Question How to connect a NAS to multiple separate physical LANs that are under the same major LAN ?

[Shayanzas]

I think I should give a little context here to explain my situation, I haven't done much with NAS beyond a single LAN, I might just be over complicating this honestly.

Essentially, we have our main LAN that we use for our work office and then we have main LAN connect to another Router to physically seperate that network, because that network is for restoring and backing up a lot of different equipment, it's constantly restoring something, so we made its own separate thing which is fine. But we've quickly overgrown our imaging server, and we're essentially running out of bandwidth and need to create a 2nd server, we're very limited by our software, which I'm not really in the position to change.

Right now, all the backups/images/files are on a local NAS within that Imaging server's LAN. But with the creation of a 2nd server, it seems a bit redundant to have 2 local NAS on 2 separate servers, and was wondering if there was a way to have both the 2 seperate LANS connect to a NAS that's most likely on the main network.

I'm pretty open to a few different ideas here, I've tried looking online about this, but a lot of the discussions regarding this are all home related networking solutions, so they're all just kinda like, well why would you do that for your home. So I'm at an impasse of what the most ideal solution is here.

If this doesn't really make sense, I'm glad to clarify

 

[cruisetung]

** I don't have a NAS and I use Zerotier personally **

Use (Overlay) VPN, where you get another set of private IP addresses for your devices.

No router/firewall port forwarding required.

Assuming you have Synology and you install Netbird as example. You can host your own Netbird sevver if you want.

And you use Synology Drive Client to connect to the NAS you wanted in another LAN but use the overlay IP assigned by the VPN and do the backup

View: https://www.youtube.com/watch?v=eCXl09h7lqo

View: https://www.youtube.com/watch?v=Kwrff6h0rEw

View: https://www.youtube.com/watch?v=9VKOAe_T038

 

[bill001g]

You are going to have to explain a little more slowly and clearly. I am unsure what is on your second network and what restrictions there are on devices in that network.

I will assume you are talking simple consumer routers where you hooked the WAN port of the router to the main network and then have things connected to the lan ports for your secure network.

---------network1---(wan)router(lan)---network2--

If you use a consumer router things on network2 can get to stuff on network1 but not the reverse. This provides some isolation and security but it really depend on software setting on the end devices.

What I don't understand is where your NAS is, where you want to place the new nas and what restrictions you need.

There are a couple option depending on the details.

First there are NAS device that actually have multiple ethernet ports on them. They can actually be plugged into different networks at the same time. How exactly this is done depends on the model of the NAS and the software it runs.

The most common way to run multiple networks is to buy a actual "router". The reason they are called routers is they "route" traffic between multiple networks. The boxes you buy in consumer electronics stores are missing this key feature. They should really be called gateways and not routers. Mostly this is because home users don't really need a router and they can be complex to setup. You can get very inexpensive ones from companies like mikrotik. Almost all these contain very basic firewall functions so you can limit traffic between the networks. There are of course ones with very advanced firewall abilities for protecting servers exposed to the internet.

Also in very simple cases you might be able to use port forwarding rules to allow communications between network1 and network2

 

[Ralston18]

And I will add the suggestion to post a simple sketch showing the desired/required network topology.

Include modem, router(s), shared devices (e.g., the NAS) etc. including makes and models along with ports and connectivity between devices.

Does not be to be a fancy diagram - just enough to show the functional network environment.

You can find many example diagrams on line.

Take a photograph or scan Your network diagram and post the diagram here via imgur (www.imgur.com) > green "New post" icon.

Be sure to indicate security requirements, subnets, and so forth.

Overall making it easier to understand what is now in place and the objectives at hand.

 

[Shayanzas]

So this is the current set up of how it is now, I made that post a bit late in the night, so left out some important details.

https://imgur.com/a/MyFRkHL

View: https://imgur.com/a/MyFRkHL


We have an enterprise router/switches on our server rack for our LAN 1.
LAN2 & LAN3 are small, and are using a SOHO router with a Desktop computers attached to it with unmanaged switches.

The NAS is currently on LAN 2, It's technically just an SSD shared on the network, so whatever devices connect to LAN 2 on ethernet can do whatever backups and restores it needs to.

Ideally we need LAN 3 to also connect to the NAS, on LAN 2.

So, my main concern was 2 things, If I'm adjusting firewalls and port settings for LAN 3 to connect to LAN 2 to connect to the NAS, it is pulling data that is fairly large usually 20GB+, and I'm worried about bandwidth here. I would assume having the NAS be on LAN1 or LAN 2, would in theory slow down the overall network when LAN 3 is trying to access the NAS.

Albeit; I know some NAS server devices like Synology have multiple ethernet ports, in theory can I just literally plug all 3 LANs into a NAS device and call it a day?

I hope this better provides more context, I also did consider using a VPN between the 2 devices as well, but they're fairly close in distance about 20 feet or so, I also have never used a VPN to connect to 2 seperate LANs, just for gaming, so my knowledge on them is non-existent