On Fri, 28 May 2004 15:52:41 +1200 Matthew Gregan <[EMAIL PROTECTED]> wrote:
> At 2004-05-28T152731+1200, Christopher Sawtell wrote: > > > Nick is setting up a printer which is to be shared between two > > distinct and private non-communicating nets - one for each legal firm. > > What is the alternative? > > The assumption here is that the two networks are already physically > interconnected, otherwise he would not be asking about routing packets > between them. > > Adding an additional physical network interface in this situation is not > the correct solution, nor is it even the most simple. the two networks have been separate until today. The installers put a zyxel router betwwen the two switches. From my investigations it allows packets from my side to their side, the printer is on their side. It does not appear to allow packets from their side to mine. i simply need to route packets directed to their subnet to the ip address of the zyxel router. This should be tidied up by restricting access from my network to their network to be only to the ip address of the printer, and only to the ports needed - whatever is needed for smb, http [1], and i see port 515 is open too. I can presumably access their computers at least by ip address, even if i cannot network smb browse across subnets. However I am not interested in doing so. Anyway i have physical access to the network and could, if i had those tendencies, physically plug into their switch. the cupboard is next to my office. At least they cannot go the other way, I have never had a virus, they have! [1] yes the printer has a web server. funnily enough port 25 is open on it too, i know it allegedly has some ability to email scans. dunno why that means port 25 needs to be open to the lan though? > > > Anyway lets be practical and remember that the cost of a network card > > and a metre or two of CAT-5 is less than that of a Professional > > Luncheon for one, let alone all members of the Practice. > > A metre or two? You're also forgetting the installation and downtime > costs of adding an additional interface. > > -mjg > -- > Matthew Gregan |/ > /| [EMAIL PROTECTED] -- Nick Rout <[EMAIL PROTECTED]>
