I'm working with an existing network where the connection from the Internet is passed through a pair of wireless devices before being split into several distinct networks. Something like: https://imgur.com/Gmx2NJ5. While this works, the two wireless devices are not addressable from any of the private networks, nor from the Internet. This was intentional, however it makes maintenance remote maintenance as well as local maintenance difficult.
These wireless devices have only a single Ethernet interface, no secondary maintenance interface.
In order to allow remote maintenance we've come up with this unholy abomination: https://imgur.com/h1PdT5B.
I'd appreciate some help in figuring out exactly what is likely to go wrong with this setup, and ideally some ideas on how to solve them.
Router H is intended to be a publicly addressable device which could provide NAT/port-forwarding to the two wireless devices. The Internet is connected to both the WAN and LAN sides of the device, which feels wrong, but since the local network uses private addresses I can't actually think of what could go wrong here since my understanding is that traffic shouldn't be able to be routed into this network from the Internet.
Router I is intended to 'bridge' the 192.168.3.x network and 10.0.0.x network, allowing local maintenance from the 192.168.3.x network. Ideally it would only forward traffic from specific devices. This may instead be a computer with two network interfaces. Either way, this device will be connected directly to the Internet, however again it will only have a private IP address which shouldn't (as I understand) be addressable from any device on the Internet.
Please correct me where I am mistaken, and thank you in advance!
No comments:
Post a Comment