|
They are 2 different sites w 2 different static IP addresses from the ISP
But subnet is 255.255.255.252 for both Sent from my SAMSUNG S7. ---------- Post added at 05:47 PM ---------- Previous post was at 05:46 PM ---------- Site 1 IP is 173.xxx.xxx.xxx Sure 2 is 40.xxx.xxx.xxx Sent from my SAMSUNG S7. |
:hmm: Repeater stations not repeating the same LAN, but still need to talk to each other? Weird. To talk to each other through the WAN they don't need any special settings, but obviously they need routable IPs and no firewalls obstructing their way. The same default gateway that gets them out to the internet will get them to each other, though I guess it's possible that they could get different routes sometimes due to failures, delays, and traffic shaping.
Just to confirm: These are some sort of wireless (not necessarily wifi; I assume police stuff?) repeaters, and they are in range of each other on that wireless connection? Can they be set with secondary IPs sharing a subnet on the wireless interface? For that matter, does the wireless interface already have an IP? |
Heres what the deal is. Sorry for the late reply.
This county has 2 repeaters (2-way radio) that the officers have forever had to switch between the 2, depending on which was closer. Well, we got everything upgraded over the lsat 3 weeks and now, the 2 new repeaters will be linkied together via DSL connections in each location. One in the courthouse in town, the other in the fire station in the other town. This allows the 2 repeaters to "talk" to one another over the DSL connections to constantly monitor where the officers cars are to see which tower is closer and the radios in the cars swap to whichever offers the best signal just like a cell tower. My problem is getting the 2 devices, which are hooked behind dsl modem/routers to see one another. ---------- Post added at 07:53 AM ---------- Previous post was at 07:48 AM ---------- The guy installing it all seems to think I can designate one of the ethernet ports on the modem/router to give it the public IP address that ISP has assigned (each location has a static IP with 2 useable public IP's. The modem takes up one of those addresses) and he just programs his device with that public IP address and all is well. I was thinking I had to give the device an internal IP, then set up a route or NAT to have that internal IP be accesable when you ping the public IP.. I know what I want to do, and what I'm trying to say, but I can't say it right. I haven't networked anything in like 3 years and forgot what I need to do :( ---------- Post added at 07:57 AM ---------- Previous post was at 07:53 AM ---------- I'f I'm thinking right, I need to set up port forwarding. Get those 2 devices to operate on the same port (if that can be configured) and just do a simple port forward. correct? |
ah, yeah. If you port forward the ports that you need to the IP of the repeater (do this on each end) then publicip:thatport will take you to that device.
I do this at home so I can ssh into a machine. By default if I try to ssh to my IP, it wouldn't know which machine to go to at my house. By port forwarding port 22 or something to the internal IP of my "server", I can now ssh to port 22 using my public IP and it will forward it to my server. If that makes sense. ---------- Post added at 08:10 AM ---------- Previous post was at 08:09 AM ---------- I do this via my router since it's just a home setup. Not sure if you're using a router, or one built into the DSL modem, or what. |
You could assign a private IP and forward a port, or you could use the extra public IP. Either way should work fine. Forwarding a port is more secure but could require more of your attention in the future.
Is there a standard practice for those? Can you check with other PD IT folks for which way is more common? I never worked with that situation when I was doing IT for the PD. |
I am their IT, thats the bad part. THey have other vendors that support different equipment there, but for the most part, I'm the man. And for this, everybody is depending on me to get it right.
At the remote location (2nd repeater) there is only a Sagemcom 1704n modem/router. Which is capable of port forwarding. That 3mb/768 connection is there ONLY for the repeater. Nothing else will ever be on it. As for the PD, they have a Sagemcom 4320, but it's bridged and their Sonicwall is doing the authentication. So I have to do the port fowarding in the Sonicwall, but the vendor that set it up is being douchey about giving the password out. Anyhow, That aside is it best to just do a port forward, or set up a VPN and let them communicate over that? The sonicwall at the office is already acting as a vpn as the patrol cars access software form the PD remotely. The Kenwood KTI-3 is the box that I'm using to connect the 2 sites. And I believe it converts the traffic into UDP.. But there is very little configuring you can do. |
If you can get the remote modem/router to use the VPN, that's more secure and then you can talk straight to the internal IP on the other side without forwarding.
If you don't use VPN then you'll have to let that port/IP through the firewall in addition to forwarding it on the router AFAIK Maybe just tell the Sonicwall vendor to do it if they won't give you the password. Just say "I need traffic from the outside going to this port to reach my repeater at this IP" or attempt the VPN method. The VPN essentially drops the offsite repeater into the PD's network space without opening things up. |
But, I'd have to have a vpn device on the remote repeaters end as well, correct? They don't want to spend any more money if they can help it.
Sent from my SAMSUNG S7. |
possibly, unless the router can connect to a VPN, but I doubt it can. I'd say go into each router and forward the needed ports to the repeater's inside IP address. Then tell the Sonicwall peeps to let it through the firewall. I'm thinking that should get you what you need.
Let Rick weigh in. Lately I've done more desktop than networking. |
https://uploads.tapatalk-cdn.com/201...b32ad7b253.jpg
This is the only config I have inside the unit. Sent from my SAMSUNG S7. |
dat Windows XP
So that is the config of the repeater or the router? If that's the router then fak. |
That is the only config I had inside repewter IP box. I've been. Reading on it all evening. Most ppl say I need VPN, then some.say no VPN needed. It has settings for unicast and multicast.
Sent from my SAMSUNG S7. |
:uhohshrug: brb lemme go look at it tomorrow after work
Sent from my LG V20 |
I got told last night the guy that set up the current VPN between the cars and server was going to do it. Which is fine. He's already familiar w the sonicwall. I really wanted to do it just to learn
Sent from my SAMSUNG S7. |
This is a system that needs to be simple and robust. Public IP or port forwarding would both be fine, but VPN is excess complication.
That 172.16 IP is private, not public. Port forwarding would definitely be needed for that. |
yeah, VPN while being more secure, adds a layer of shenanigans
YayBo, can you meet up and watch the dude while he configures it or will it be done remotely? |
I just left meeting with him. This is the plan as of right now. I'm going to configure the main device, which is behind the sonicwall, to see the 2nd device, which is behind nothing but a modem. That 2nd device will have simple port forwarding done (all ports since its the ONLY thing on that modem) so that it can Rx the packets. It won't be able to Tx back to the main because it's behind the firewall. Then I will call the sonic wall guy, and he will remote in and see what port the devices are communicating on and open that one on the sonic wall.
I may not have explained it very good....but it makes sense in my head |
makes sense to me
:fistbump: |
And yet another snag..
According to Kenwood, we were not putting the correct addresses in the repeater. It states that 1 entry in the screen I posted above has to be the local IP address. I assumed this would be the internal address. But, they said the subnet and gateway HAVE to be the same at both locations. So, what I did is had him program the 1st useable static IP address ISP assigned in slot 1, and the 2nd in slot 2. Now I have to call in and have the ip address at site 2 changed to the 2nd usable static address they assigned. I think... Sent from my SAMSUNG S7. |
|
Cliffs pls
|
USB-C/Thunderbolt/Active/Passive/3.0/3.1/wattage = very confuse
|
Pinche electronics
|
Stonehenge, you're probably seeing tickets about this...
User tries to sign in to mailbox and receives error "OwaUserHasNoMailboxAndNoLicenseAssignedExcept ion" https://portal.office.com/AdminPorta...lerts/EX280059 says "We've identified that two separate processes are attempting to update a user at the same time, causing contention when applying their licence." https://portal.office.com/AdminPorta...sages/MC281145 is titled "Retirement of (Azure AD) Graph and license assignment operations and updates to license management APIs" Gee, I wonder what the cause might be. :picardpalm: Thanks, Microsoft! |
Quote:
Already been with Equifax for 6 years now :bitchin: |
| All times are GMT +1. The time now is 05:53 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.