[SOLVED] Help with network restructuring.

Page 2 - Seeking answers? Join the Tom's Hardware community: where nearly two million members share solutions and discuss the latest tech.
Jan 17, 2020
22
0
10
Goodnight.

I have little time working as an assistant IT administrator in a company.
And I have been having problems with the client PCs, they lose the dhcp IP constantly and when i'm changing them to static, they still do not have Internet access sometimes because there is IP conflict, after a few days i change them.

Then a few weeks ago it started now to assign IP from another network (vlan 192.168.0.1-254): which is the one that works as backup internet output, when the fiber optic output fails; when the connection is lost again via IP. and in that network there is nothing assigned, so it is to have to go to change the ip to the network where there are printers, copiers and servers (vlan 192.168.1.1-254)

I have no idea why is happening this.

Could you help me to see how I could determine the fault in order to correct it?

And taking advantage of the post I also have the network currently exposed, slowing activities and also vulnerable to attacks and viruses.


The structure is currently like this:
1-fiber optic internet provider and copper cable internet provider
2-router vigor 3900
3- gigabite vigor manageable switch (I don't have the model at hand)
4- N number of gigabit and 10/100 non-administrable switches (tp-link brand mostly)
5- unmanageable wifi antennas operating as hotspot (tp-link too)
6- network of surveillance cameras interconnected by antennas with each other and the vigor switch (# 3)

(If u need model and brand of the hardware i can post it later)

I have read in this forum some ideas about how the composite network should be, but it is not very clear yet to me.

https://community.spiceworks.com/to...secure-network-for-an-enterprise-organisation

Ty in advance for the help.
 
Solution
OK, you need to ask your boss if you can spend some money, IMO. Unmanaged WIFI access points is bad. You can't have guest WIFI or segregate user's phones from other business devices. Those APs need to be replaced with something that is multi-SSID and VLAN aware. Those would be typical "business class" features.
You have a managed core switch. But you say you have a bunch of unmanged switches also. That might be OK. But again, a small capital purchase of managed switches will allow you CONTROL of your network. Standard business security would recommend that you administratively disable switch ports that are not in use. That prevents random devices from being added to your network without coordination.

I think you also...
Jan 17, 2020
22
0
10
That second modem should be tied to the vigor 3900. It is a multi-wan router that can handle failover. Why is it tied to the switch ?

Dunno. The guy who did the config. must done it wrong. Yes, it is. That's why my boss choose it as router.






So, i should disable it?, and there won't be that network anymore, but it doesn't matter bcause i don't have any use to it?