Can I put a W2K server machine between modem and wireless access point which is a DHCP and NAT server

I currently have the following home network configuration:

Broadband line into broadband modem-> into wireless access point (3 COM 3CRWE51196 - acting as a DHCP server and providing NAT has 3 "wired" ports)
Clients access internet/filesharing through wireless PCI cards.

Now I wish to change things for a specific reason and put a machine running Windows 2000 Server between the Modem and the access point so that it is not hidden by the NAT.

This machine has 2 network cards, one will be for the modem to go into and the other will be for the private LAN.
Now this is where I get confused.

The wireless Access Point has a specific port for the broadband (a DSL port) which i assume i will no longer use instead connecting the W2K machine into one of the standard Ethernet ports?

Also should I have the W2Kserver with a static private LAN IP and exclude this from the range the wireless access point gives out?

Will the LAN pcs be able to access the internet properly through this configuration - any special settings/software on the W2K server(I was going to use Microsofts ISA server as a firewall?
Will any of this be affected by the NAT on the access point which cannot be turned off? - the clients will therefore have to access the internet via the wireless gateway into the W2K server through the broadband modem......

Sorry for the questions...I just want to understand this and be sure of what will happen when i do this...thanks...

mistajjjAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

GrindCrusherCommented:
There should be a problem as long as you have ICS running on the 2K machine.

 Here would ba an example ip layout:
( Keep in mind that this is based on the access point  doing NAT with the 192.168.0.0 network)

Win 2k
Nic 1 -> Going to ISP
IP:  66.12.34.5
Mask: 255.255.255.192
Gateway: 66.12.34.1

Nic 2 -> Going to Access Point
IP:  172.16.10.1
Mask: 255.240.0.0


Access Point
Port going to win 2k
IP:  172.16.10.1
Mask: 255.240.0.0
Gateway: 172.16.10.1



Client 1
IP:  192.168.1.2
Mask: 255.255.255.0
Gateway: 192.168.1.1

Client 2
IP:  192.168.1.3
Mask: 255.255.255.0
Gateway: 192.168.1.1

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
GrindCrusherCommented:
oops there is a typo in the access point. It should be:

Access Point
Port going to win 2k
IP:  172.16.10.2
Mask: 255.240.0.0
Gateway: 172.16.10.1


0
mistajjjAuthor Commented:
Cool thats great...how do I install/setup Internet Connection Sharing on the W2K box?
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

GrindCrusherCommented:
Navigate to the control panel and click on the Network and Dial-up Connections icon

Double click on the network connection you will be using for your Internet access and click on the sharing tab

Place a check in the 'share this connection' box

Here is a link with a little more detail:

http://www.annoyances.org/exec/show/ics_2000

0
joeyxiongCommented:
I hope that the two of you are aware of the vulnerabilities of both ISA Server and ICS.  Why wouldn't you just put ISA Server on the server to protect it and sit it behind the wireless gateway.  That specific gateway router has DMZ capabilities.  Set up the server as a DMZ host and you should be able to do most if not all you need to do with your server.
0
GrindCrusherCommented:
I am aware of the issues with ISA and ICS. If you want a "more" secure server then I would go with what joey says about putting it behind the router.

The only problem with putting your server behind your firewall is now your allowing external networks into your private network.

 The issue comes down to how much you want to protect your server and how much you wanna protect your intranet.
0
jslingerlandCommented:
yo - seting your computer as the dmz host allows no protection at all -

windows 2000 server - dont use ic sharing - dhcp
0
joeyxiongCommented:
That's why I specified to install ISA Server and set it as a DMZ host.  This definitely is more secure than sitting the server between the ISP and the router.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Broadband

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.