Hello All and thanks in advance for any help provided.
I am hoping that some light can be shed on two different questions affecting the SOHO network I am building out. To answer any "Why?" questions in advance as to why I am trying this:
1) I am self taught in computers/networks but have little practical experience in implementation;
2) I just want to learn - even if I'm making this particular exercise more difficult that it needs to be;
3) I want to segment my network for security reasons;
4) Why not? - I like to tinker
Question 1 - I am preparing to deploy a media server and NAS on a separate VLAN than the rest of my network. My topology will be:
Cable Modem >> Netgear 5 Port Gigabit Prosafe VLAN capable switch >> (VLAN 1 - Server/NAS)
>> (VLAN 2 - Desktop Computer) >> (Possible VLAN 3 - Wireless AP).
VLAN 1 is Port 1 (to gateway) Port 2 (Server), and Port 3 (NAS)
VLAN 2 is Port 1 (to gateway) and Port 4 (Desktop)
VLAN 3 (if implemented) is Port 1 (to gateway) and Port 5 (Wireless AP)
To this end I understand what VLANs do and that they will not see each other unless there is a layer 3 switch or a router to communicate between the VLANs. Under this configuration, if my understanding is correct, the three VLANs should be separate and distinct networks -right?
What happens then if I share a resource between VLANs like the NAS? If my NAS is on VLAN1 and VLAN 2, and VLAN 1 gets compromised, will the hacker then have access to VLAN 2 via the shared resource?
Question 2 - My NAS is a Synology DS214 Play. It is currently deployed with remote access to the Synology DS Video application enabled. When on my LAN I can access the NAS and stream movies - no brainer there.
When on a device running over cellular, (iPad), I can access the NAS and stream movies - simple enough but why burn up my data plan.
BUT - when connecting to the NAS through another LAN/WAP I can connect to the NAS for monitoring and administration only but can not connect to stream movies. I can't even get the application to connect. Can anyone explain why a remote connection of cellular data would work but a remote connection over another LAN would not? I would think that if it was a port forwarding issue than the remote access from a cellular plan would have the same issues.
Any thoughts would be appreciated.
Thanks.
I am hoping that some light can be shed on two different questions affecting the SOHO network I am building out. To answer any "Why?" questions in advance as to why I am trying this:
1) I am self taught in computers/networks but have little practical experience in implementation;
2) I just want to learn - even if I'm making this particular exercise more difficult that it needs to be;
3) I want to segment my network for security reasons;
4) Why not? - I like to tinker
Question 1 - I am preparing to deploy a media server and NAS on a separate VLAN than the rest of my network. My topology will be:
Cable Modem >> Netgear 5 Port Gigabit Prosafe VLAN capable switch >> (VLAN 1 - Server/NAS)
>> (VLAN 2 - Desktop Computer) >> (Possible VLAN 3 - Wireless AP).
VLAN 1 is Port 1 (to gateway) Port 2 (Server), and Port 3 (NAS)
VLAN 2 is Port 1 (to gateway) and Port 4 (Desktop)
VLAN 3 (if implemented) is Port 1 (to gateway) and Port 5 (Wireless AP)
To this end I understand what VLANs do and that they will not see each other unless there is a layer 3 switch or a router to communicate between the VLANs. Under this configuration, if my understanding is correct, the three VLANs should be separate and distinct networks -right?
What happens then if I share a resource between VLANs like the NAS? If my NAS is on VLAN1 and VLAN 2, and VLAN 1 gets compromised, will the hacker then have access to VLAN 2 via the shared resource?
Question 2 - My NAS is a Synology DS214 Play. It is currently deployed with remote access to the Synology DS Video application enabled. When on my LAN I can access the NAS and stream movies - no brainer there.
When on a device running over cellular, (iPad), I can access the NAS and stream movies - simple enough but why burn up my data plan.
BUT - when connecting to the NAS through another LAN/WAP I can connect to the NAS for monitoring and administration only but can not connect to stream movies. I can't even get the application to connect. Can anyone explain why a remote connection of cellular data would work but a remote connection over another LAN would not? I would think that if it was a port forwarding issue than the remote access from a cellular plan would have the same issues.
Any thoughts would be appreciated.
Thanks.
Facebook
Twitter
Instagram