Within our co-located networking closet, we have control over two ranges of 254 addresses, e.g. 64.123.45.0/24 and 65.234.56.0/24. The problem is, if a host has only one IP address, or a block of addresses in only one range, it can't contact any of the addresses in the other subnet.
- All of our hosts use our hosting provider's respective gateway, e.g. 64.123.45.1 or 65.234.56.1
- A host on the 64.123.45.0/24 range can contact the 65.234.56.1 gateway and vice-versa
- Everything in our closet is connected to an HP ProCurve 2810 (a Layer 2-only switch), which connects through a Juniper NetScreen-25 firewall to the outside world
What can I do to enable communication between the two ranges? Is there some settings I can change, or do I need better networking equipment?
You need to add your subnets as trusted subnets on your firewall
in juniper - I think it is done via virtual router interfaces ; so you may have to create rules of any - any from either of the subnets to each other.
So on 64 network interface you will add 65.x.x.x as a trusted subnet allowing any-any traffic in both directions and the same on 65.x.x.x interface.
Check your firewall KB or manual and it will tell you which mode it should be in - i think it is the "route mode"
Sounds like the Juniper firewall isn't allowing traffic from one subnet to the other. Especially if you can ping the opposite gateways, but still can't route from one subnet to the other.
I'm not familiar with Juniper equipment, but it should just need the firewall modified. If someone knows how to do this, please edit it in.