Skip to main content

How To: One Internet connection - Two Private LANs

Setting Up

Figure 1 shows the basic network configuration, which is based on the setup I used for my community center project. It uses three routers - one to share the Internet, and two more to form two firewall-protected private networks.

The key requirement for setup is that each router must be set to a different Class C subnet.

TIP: Class C subnets have a maximum of 254 IP addresses, have the same first three "octets" in their addresses (ex. 192.168.3.X) and use a subnet mask of 255.255.255.0.

TIP: You don't have to use the 192.168.1.X, 192.168.2.X and 192.168.3.X subnets shown in the example. You can use any two private IP address ranges as long as they are different.

The top router ("Internet") takes the single Internet connection and shares it with everything connected to its LAN-side ports. But where you'd normally connect computers, we connect the WAN ports of two more routers - labeled "LAN 1" and "LAN 2" in Figure 1.

WAN setup for the "Internet" router depends on your ISP's requirements, but you have two options for the "LAN 1" and "LAN 2" router setups. You can either enable the "Internet" router's DHCP server and let it assign IP addresses to the other routers' WAN ports, or disable it and assign the IP addresses manually.

TIP: I suggest using the DHCP method, since if you enter the IP address info manually, you'll need to include the Gateway and DNS information, which you might have trouble figuring out.

You should be able to use normal UTP cables to connect the routers together. Connect any normal LAN port (don't use an "Uplink" port) on the "Internet" router to the WAN port of each of the two other routers. Illuminated Link lights at both ends of the connection should tell you when you've successfully connected.

LAN clients can all be set to obtain their IP address information automatically, or if you'd rather, you can set the addresses manually. Once everything's connected, you might have to Repair the connection on WinXP systems or use winipcfg or ipconfig to perform a manual DHCP release and renew, if you don't get a successful Internet connection on the first try. That's all there is to it!