From owner-freebsd-questions@FreeBSD.ORG  Mon May 29 00:31:39 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8181C16A441
	for <freebsd-questions@freebsd.org>;
	Mon, 29 May 2006 00:31:39 +0000 (UTC)
	(envelope-from cscotts@mindspring.com)
Received: from relay03.pair.com (relay03.pair.com [209.68.5.17])
	by mx1.FreeBSD.org (Postfix) with SMTP id 0842043D46
	for <freebsd-questions@freebsd.org>;
	Mon, 29 May 2006 00:31:38 +0000 (GMT)
	(envelope-from cscotts@mindspring.com)
Received: (qmail 53499 invoked from network); 29 May 2006 00:31:37 -0000
Received: from unknown (HELO ?192.168.1.101?) (unknown)
	by unknown with SMTP; 29 May 2006 00:31:37 -0000
X-pair-Authenticated: 68.79.15.21
Mime-Version: 1.0 (Apple Message framework v750)
Content-Transfer-Encoding: 7bit
Message-Id: <8C402A85-9C04-4454-B846-7A5F0D47841C@mindspring.com>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
To: freebsd-questions <freebsd-questions@freebsd.org>
From: Scott Sipe <cscotts@mindspring.com>
Date: Sun, 28 May 2006 19:31:36 -0500
X-Mailer: Apple Mail (2.750)
Subject: Network Design
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 29 May 2006 00:31:39 -0000


I'm helping a small business expand their networking.

right now they have one office location (with a freebsd firewall box,  
and a freebsd box running db, web, samba, etc).

Their main office location has:
- 3 external static IPs on a DSL connection (all aliased on one nic)
- an internal network of 10.0.0.0/255.0.0.0
- a wireless network with IP range 192.168.1.0/255.255.255.0 (nat'ed  
and running off the firewall box)

They are adding a second warehouse location. It will also have one  
static IP address (running on dsl also). I'd like to get a IPsec  
connection going between the location so all warehouse traffic goes  
through the main branch. I've done this much before.

They also want to subdivide up the network at their main location so  
some terminals can be on gige and some are on 100. I believe I've  
read you shouldn't mix and match 100/1000?

I don't really have any experience with how subnetting and IP ranges  
should work for a configuration like this (local network, remote  
ipsec location, wireless network, etc).

Looking for any assistance (advice, links, anything!) on how to setup  
a sane and well designed network.

Scott