[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now


DSL Cable to a Switch

Posted on 2003-11-15
Medium Priority
Last Modified: 2013-12-14
Hi guys,
My office network has 40 nodes connected to a Win 2K network.
My company recently moved to Broadband Connection with 6 static IPs . The ISP provided us with a ' Great Speed R205S' DSL Router. I connected the router directly to the switch. In the LAN settings of the router I have assigned an internal IP as the secondary IP address. (say IP-1). I have a proxy server (with an internal Ip say IP-2)  using a third party tool called Wingate to share the Internet Connection. Now my question is how the Internet Connection can be made available to clients? How does my proxy server detects the connection? Is there a real need to use a Proxy Server in such a scenario? Will enabling NAT on the DSL Router settings do the needful. PLs pls guys out there help me. How can i share this internet connection among my LAN users.

Thanks in advance
Question by:kelpere
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3

Accepted Solution

nomorefuzzylogic earned 375 total points
ID: 9757132
Easiest solution is to use a "Broadband Router" directly connected on your LAN - you can get them with internal DSL modems or with a WAN port to which you can connect an external modem. I don't know anything about the router you have been supplied with but I would assume that it probably provides the features you need for a simple and easy shared Internet connection.
Check it provides NAT and firewall features - if so then it should be OK.

When you say 'Clients' do you mean people on the Internal LAN or people on the Internet?
Any good reason for having 6 static IP's? Do you have 6 machines on your internal network that you need to be able to address from outside - or some other requirement? If not then a single public IP address is sufficient.

Your router will need to be configured for NAT - this will 'convert' internal addresses to the public IP.
Set your router as the default gateway on all your PC's - even easier is to use DHCP from your router to assign all IP addresses for your PC's because that will also ensure that the Gateway and DNS addresses are configured correctly.
Its really as easy as that!
There is no real need to use a proxy server - this can provide you with advanced features such as filtering which may be beyond the scope of your router - if you do need the proxy server then it should be the only machine that can access the router directly. In this case either use a 2nd LAN card to isolate the router LAN from internal LAN or run different networks over the same segment (using a multi-homed adapter on the server - non standard and needs a bit of tweaking of the LAT - not supported by Microsoft but works fine). The Proxy Server would be your default gateway rather than the router if you did it this way.

Author Comment

ID: 9757745
Hi friend,
Thanks for your response. I configured NAT on my DSL router and assigned the IP of the router as the gateway of all client PCs( when i say client it is my internal LAN client). Now all the clients can access the Internet Connection. As per your concluding session of the email - that is what i need exactly. I need the connection available on only the Proxy Server (either ISA or any third party tool like Wingate) and all machine access this proxy server as the internet gateway. But after reading your letter i think thats pretty complicated and kind of isolated.
Now am concerned about the security issue. How safe it is to connect the DSL cable directly to my LAN switch. Can hackers access my network and likewise? Pls provide me with some info as to what all areas i need to be careful. Am not using any firewall. My only security is Symantec Antivirus! PLs advise

Expert Comment

ID: 9758032
With NAT enabled you are pretty safe because hackers cannot address your internal clients IP addresses because the only address they can see is that of the public interface.
You need to make sure that you have a good password (long and difficult) for administration login on your DSL router and disable 'remote administration' if that feature is shown. Also disable "ping requests from the Internet" for a bit of added safety.
If your router doesn't provide firewall features then get one that does. Do not rely on 'home' software firewalls. You could get an Ethernet WAN router with firewall and connect the WAN port to your existing router and the LAN port to your existing switch or you could replace your existing WAN router with one with an integral firewall.
The default security on *most* routers will block incoming traffic from the Internet but allow outgoing web requests, FTP, SMTP, POP3 and Telnet. Other outgoing requests will also be blocked.
As this is a corporate LAN I wouldn't stand for any use of software that requires firewall security to be reduced - such as MS Messenger. Some routers provide a feature called UPNP which will allow the router to be configured automatically by such software - disable this unless you really have to use it because it opens up your firewall protection - albeit in a reasonably well controlled way. There are also router features which allow certain machines to be classed as servers accessible from the outside world and possibilities to configure certain internal addresses as being in a DMZ (ie bypassing all security) - DON'T do it unless you have extra firewalls between local PC's and the DMZ or server.
If you have 40 clients - are you using a mail server - such as MS Exchange? You should be! Keep it and all the machines up to date with ALL security patches and forget about software based anti-virus software. Make sure you are using IE 6, Outlook 2000 or Outlook Express 6 or above software for e-mails and ensure security updates are applied.

Expert Comment

ID: 9758038
After setting it all up you can run 'Shields Up' (https://grc.com) which will check out your security. Then you can sleep pretty well at night.

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cable Modem Provisioning from DPoE compliant server  This Article is to support CMTS administrators to provide an overview of DOCSIS compliance configuration file, and to provision a cable modem located at customer place from a Back office serve…
Why do some people recommend buying business VoIP from an ISP? What are the benefits to my company? What are the costs?
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question