How to link a NAS across several distinct physical LANs within the same major LAN?
How to link a NAS across several distinct physical LANs within the same major LAN?
I believe adding a bit of background here will help explain my situation. I haven’t worked much with NAS beyond one LAN, and I think I might be overcomplicating things honestly.
In short, we use our primary LAN for the office, and then connect another router to a separate network that handles equipment restoration and backups—it’s always being restored, so we built a dedicated system which is acceptable. However, our imaging server has grown too large, we’re running out of bandwidth, and we need a second server. Our software limits what we can do, and I’m not in a position to change it.
Currently, all backups, images, and files are stored on a local NAS inside the imaging server’s LAN. But with the addition of a second server, it seems unnecessary to have two local NAS on separate servers. I was wondering if there’s a way to connect both separate LANS to a single NAS, likely located on the main network.
I’m open to exploring various options, but most discussions online seem focused on home networking solutions, which makes me question whether this is really necessary for our setup.
If this isn’t making sense, I appreciate the clarification.
I don't own a NAS and I use Zerotier for myself.
You can connect via (Overlay) VPN to receive private IP addresses for your devices.
No need for router or firewall port forwarding.
If you have Synology, installing Netbird is an option.
With Synology Drive Client, access the NAS in another LAN using the overlay IP from the VPN and perform backups.
See: https://www.youtube.com/watch?v=eCXl09h7lqo
See: https://www.youtube.com/watch?v=Kwrff6h0rEw
See: https://www.youtube.com/watch?v=9VKOAe_T038
I need to clarify a few things about your second network setup. I’m assuming you’re using a basic consumer router, connecting its WAN port to your main network, and then linking devices on the LAN ports to a separate secure network.
If you follow this setup, items on network 2 can access parts of network 1, but not vice versa. This helps with some level of separation and security, though it relies heavily on how the software is configured on the devices.
I’m still confused about the location of your NAS and the requirements for adding a new NAS. What restrictions should I expect?
There are different approaches depending on the specifics. One option is using a NAS that has several Ethernet ports. These can connect to multiple networks at once, but how it works depends on the model and its software.
The most straightforward method is to purchase a dedicated router. They’re called routers because they manage traffic between different networks. Consumer electronics stores usually don’t sell routers—they’re often labeled as gateways instead. This is mainly because home users typically don’t need a full router and it can be complicated to set up. You can find affordable models from brands like MikroTik. Most of these have basic firewall features, which help control traffic between networks. There are also more advanced options with stronger firewall capabilities for protecting servers that connect to the internet.
In simpler scenarios, you might be able to use port forwarding rules to enable communication between network 1 and network 2.
And I will propose including a straightforward sketch of the intended or needed network layout.
Add details about the modem, routers, shared devices such as the NAS, their makes, models, and connections between them.
Avoid creating overly complex diagrams—just enough to clearly illustrate the functional setup.
You can locate numerous example diagrams online.
Take a picture or scan your current network diagram and submit it here via imgur (www.imgur.com) using the green "New post" icon.
Make sure to mention security needs, subnets, and related aspects.
This will help clarify the setup and objectives at hand.
This is the current configuration of our network setup. I posted it late at night, which means some key points were omitted.
https://imgur.com/a/MyFRkHL
See the link for more details.
We have an enterprise router or switch on our server rack for LAN 1.
LANs 2 and 3 are small, using a SOHO router with desktops connected via unmanaged switches.
The NAS is currently on LAN 2—it functions as a shared SSD over the network, so any devices on LAN 2 connected via Ethernet can perform backups and restores as needed.
Ideally, we’d like LAN 3 to also connect to the NAS, preferably on the same LAN as LAN 2.
My main concerns are twofold: first, if I modify firewall rules and port settings for LAN 3 to link to LAN 2 for NAS access, it tends to pull in large data transfers—often around 20GB or more—and I’m worried about bandwidth limitations. Second, I assume placing the NAS on LAN 1 or 2 would slow down the entire network when LAN 3 tries to reach it.
Although I know some NAS devices like Synology support multiple Ethernet ports, I’m unsure if connecting all three LANs directly to a single NAS would be feasible.
I also considered using a VPN between the two devices, but they’re only about 20 feet apart, and I’ve never used a VPN for this purpose—especially not for connecting separate LANs, even for gaming. My understanding of VPNs in this scenario is limited.
If no firewall were in place, there would be complete routing across all VLANs? Yes, any device could, for instance, ping another device. It should be as simple as adding a firewall rule that lets all devices access the IP address of the NAS on VLAN2. This shouldn’t slow down the entire network, though it depends on the setup. The main factors are how the core network is linked and the configuration of the switches.
Consider two extreme scenarios. In one, everything connects to the same switch—every port could operate at full capacity. A 16-port gigabit switch would handle 32 gigabits, which is a non-blocking setup most modern switches support (unless they have many 10Gb ports). This prevents overloading the switches.
In another case, you connect a core switch to all LAN devices, then link two additional switches for LAN2 and LAN3. If the cables are poor and connected back to the core switch at 100Mbps, each device on every LAN can transmit at full speed because the traffic stays within the switch. This means all LAN traffic is confined to 100Mbps, making it easy to overload the connection.
In practice, modern equipment usually uses 10Gb or faster ports between switches. This remains a constraint but is unlikely to be caused by NAS traffic if it becomes overloaded. The NAS is typically linked via a 1Gb cable, which would likely fail before the switch connections reach their limit. The performance also depends on the NAS hardware—especially if it uses magnetic media, it may not even reach 1Gb.
The diagram serves as an initial reference but requires additional clarity. List all the connected devices on each LAN, providing their current IP addresses and subnet masks where relevant. Highlight how connectivity is structured. Define precise network and physical requirements, noting any security rules such as restrictions between LAN segments. Determine exact network needs before selecting switches, NAS units, and other equipment, ensuring performance expectations are met. Finally, specify the necessary IP addressing and subnet configurations to satisfy these goals.
I acknowledge my limitations with routing, but I’ll give it a shot.
Based on the setup, here’s what to do:
Assuming
Main LAN 192.168.1.0
Second LAN 192.168.2.0 with a fixed WAN IP of 192.168.1.2
Third LAN 192.168.3.0 with a fixed WAN IP of 192.168.1.3
Both the second and third LANs’ WAN ports link to the main LAN 192.168.1.0, and both support static routes.
If you prefer not to install any software, consider:
1. Turning off NAT and using pure routing on both second and third routers.
2. On the second LAN router, set a static route with destination 192.168.3.0/24, gateway 192.168.1.3 (third LAN’s WAN).
3. On the third LAN router, set a static route with destination 192.168.2.0/24, gateway 192.168.1.2 (second LAN’s WAN).