Re: [m0n0wall] Can I use m0n0wall to merge 2 networks with different subnet?

From:	Lee Sharp <leesharp at hal dash pc dot org>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Can I use m0n0wall to merge 2 networks with different subnet?
Date:	Fri, 02 Dec 2011 09:25:49 -0600

On 12/02/2011 07:23 AM, GD Incorporation wrote:
> Dear all m0n0wall experts
>
>
>
> I need some advices for my case. Recently my customer's company merged to
> another company and here is the case:
>
> -          Company A
>
> o   Is the main company, must not change any network settings at all
>
> o   Has its own Domain Controller under Windows 2003 and DHCP and DNS Server
> all under windows 2003
>
> o   Uses m0n0wall 1.33 as the router to connect to the internet (Fiber
> optic) with static IP address of 121.x.x.x
>
> o   Internal IP sets is 192.168.x.x with 255.255.0.0 (more than 255
> computers)
>
> -          Company B
>
> o   Is the merging company, can change some network settings, but preferably
> no merging the subnet with company A.
>
> o   Has its own domain controller, dhcp, and dns under windows 2003
>
> o   Internet connection must share the internet from company A.
>
> o   Internal IP Sets is 192.169.x.x with 255.255.0.0 (more than 255
> computers)

OK.  It gets very complex after this...  But you have two options... 
One is IPsec tunneling over the internet.  Slow, but secure.  The other 
is to create a link on the INTERNAL side of the firewall.  This is 
adding a nic to firewall A with an IP in the subnet of firewall B and 
adding static routes to both firewalls.  The method used to do this can 
be a long cable, a leased line, or wireless.  This will be much faster, 
and also secure.

			Lee