mistajjj
asked on
Can I put a W2K server machine between modem and wireless access point which is a DHCP and NAT server
I currently have the following home network configuration:
Broadband line into broadband modem-> into wireless access point (3 COM 3CRWE51196 - acting as a DHCP server and providing NAT has 3 "wired" ports)
Clients access internet/filesharing through wireless PCI cards.
Now I wish to change things for a specific reason and put a machine running Windows 2000 Server between the Modem and the access point so that it is not hidden by the NAT.
This machine has 2 network cards, one will be for the modem to go into and the other will be for the private LAN.
Now this is where I get confused.
The wireless Access Point has a specific port for the broadband (a DSL port) which i assume i will no longer use instead connecting the W2K machine into one of the standard Ethernet ports?
Also should I have the W2Kserver with a static private LAN IP and exclude this from the range the wireless access point gives out?
Will the LAN pcs be able to access the internet properly through this configuration - any special settings/software on the W2K server(I was going to use Microsofts ISA server as a firewall?
Will any of this be affected by the NAT on the access point which cannot be turned off? - the clients will therefore have to access the internet via the wireless gateway into the W2K server through the broadband modem......
Sorry for the questions...I just want to understand this and be sure of what will happen when i do this...thanks...
Broadband line into broadband modem-> into wireless access point (3 COM 3CRWE51196 - acting as a DHCP server and providing NAT has 3 "wired" ports)
Clients access internet/filesharing through wireless PCI cards.
Now I wish to change things for a specific reason and put a machine running Windows 2000 Server between the Modem and the access point so that it is not hidden by the NAT.
This machine has 2 network cards, one will be for the modem to go into and the other will be for the private LAN.
Now this is where I get confused.
The wireless Access Point has a specific port for the broadband (a DSL port) which i assume i will no longer use instead connecting the W2K machine into one of the standard Ethernet ports?
Also should I have the W2Kserver with a static private LAN IP and exclude this from the range the wireless access point gives out?
Will the LAN pcs be able to access the internet properly through this configuration - any special settings/software on the W2K server(I was going to use Microsofts ISA server as a firewall?
Will any of this be affected by the NAT on the access point which cannot be turned off? - the clients will therefore have to access the internet via the wireless gateway into the W2K server through the broadband modem......
Sorry for the questions...I just want to understand this and be sure of what will happen when i do this...thanks...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Cool thats great...how do I install/setup Internet Connection Sharing on the W2K box?
Navigate to the control panel and click on the Network and Dial-up Connections icon
Double click on the network connection you will be using for your Internet access and click on the sharing tab
Place a check in the 'share this connection' box
Here is a link with a little more detail:
http://www.annoyances.org/exec/show/ics_2000
Double click on the network connection you will be using for your Internet access and click on the sharing tab
Place a check in the 'share this connection' box
Here is a link with a little more detail:
http://www.annoyances.org/exec/show/ics_2000
I hope that the two of you are aware of the vulnerabilities of both ISA Server and ICS. Why wouldn't you just put ISA Server on the server to protect it and sit it behind the wireless gateway. That specific gateway router has DMZ capabilities. Set up the server as a DMZ host and you should be able to do most if not all you need to do with your server.
I am aware of the issues with ISA and ICS. If you want a "more" secure server then I would go with what joey says about putting it behind the router.
The only problem with putting your server behind your firewall is now your allowing external networks into your private network.
The issue comes down to how much you want to protect your server and how much you wanna protect your intranet.
The only problem with putting your server behind your firewall is now your allowing external networks into your private network.
The issue comes down to how much you want to protect your server and how much you wanna protect your intranet.
yo - seting your computer as the dmz host allows no protection at all -
windows 2000 server - dont use ic sharing - dhcp
windows 2000 server - dont use ic sharing - dhcp
That's why I specified to install ISA Server and set it as a DMZ host. This definitely is more secure than sitting the server between the ISP and the router.
Access Point
Port going to win 2k
IP: 172.16.10.2
Mask: 255.240.0.0
Gateway: 172.16.10.1