how to connect two networks via lan

emilianotomei
Comes here often

how to connect two networks via lan

hi everyone, I have some difficulty connecting two networks, better if I explain:

 

  • I have an organization with two separate networks, Koysha OFFICE and Koysha CAMP
  • each network has its own internet access on vsat C each satellite modem provides a / 29 public address
  • each network has two MX100 (primary master and primary spare), each with its own public ip, connected on WAN1 to the network ports of the satellite modem
  • each network has two MS350s stacked, therefore distinct and separate subnets and vlan
  • the two networks are about 10 km apart
  • between the two networks there is a hill that prevents direct linking to connect the two networks I set up four pairs of ubiquiti airfiber (L2): two couples go around the hill from the right and two couples go around the hill from the left; right link to 2Gb and left link to 1Gb

 

  1. the first problem is the following: how can I connect the two networks so that they both reach all or some subnets? 
  2. the second problem is the following: how can i get two ip of the Koysha OFFICE satellite modem to the WAN 2 of the Koysha CAMP MX100 and get two ip of the Koysha OFFICE satellite modem to the WAN 2 of the Koysha CAMP MX100?
  3. the third problem is the following: how can I reach the eight airfibers which are managed by UNMS and AirControl Ubiquiti?
  4. the fourth problem is the following: since the two core stacks are rstp root for their respective networks ... how can I prevent it from going crazy?

 

any suggestions are appreciated, thanks

et
2 REPLIES 2
MerakiDave
Meraki Employee

Hello @emilianotomei  I'm not sure I follow the desired design so wanted to confirm. It sounds like you have separate ISP links at each location, so it should be simple to connect the two sites via AutoVPN over the VAST links, but you also still want to have LAN extension that extends across both locations?

 

Perhaps that is because you have some high-bandwidth traffic that needs to pass between the two sites over a gigabit LAN extension, you would rather have that take the direct gigabit LAN path, instead of taking the low bandwidth AutoVPN path over the VSAT?

 

You also mentioned WAN2 interfaces. If you're doing LAN extension between the sites, then your Ubiquuiti gear would be connecting into the LAN ports of the MX appliances, not WAN2 actually. Even though that could be viewed a "wan" link to interconnect the sites, it's a private LAN connection. Then you would just configure the VLANs and create an SVI with an IP address for each subnet on both MX appliance pairs in each site, and the AirFiber path would be a trunk interface for the extension of the LAN segments between sites. Then in each site, all the non-LAN traffic would egress the respective MX and go VSAT to the ISP.

 

Or perhaps you were looking to make the LAN extension between the MS350 stacks in each site and have the same concept, with the MS350s (instead of the MXs) doing the LAN extension and interVLAN routing?

 

ciao Dave,

the provider is the same, Talia. the VPN via vsat is discarded:

the reference satellite is Arabsat, orbit 36000 km .... latency is 600ms, 10Mbps download, 5Mbps upload

performance would be poor

the link must be via lan

 

the ubiquiti port cannot be connected to the two wan of the MX, because the MX are two in the OFFICE (primary & spare) and two in the CAMP (primary and spare): four interface port

the ubiquti interface must be connected to a switch (RADIO_CONCENTRATOR_SW10), because there are other 12 antennas connected, and it's connected with 8 aggregate port (four to MS350_sw01 and four to MS350_sw02)

 

also all the MX are configure as routed, and only know one subnet that comes from the coreswitch, all the others subnet inside lan and unknow

 

i thik lan extension is the best configuration....how to do?

et
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels