Within our co-located networking closet, we have control over two ranges of 254 addresses, e.g. 64.123.45.0/24 and 65.234.56.0/24. The problem is, if a host has only one IP address, or a block of addresses in only one range, it can't contact any of the addresses in the other subnet.
- All of our hosts use our hosting provider's respective gateway, e.g. 64.123.45.1 or 65.234.56.1
- A host on the 64.123.45.0/24 range can contact the 65.234.56.1 gateway and vice-versa
- Everything in our closet is connected to an HP ProCurve 2810 (a Layer 2-only switch), which connects through a Juniper NetScreen-25 firewall to the outside world
What can I do to enable communication between the two ranges? Is there some settings I can change, or do I need better networking equipment?
Best Answer
You need to add your subnets as trusted subnets on your firewall
in juniper - I think it is done via virtual router interfaces ; so you may have to create rules of any - any from either of the subnets to each other.
So on 64 network interface you will add 65.x.x.x as a trusted subnet allowing any-any traffic in both directions and the same on 65.x.x.x interface.
Check your firewall KB or manual and it will tell you which mode it should be in - i think it is the "route mode"