network from your other LAN, unless that network has a rule to prevent the traffic.
I do agree with Rick T.'s observation, though. Why do you want to create a separate VLAN if you're going to allow unfettered communication between it and your existing LAN?
-
By default, communication will be allowed between the 2 LAN subnets however you should be aware that for AV devices to be discovered across subnets, you need both mDNS and SSDP multicast relaying between the subnets. See the threads I listed below.
Even with mDNS and SSDP multicast relaying enabled, some devices might still not be discovered across subnets because they have built-in restrictions or limitations that only allow them to communicate with devices on the same subnet. You may have to organize your devices accordingly.
mDNS multicast relaying
SSDP multicast relaying
-
You’re setting up a class C subnet so use the default subnet mask of 255.255.255.0
The binary ones in the subnet mask are the network address bits and the binary zeros are the host address bits.
Your network addresses are 192.168.1 and 192.186.3
The host addresses are the remaining octet (1-254)
There are a lot of more detailed explanations out there about how subnet masks work.
-
I suggest that you stick to default type configurations until you have a better understanding of how this works:
Building A
Network address: 192.168.1
Router address: 192.168.1.1
Subnet mask: 255.255.255.0Building B
Network address: 192.168.3
Router address: 192.168.3.1
Subnet mask: 255.255.255.0Once you have a good understanding, then you could do something different like:
Building A
Network address: 192.168.4
Router address: 192.168.4.1
Subnet mask: 255.255.252.0Building B
Network address: 192.168.8
Router address: 192.168.8.1
Subnet mask: 255.255.252.0I honestly don't advise you to do this unless you really know what you are doing. Having both network and host address bits in the same octet just complicates things.
Please sign in to leave a comment.
Comments
11 comments