0

I have done some preliminary research, but can't quite hone in on the same example I'm looking at.

I have two ISP modems - one public and one private. I also have two network subnets (192.168.23.1 and 192.168.1.1). One is used for staff use and the other is used for public WiFi.

I need to allow Wireless Print from the public, the software for which will reside on a server on the private network.

What is the best way to pass the traffic through to the 'private' server without compromising security?

EDIT:

The public/private networks are only public and private in how we think of them.

We have two Comcast Routers that both plug into the same network hub (from router to patch panel to trendnet switch).

All IP addresses are assigned static IP addresses. Staff IPs are 192.168.23.1 and the public network is 192.168.1.1.

Craig
  • 141
  • 1
  • 1
  • 10

1 Answers1

0

This depends on how much control over the modens you have and how they actually connect. When you refer to the modems as public and private what did you meant? Do they both have public IP Address or is one connected to a MPLS service or something similar?

The simplest solution would be to add a network card to the print server and connect it to the public land enabling only the print ports in that card.

Otherwise you would need to NAT the print port trough the Modem and enable access only from the other modem which can have some problems depending on how your ISP handles IP address assignation.

Can you provide a topology map with some IPs like a.a.a.a, or 1.2.3.4, no need to be real just realistic.

rak
  • 1
  • I like your idea of adding the network card and controlling traffic through it. The server is a Ethernet dual-port card - could one of those ports be set to a different sub-net than the other? – Craig Mar 16 '16 at 20:40
  • I think you could, though I cant be sure as I dont know hardware or OS capabilities, but in most cases the answer should be yes. Plug a cable there and try to configure, t might get the address from the DHCP Service if you have one running in that Network. **Remember** to set up firewall rules or you will be creating a vulnerability to your Private Network. – rak Mar 17 '16 at 17:08