moman61
asked on
Setting up a small home business network
I am using win2k adv server and have a dsl connection using a netopia router and 5 static ip's from my provider. I have been reading that I could setup an internal lan connection using the 192.168.0 series instead of using my static ip's.
I would like to use the static ip's for configuring a webserver,firewall and email server.
I also have a wan connection ip and subnet mask on the router and would like to know it I could utilize that as well??
I would like to use the static ip's for configuring a webserver,firewall and email server.
I also have a wan connection ip and subnet mask on the router and would like to know it I could utilize that as well??
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Well if your ISP is charging you for them, you can tell them you don't need them and save that $$
ASKER
its a business acct so the ip's came with it. Im not being charged for them. from what Im understanding it seems like your'e telling me that as long as I have a router, and configure the 192.168 series on it, and then point all my workstations to the server I should have no problems at all?
If you buy a firewall device like this (or any other brand/model):
http://www.microsoft.com/hardware/broadbandnetworking/productdetails.aspx?pid=002
You insert it between the DSL router and your internal LAN switch or hub. The setup is very simple and you put in the router information into the firewall. Then the firewall gives DHCP information to the workstations. You assign a 192.169.1.x IP to your servers manually and use 192.168.1.1 as the gateway and 255.255.255.0 as the subnetmask.
Then you go into the firewall device and set up persistant port forwarding. This tells the firewall to take all incomming traffic to port 25 and send it to whatever IP your mail server is. And take port 21 and send that to your FTP server, etc.
I think this is the same answer as stevenlewis, just phrased differently.
http://www.microsoft.com/hardware/broadbandnetworking/productdetails.aspx?pid=002
You insert it between the DSL router and your internal LAN switch or hub. The setup is very simple and you put in the router information into the firewall. Then the firewall gives DHCP information to the workstations. You assign a 192.169.1.x IP to your servers manually and use 192.168.1.1 as the gateway and 255.255.255.0 as the subnetmask.
Then you go into the firewall device and set up persistant port forwarding. This tells the firewall to take all incomming traffic to port 25 and send it to whatever IP your mail server is. And take port 21 and send that to your FTP server, etc.
I think this is the same answer as stevenlewis, just phrased differently.
I have a d-link router (similar to yours)
I have a web server and ftp server on my XP box (internal ip of 192.168.0.2)
I forwarded the ports 80 (web) and 21 (ftp) to 192.168.0.2 (thru my router configuration, read your documentation for exact method to configure your router to forward the ports) (in your case port 80 for the webserver and port 25 for your email server (incoming to the email server)). Now if you are using the email server as your email for the other machines on the LAN, you can point directly to the LAN ip, or you can continue to point to your static ip (provided you use this as the WAN interface ip (on the router)
I have a web server and ftp server on my XP box (internal ip of 192.168.0.2)
I forwarded the ports 80 (web) and 21 (ftp) to 192.168.0.2 (thru my router configuration, read your documentation for exact method to configure your router to forward the ports) (in your case port 80 for the webserver and port 25 for your email server (incoming to the email server)). Now if you are using the email server as your email for the other machines on the LAN, you can point directly to the LAN ip, or you can continue to point to your static ip (provided you use this as the WAN interface ip (on the router)
more info on firewalls (most firewalls)
an internal request should trigger the port to open
example when a machine on the LAN checks email, it triggers port 110 to open, and will listen on that port to see if there is any mail, and allow it to remain open to recieve it (using NAT (network address translation) to route to the correct machine), then when the request is done, it will close the port
now when you send mail (from the LAN), it will trigger port 25, and the same proccess happens, however, if a machine outside the LAN (on the other side of the firewall) trys to connect to your email server, without the request coming from the inside first, the port will be blocked, because nothing on the inside has triggered the port, that is why you must forward the port, so it will be open and know which machine to send the packets to
an internal request should trigger the port to open
example when a machine on the LAN checks email, it triggers port 110 to open, and will listen on that port to see if there is any mail, and allow it to remain open to recieve it (using NAT (network address translation) to route to the correct machine), then when the request is done, it will close the port
now when you send mail (from the LAN), it will trigger port 25, and the same proccess happens, however, if a machine outside the LAN (on the other side of the firewall) trys to connect to your email server, without the request coming from the inside first, the port will be blocked, because nothing on the inside has triggered the port, that is why you must forward the port, so it will be open and know which machine to send the packets to
ASKER