Communication between 2 LAN's subnets: Firewalla Gold

Comments

11 comments

  • Avatar
    Rich T.

    If you want open communication, putting the second port in the same subnet would make the most sense.

    0
    Comment actions Permalink
  • Avatar
    David Rothenberger

    When you create the new network, you can choose between different types: Local Network, Guest Network, and Lockdown Network. If you choose Local Network, no additional rules will be created, so traffic will be allowed to and from this new network from your other LAN, unless that network has a rule to prevent the traffic.

    I do agree with Rick T.'s observation, though. Why do you want to create a separate VLAN if you're going to allow unfettered communication between it and your existing LAN?

    0
    Comment actions Permalink
  • Avatar
    Alak

    By default, communication will be allowed between the 2 LAN subnets however you should be aware that for AV devices to be discovered across subnets, you need both mDNS and SSDP multicast relaying between the subnets.  See the threads I listed below.

    Even with mDNS and SSDP multicast relaying enabled, some devices might still not be discovered across subnets because they have built-in restrictions or limitations that only allow them to communicate with devices on the same subnet.  You may have to organize your devices accordingly.

    mDNS multicast relaying

    https://help.firewalla.com/hc/en-us/articles/360049613014-Firewalla-Gold-when-network-is-segmented-will-I-be-able-to-use-AirPlay-and-Chromcast-cross-networks-

    https://help.firewalla.com/hc/en-us/articles/4403336151827-Firewalla-Box-Release-1-973-App-Release-1-47

    SSDP multicast relaying

    https://help.firewalla.com/hc/en-us/community/posts/8724680203923-Using-multicast-relay-to-do-SSDP-relaying-for-Roku-Sonos-Tivo-discovery

    0
    Comment actions Permalink
  • Avatar
    Maintenance

    Thanks... I don't see what the main subnet should be set to on both intranet networks.
    Should it be like this?

    Building A
    192.168.1.X
    255.255.255.0

    Building B
    192.186.3.x
    255.255.255.0

     

    Or different?
    Building A
    192.168.1.X
    255.255.252.0

    Building B
    192.186.3.x
    255.255.252.0

    0
    Comment actions Permalink
  • Avatar
    Maintenance

    ???

    0
    Comment actions Permalink
  • Avatar
    Alak

    You’re setting up a class C subnet so use the default subnet mask of 255.255.255.0

    The binary ones in the subnet mask are the network address bits and the binary zeros are the host address bits.

    Your network addresses are 192.168.1 and 192.186.3

    The host addresses are the remaining octet (1-254)

    There are a lot of more detailed explanations out there about how subnet masks work.  

    0
    Comment actions Permalink
  • Avatar
    Maintenance
      255.255.255.0   gets    #  of usable IP addresses = 254

     255.255.252.0   gets  #  of usable IP addresses =  1022

     

    0
    Comment actions Permalink
  • Avatar
    Alak

    If you want to use an additional 2 bits in the second octet for host addresses then make sure you don’t use those 2 bits for your network addresses like you did.  I suggest you read up on how subnet masks work.

    0
    Comment actions Permalink
  • Avatar
    Maintenance

    Should it be like this?

    Building A
    Router - 192.168.1.1
    255.255.255.0

    Building B
    Router - 192.186.3.1
    255.255.255.0

     

    Or different?
    Building A
    Router - 192.168.1.1
    255.255.252.0

    Building B
    Router - 192.186.3.1
    255.255.252.0

    0
    Comment actions Permalink
  • Avatar
    Alak

    I suggest that you stick to default type configurations until you have a better understanding of how this works:

    Building A
    Network address: 192.168.1
    Router address: 192.168.1.1
    Subnet mask: 255.255.255.0

    Building B
    Network address: 192.168.3
    Router address: 192.168.3.1
    Subnet mask: 255.255.255.0

    Once you have a good understanding, then you could do something different like:

    Building A
    Network address: 192.168.4
    Router address: 192.168.4.1
    Subnet mask: 255.255.252.0

    Building B
    Network address: 192.168.8
    Router address: 192.168.8.1
    Subnet mask: 255.255.252.0

    I honestly don't advise you to do this unless you really know what you are doing.   Having both network and host address bits in the same octet just complicates things.

    0
    Comment actions Permalink
  • Avatar
    Maintenance

    One can't learn without trying and doing.... we all learn by our mistakes.

    0
    Comment actions Permalink

Please sign in to leave a comment.