Solved

Setting up a small home business network

Posted on 2003-10-26
7
332 Views
Last Modified: 2010-03-18
I am using win2k adv server and have a dsl connection using a netopia router and 5 static ip's from my provider.  I have been reading that I could setup an internal lan connection using the 192.168.0 series instead of using my static ip's.

I would like to use the static ip's for configuring a webserver,firewall and email server.

I also have a wan connection ip and subnet mask on the router and would like to know it I could utilize that as well??
0
Comment
Question by:moman61
  • 4
  • 2
7 Comments
 
LVL 41

Accepted Solution

by:
stevenlewis earned 250 total points
Comment Utility
Setup the router's LAN side to be 192.168.0.1
and the pc's to be 192.168.0.2 thru 192.168.0.254
mask 255.255.255.0
then forward ports 80 tot he webserver ip (example if w2k server is 192.168.0.2 the forward port 80 to it)
and then forward ports 25 and 110 to the email server
point the email clients on the othermachines on your lan to the ip of your email server (again example if the w2k is 192.168.0.2 and is both the webserver and email server, then 192.168.0.2)
0
 

Author Comment

by:moman61
Comment Utility
Ok then, does that mean I could use the statics for setting up another nic card for firewall using something like checkpoint?? since I do have 5 static ip's and what about the other 4 static ip's??
0
 
LVL 41

Expert Comment

by:stevenlewis
Comment Utility
Well if your ISP is charging you for them, you can tell them you don't need them and save that $$
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 

Author Comment

by:moman61
Comment Utility
its a business acct so the ip's came with it. Im not being charged for them. from what Im understanding it seems like your'e telling me that as long as I have a router, and configure the 192.168 series on it, and then point all my workstations to the server I should have no problems at all?

0
 
LVL 4

Expert Comment

by:Kokoglen
Comment Utility
If you buy a firewall device like this (or any other brand/model):
http://www.microsoft.com/hardware/broadbandnetworking/productdetails.aspx?pid=002

You insert it between the DSL router and your internal LAN switch or hub.  The setup is very simple and you put in the router information into the firewall.  Then the firewall gives DHCP information to the workstations.  You assign a 192.169.1.x IP to your servers manually and use 192.168.1.1 as the gateway and 255.255.255.0 as the subnetmask.

Then you go into the firewall device and set up persistant port forwarding.  This tells the firewall to take all incomming traffic to port 25 and send it to whatever IP your mail server is.  And take port 21 and send that to your FTP server, etc.

I think this is the same answer as stevenlewis, just phrased differently.
0
 
LVL 41

Expert Comment

by:stevenlewis
Comment Utility
I have a d-link router (similar to yours)
I have a web server and ftp server on my XP box (internal ip of 192.168.0.2)
I forwarded the ports 80 (web) and 21 (ftp) to 192.168.0.2 (thru my router configuration, read your documentation for exact method to configure your router to forward the ports) (in your case port 80 for the webserver and  port 25 for your email server (incoming to the email server)). Now if you are using the email server as your email for the other machines on the LAN, you can point directly to the LAN ip, or you can continue to point to your static ip (provided you use this as the WAN interface ip (on the router)
0
 
LVL 41

Expert Comment

by:stevenlewis
Comment Utility
more info on firewalls (most firewalls)
an internal request should trigger the port to open
example when a machine on the LAN checks email, it triggers port 110 to open, and will listen on that port to see if there is any mail, and allow it to remain open to recieve it (using NAT (network address translation) to route to the correct machine), then when the request is done, it will close the port
now when you send mail (from the LAN), it will trigger port 25, and the same proccess happens, however, if a machine outside the LAN (on the other side of  the firewall) trys to connect to your email server, without the request coming from the inside first, the port will be blocked, because nothing on the inside has triggered the port, that is why you must forward the port, so it will be open and know which machine to send the packets to
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now