Rich Gregory
New Around Here
We presently have 1 public IP address from the ISP's modem, one router (a "TotoLink a1004"), and two buildings.
We also have a (not-yet-in-service) Asus AC2900 (RT-AC86U) with AsusWRT firmware (OpenVPN supported).
There is a single CAT6 run from the network closet in building "H" (with the modem and router/s) to building "G" where all my users are. (The 2 buildings are next to each other and WiFi is not an issue to reach all of both buildings.)
Everybody's on one subnet so folks can save to shares on each others' PCs.
We do not need to worry about users in building "H".
Building "G" users will be a mix of wired and WiFi users:
* some who *must* be behind a new VPN, and
* some who *cannot* be.
We cannot move the router to building "G." (Although I suppose if it's the only answer, we'll have to.)
We cannot lose the ability to save between PC file shares.
The a1004 does have port forwarding that is required and working well for several devices. It also has an unused DMZ.
The a1004 is not OpenVPN capable but we must add OpenVPN for some new devices.
Devices behind the VPN need ability to save to a file share on the standard (non-VPN) LAN.
Port forwarding is for non-VPN, wired connections in building "G."
Must we use 2 routers -or- can the ASUS do everything?
I assume everything gets easier (though still beyond me) if I need only the AsusWRT router to serve both OpenVPN connections (to wired and WiFi devices) AND standard (non-VPN) connections (to wired and WiFi devices).
Does the fact that devices need to "talk" to each other mean I must have one subnet? (One subnet and one DHCP server is preferred, is it possible?)
I expect I left out some details you may need, so I look forward to helping you help me!
NOTES:
a1004 firmware: Version 9.54
a1004 specs: https://www.anteny24.com/totolink-a1004-ac750-router-test
We also have a (not-yet-in-service) Asus AC2900 (RT-AC86U) with AsusWRT firmware (OpenVPN supported).
There is a single CAT6 run from the network closet in building "H" (with the modem and router/s) to building "G" where all my users are. (The 2 buildings are next to each other and WiFi is not an issue to reach all of both buildings.)
Everybody's on one subnet so folks can save to shares on each others' PCs.
We do not need to worry about users in building "H".
Building "G" users will be a mix of wired and WiFi users:
* some who *must* be behind a new VPN, and
* some who *cannot* be.
We cannot move the router to building "G." (Although I suppose if it's the only answer, we'll have to.)
We cannot lose the ability to save between PC file shares.
The a1004 does have port forwarding that is required and working well for several devices. It also has an unused DMZ.
The a1004 is not OpenVPN capable but we must add OpenVPN for some new devices.
Devices behind the VPN need ability to save to a file share on the standard (non-VPN) LAN.
Port forwarding is for non-VPN, wired connections in building "G."
Must we use 2 routers -or- can the ASUS do everything?
I assume everything gets easier (though still beyond me) if I need only the AsusWRT router to serve both OpenVPN connections (to wired and WiFi devices) AND standard (non-VPN) connections (to wired and WiFi devices).
Does the fact that devices need to "talk" to each other mean I must have one subnet? (One subnet and one DHCP server is preferred, is it possible?)
I expect I left out some details you may need, so I look forward to helping you help me!
NOTES:
a1004 firmware: Version 9.54
a1004 specs: https://www.anteny24.com/totolink-a1004-ac750-router-test
