Best way to securely connect 2 offices in the same building for file sharing.

I need to connect two private companies located 100 feet apart in the
same building. Each company has its own Internet, dhcp, dns, domain,
etc. The companies want to be secure from one another as much as
possible. They want to share large files at high speed so Internet is
not an option. They do not want to do sneakernet. Basically it boils
down to doing what firewalls do over the Internet everyday, but with a
CAT6 cable between firewalls instead of an Internet connection.

I am considering the following but I'm not sure. HELP!!!!

1. Purchase 2 linksys firewall/router w/dmz
2. Run a single CAT6 drop between offices and connect to the WAN
ports between the firewalls.
3. Connect LAN port of each firewall to a switch on the respective LAN
4. Connect one workstation with a share to the DMZ port of each
firewall
5. Configure user workstations to route traffic destined for the other
network to their linksys firewall rather than their Internet router/
default gateway.
6. Linksys has a default gateway/route which points to the WAN IP of
the other Linksys.
7. Other linksys sends traffic to the network share on the DMZ.

Is this a valid config?
Can both WAN ports be on the same subnet or not?
Can I do it without a third router?
Any ideas?
thanks!

Re: Best way to securely connect 2 offices in the same building for file sharing.

In article <1190915906.551851.166010@w3g2000hsg.googlegroups.com>,
1crazyrican@gmail.com says...
> I need to connect two private companies located 100 feet apart in the
> same building. Each company has its own Internet, dhcp, dns, domain,
> etc. The companies want to be secure from one another as much as
> possible. They want to share large files at high speed so Internet is
> not an option. They do not want to do sneakernet. Basically it boils
> down to doing what firewalls do over the Internet everyday, but with a
> CAT6 cable between firewalls instead of an Internet connection.
>
> I am considering the following but I'm not sure. HELP!!!!
>
> 1. Purchase 2 linksys firewall/router w/dmz

Bad move - Linksys doesn't make quality firewalls and most of the
devices are NAT Routers that are NOT firewalls. A DMZ on most of the
Linksys units is just an IP, not a second network.

> 2. Run a single CAT6 drop between offices and connect to the WAN
> ports between the firewalls.
> 3. Connect LAN port of each firewall to a switch on the respective LAN
> 4. Connect one workstation with a share to the DMZ port of each
> firewall
> 5. Configure user workstations to route traffic destined for the other
> network to their linksys firewall rather than their Internet router/
> default gateway.
> 6. Linksys has a default gateway/route which points to the WAN IP of
> the other Linksys.
> 7. Other linksys sends traffic to the network share on the DMZ.
>
> Is this a valid config?
> Can both WAN ports be on the same subnet or not?
> Can I do it without a third router?
> Any ideas?
> thanks!

Setup a small server, dual NIC's, one nic for each client/customer, they
need different IP subnets, setup either FTP or a FileShare with a
user/password - now they can copy between their networks using the
server to share and neither has access to the others network directly.

Even an old Windows XP Prof PC or a Linux box would work - no firewall
needed.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Best way to securely connect 2 offices in the same building for file sharing.

On Sep 27, 3:12 pm, Leythos wrote:
> In article <1190915906.551851.166...@w3g2000hsg.googlegroups.com>,
> 1crazyri...@gmail.com says...
>
> > I need to connect two private companies located 100 feet apart in the
> > same building. Each company has its own Internet, dhcp, dns, domain,
> > etc. The companies want to be secure from one another as much as
> > possible. They want to share large files at high speed so Internet is
> > not an option. They do not want to do sneakernet. Basically it boils
> > down to doing what firewalls do over the Internet everyday, but with a
> > CAT6 cable between firewalls instead of an Internet connection.
>
> > I am considering the following but I'm not sure. HELP!!!!
>
> > 1. Purchase 2 linksys firewall/router w/dmz
>
> Bad move - Linksys doesn't make quality firewalls and most of the
> devices are NAT Routers that are NOT firewalls. A DMZ on most of the
> Linksys units is just an IP, not a second network.
>
>
>
>
>
> > 2. Run a single CAT6 drop between offices and connect to the WAN
> > ports between the firewalls.
> > 3. Connect LAN port of each firewall to a switch on the respective LAN
> > 4. Connect one workstation with a share to the DMZ port of each
> > firewall
> > 5. Configure user workstations to route traffic destined for the other
> > network to their linksys firewall rather than their Internet router/
> > default gateway.
> > 6. Linksys has a default gateway/route which points to the WAN IP of
> > the other Linksys.
> > 7. Other linksys sends traffic to the network share on the DMZ.
>
> > Is this a valid config?
> > Can both WAN ports be on the same subnet or not?
> > Can I do it without a third router?
> > Any ideas?
> > thanks!
>
> Setup a small server, dual NIC's, one nic for each client/customer, they
> need different IP subnets, setup either FTP or a FileShare with a
> user/password - now they can copy between their networks using the
> server to share and neither has access to the others network directly.
>
> Even an old Windows XP Prof PC or a Linux box would work - no firewall
> needed.
>
> --
>
> Leythos
> - Igitur qui desiderat pacem, praeparet bellum.
> - Calling an illegal alien an "undocumented worker" is like calling a
> drug dealer an "unlicensed pharmacist"
> spam999f...@rrohio.com (remove 999 for proper email address)- Hide quoted text -
>
> - Show quoted text -

Thanks. I'll try this out.