badbass Posted December 10, 2013 Share Posted December 10, 2013 (edited) Has any ran into this before. The owner wanted to save money. He is switching to verizion fios. I am getting 5 static ip addresses for his bar. One of them has to have certain ports ports 21, 3306, 8080, 80,25,443,135,4000,1035 on one subnet. Can I create a dmz and open ports for the one subnet for a piece of software/awesome network appliance I use. one is for my point of sale the usual point of sale lock down security. one is going to be for an access point. For pci compiance i need one subnet locked down. Can this be done. Connect a 3 routers to the actiontec box. Connect a 3 switches to the actiontec box. Use a managed switch that supports multiple vlans connected to the actiontec box. One vlan conected to each subnet on the actiontec box. 3 vlans vlan one to port one on the fios box box vlan 2 to port 2 on fios box vlan 3 on port 3 fios box. Am I even close to any thing that will work. Edited December 10, 2013 by badbass Quote Link to comment Share on other sites More sharing options...
badbass Posted December 10, 2013 Author Share Posted December 10, 2013 (edited) One thing I forgot is can dhcp be turned off all my pc's use private static ip addresses too. Edited December 10, 2013 by badbass Quote Link to comment Share on other sites More sharing options...
badbass Posted December 11, 2013 Author Share Posted December 11, 2013 (edited) My plan of action use a generic switch to test it. Then put one 2950 12 port in there. 3 vlans Edited December 11, 2013 by badbass Quote Link to comment Share on other sites More sharing options...
yabasoya Posted December 24, 2013 Share Posted December 24, 2013 How is it going over there at the bar? I don't know your situation, or the bar but using vlans and 5 static ips seems overkill for a bar setup. Your modem should have several ethernet ports in the back, each can be a separate subnet. If not, connect to an unmanaged switch to break out your ips. If you need to separate everything, 1)Static IP --> Router --> POS system (DHCP Internally). Open ports as needed. 2)Static IP --> Wireless Router for public use (DHCP Internally). 3)Static IP --> Router with all your open ports, or if a camera system connect direct to modem. You can really get away with DCHP service from FiOS, dyndns, a router with guest wifi separation, and port forwarding. But again, I don't know your exact situation and I need to read up on pci compliance. Those ports you mention seem odd to me, especially 135. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.