Please give some tips on setting up a local network in the office, I do not really understand network technologies.

You need to create a wireless local area network in the office with Internet access and a network printer.

Separately, select the guest network without access to the company's local network

Due to the fact that the management office is fenced with a thick glass showcase inside, it practically does not catch wi-fi, at the moment there is only a router 1, the signal level is about 10-15%.

It is necessary to do with minimal cosmetic changes in the office and if it is possible to do everything with one cable

I created an approximate office layout:

enter image description here

Read the information on the network

  1. On router 1, you do not need to change the settings, check the DHCP automatic distribution. From the LAN connector of router 1, you need to pull the cable into the WAN connector of router 2

  2. Set router 2 to network bridge mode and pull cable from router’s LAN connector 3 into its WAN connector.

  3. From the LAN connector of router 3, pull the cable into the network printer

Tell me where I am wrong and what could be the problem?

  • one
    Do I understand correctly that all office computers must also be connected via a wireless network? Having transferred the working infrastructure to Wi-Fi, you will ogrebёt problems with its functioning. I recommend to immediately tell the director that at this level you do not understand the networks, and give it to the contractor. Consider: to do what he planned, at a normal level, is comparable to the re-laying of the cable network and subsequent redecoration, and the collective farm on home-class routers will inevitably and repeatedly. - Alexander Prokoshev
  • I do not see the need for a third router. Or the clients farthest from the first router don't catch a damn either? then I would move the first router to the angle of the aquarium. - Akina
  • @Akina, yes you are right, distant clients also hardly catch wi-fi. Moving the router does not work, a very short cable that networkers were laying, the distance on the diagram is as far as I can pull it out and put the router there is no possibility, it will spoil the appearance in the office - Dmitry
  • one
    @AlexanderProkoshev at the moment everything is working through wi-fi on one router ("Life is pain") - Dmitry
  • one
    If the network load is severe, Wi-Fi will not work. The severity of the load is determined by the volume of the document turnover within the network + share resources. So no one does. Connect clients only with wires, and create Wi-Fi for a guest network. During lunch with employees' microwave oven, with a network on Wi-Fi there are troubles :) - NewView

1 answer 1

Well, personally, I would have done so (a nischebrodski-enterprise version) enter image description here

SCS

  • Vitukhu would throw in the plinth. For each slave. places - 4 pairs (2 for 100mb. network and 2 for IP-phone) in the case of a socket. But it is possible, for example, to make a switch from an IP phone (for example, yealink t23g) and then to a slave. the place will need only 2 pairs.

  • Switch number 1 and the router would install bosses in the “aquarium” that would hang up to the ceiling - it looks not bad, there are only 2 (better than 4) holes in the wall for mounting + cable channel for it. However, nothing will change from its transfer except for the length of the twisted pair. If they have a mahogany cabinet, then it is probably better to place it in another place.

  • From switch number 2, I would have taken away a vituxe in the plinth to other slaves. stations on the right side. Printer and "aquarium" bosses in the same way to the switch number 1.
  • Access points can be hung on a false ceiling, and can be on the walls, fastened with one screw, look beautiful.
  • Distribution of wifi in the "aquarium" bosses can be assigned to the router. In this case, it is better to purchase dual-band (the one that in my example works only on 2.4GHz) or put another access point if this is not enough.

Network

! DISCLAIMER ! If you do not have this experience, it is better to enlist the help of specialists.

  • All connections between network equipment to make two links in the aggregated channel (of course, it must support the switches).
  • The network at the L2 level would have placed 3 vilans: vl100 - control; vl200 - service access; vl300 - guest access.
  • The terminator of the vilans is, of course, the router. Wilanahs come to access points: vl100 for control; For vl200 we distribute the gray network and NAT'im it on the router, thus we guarantee access to the lok. resources and the Internet; vl300 with a 5Mbit router router (enough for guests) per session, just like NAT'im to the Internet. The number of sessions is limited.
  • Workstations (including the print server) are served only by vl200 over a twisted pair, or via wifi in the service network.
  • Would use 2 aplinkas (providers) to provide fault tolerance. Perhaps the second provider - 4G / LTE
  • (optional) In case you need a good IP telephony - create a separate wilan for IP phones. So it will be easier in the future to define the QoS policies of the router.
  • (optional) I would get the cheapest nettop / orange pi for the Unifi controller and install it in the wiring closet. A very useful thing to manage / diagnose access points, strongly recommended for organizing seamless roaming (detailed howto in a huge number of can be found on ubnt.su).
  • (optional) Would route vl200 and vl300 to different white addresses, ideally to different providers.

Equipment

  • Router starting from mikrotik RB2011 (Observations are not bad at ~ 20 clients)
  • Access points starting from Ubiquiti UniFi AC Lite AP (Generally, any dual-band)
  • Switches starting from: Any managed (d-link / tp-link since low prices for an enterprise segment)
  • Switching cabinet for router and switch: https://shop.nag.ru/catalog/14021.Nastennye-shkafy/14031.4U/27237.SNR-BTS3004
  • It would not hurt to install the UPS, at least in the closet.