LAN Bridging over WAN... Help?

Not going to happen with that hardware, if you want to do a layer2 VPN, it is possible with either Cisco or OpenVPN (others too I imagine but I know it works with them). It is however a really stupid setup which you should not use in production or for any purposes at all if there is any practical alternative.
 
My thoughts on the matter:
If a company cannot afford to purchase two £60 SOHO routers/firewalls I'd be looking to take my career elsewhere because they're in serious financial trouble.

If something is worth doing, do it right. Networks get harder and harder to adjust as they get bigger so do it right in the first instance. Even if this means paying someone who knows what they're doing to come and set it up, it's usually worth it in the long run purely by saving present and future wasted time and effort.

MY recommendation: purchase two entry level business routers that support VPN endpoint OR separate SOHO firewall appliances that support site to site VPN. Change the subnet at one of the sites so routing will work across the VPN.

You can bodge round it but at some point you will have to do that, so it might as well be now.
 
Ok, so maybe I've not included all the details.

This is NOT a standard network setup. They are devices inside subsea equipment and alternatives cannot be used due to the integration of other hardware.

I have got something working now, not sure how but I have. I've configured each device to use the LAN IP of the local router as the gateway, this seems to work as information is now being forwarded. There are still a few bugs which I'm stomping. It is still most confusing.
 
Saiyanthou said:
Ok, so maybe I've not included all the details.

This is NOT a standard network setup. They are devices inside subsea equipment and alternatives cannot be used due to the integration of other hardware.

I have got something working now, not sure how but I have. I've configured each device to use the LAN IP of the local router as the gateway, this seems to work as information is now being forwarded. There are still a few bugs which I'm stomping. It is still most confusing.
Click to expand...

I'd disagree with that, an IP network is an IP network, wherever it operates the same rules apply - That's the whole point of it.
 
In the offshore industry people refuse to change equipment for many years, sometimes decades. So if I need to use a specific product, an alternative may not be available, if it has specific hardware for IP integrated into it it's not always possible to swap out for something nice.

Sometimes you just have to use what you've got.
 
Saiyanthou said:
In the offshore industry people refuse to change equipment for many years, sometimes decades. So if I need to use a specific product, an alternative may not be available, if it has specific hardware for IP integrated into it it's not always possible to swap out for something nice.

Sometimes you just have to use what you've got.
Click to expand...

That being true changing an IP address doesn't involve any hardware alteration, it's a configurable value. Which is all I was suggesting changing.
 
What i wqas suggesting is that if you were going to get VPN to work (and general best practice really) you shouldn't have two LANs with the same IP address range. So just changing one of them to 10.1.0.0 or something instead of 10.0.0.0. Might work while you're port forwarding but could cause major problems in the future. Like all potential issues, better tackled sooner rather than later because it'll only get more difficult.
 
Reading between the lines, you have the Aware module in your subsea equipment (something like an ROV perhaps) and above surface you're receiving DSL comms because it's significantly cheaper not to replace cables which originally operated on serial based comms when you can chuck in a DSL driver.

Really you need to use a module on the surface to do the client side equivalent of the Aware module. This will simplfy things a great deal and essentially bridge the system which is really what you're looking for (so your device is ethernet > DSL bridge system > ethernet, where the DSL bridge system is completely transparent)

You may be able to route, however, that may be too performance hampering depending on the devices and on the protocols, many of these embedded devices don't even use IP, sure it's ethernet but it may not be IP. Certainly some of the stuff i deal with does this.

Speak to the supplier of your subsea kit, they will almost certainly be able to suggest something.

Of course if you can route then that is still an option and may still be desireable.
 
Last edited:
Skidilliplop said:
What i wqas suggesting is that if you were going to get VPN to work (and general best practice really) you shouldn't have two LANs with the same IP address range. So just changing one of them to 10.1.0.0 or something instead of 10.0.0.0. Might work while you're port forwarding but could cause major problems in the future. Like all potential issues, better tackled sooner rather than later because it'll only get more difficult.
Click to expand...

In order to get it to work I did need to set one end to 10.0.0.xx and the other to 10.0.100.xx.


dave-lew99 said:
Really you need to use a module on the surface to do the client side equivalent of the Aware module. This will simplfy things a great deal and essentially bridge the system which is really what you're looking for (so your device is ethernet > DSL bridge system > ethernet, where the DSL bridge system is completely transparent)
Click to expand...

You are correct in your assumptions, but how would I achieve this? Set the Aware to a bridge/router and the Zoom to 1483 bridged IP?

dave-lew99 said:
Speak to the supplier of your subsea kit, they will almost certainly be able to suggest something.
Click to expand...

The supplier has the exact same modem at the top end but has a PC at their bottom end which they remotely log into to set things up (and no, unfortunately this is not an option for my setup).
 
You must log in or register to reply here.
Back
Top Bottom