Solved

DSL Cable to a Switch

Posted on 2003-11-15
4
352 Views
Last Modified: 2013-12-14
Hi guys,
My office network has 40 nodes connected to a Win 2K network.
My company recently moved to Broadband Connection with 6 static IPs . The ISP provided us with a ' Great Speed R205S' DSL Router. I connected the router directly to the switch. In the LAN settings of the router I have assigned an internal IP as the secondary IP address. (say IP-1). I have a proxy server (with an internal Ip say IP-2)  using a third party tool called Wingate to share the Internet Connection. Now my question is how the Internet Connection can be made available to clients? How does my proxy server detects the connection? Is there a real need to use a Proxy Server in such a scenario? Will enabling NAT on the DSL Router settings do the needful. PLs pls guys out there help me. How can i share this internet connection among my LAN users.

Thanks in advance
Seige
0
Comment
Question by:kelpere
  • 3
4 Comments
 
LVL 5

Accepted Solution

by:
nomorefuzzylogic earned 125 total points
ID: 9757132
Easiest solution is to use a "Broadband Router" directly connected on your LAN - you can get them with internal DSL modems or with a WAN port to which you can connect an external modem. I don't know anything about the router you have been supplied with but I would assume that it probably provides the features you need for a simple and easy shared Internet connection.
Check it provides NAT and firewall features - if so then it should be OK.

When you say 'Clients' do you mean people on the Internal LAN or people on the Internet?
Any good reason for having 6 static IP's? Do you have 6 machines on your internal network that you need to be able to address from outside - or some other requirement? If not then a single public IP address is sufficient.

Your router will need to be configured for NAT - this will 'convert' internal addresses to the public IP.
Set your router as the default gateway on all your PC's - even easier is to use DHCP from your router to assign all IP addresses for your PC's because that will also ensure that the Gateway and DNS addresses are configured correctly.
Its really as easy as that!
There is no real need to use a proxy server - this can provide you with advanced features such as filtering which may be beyond the scope of your router - if you do need the proxy server then it should be the only machine that can access the router directly. In this case either use a 2nd LAN card to isolate the router LAN from internal LAN or run different networks over the same segment (using a multi-homed adapter on the server - non standard and needs a bit of tweaking of the LAT - not supported by Microsoft but works fine). The Proxy Server would be your default gateway rather than the router if you did it this way.
0
 

Author Comment

by:kelpere
ID: 9757745
Hi friend,
Thanks for your response. I configured NAT on my DSL router and assigned the IP of the router as the gateway of all client PCs( when i say client it is my internal LAN client). Now all the clients can access the Internet Connection. As per your concluding session of the email - that is what i need exactly. I need the connection available on only the Proxy Server (either ISA or any third party tool like Wingate) and all machine access this proxy server as the internet gateway. But after reading your letter i think thats pretty complicated and kind of isolated.
Now am concerned about the security issue. How safe it is to connect the DSL cable directly to my LAN switch. Can hackers access my network and likewise? Pls provide me with some info as to what all areas i need to be careful. Am not using any firewall. My only security is Symantec Antivirus! PLs advise
0
 
LVL 5

Expert Comment

by:nomorefuzzylogic
ID: 9758032
With NAT enabled you are pretty safe because hackers cannot address your internal clients IP addresses because the only address they can see is that of the public interface.
You need to make sure that you have a good password (long and difficult) for administration login on your DSL router and disable 'remote administration' if that feature is shown. Also disable "ping requests from the Internet" for a bit of added safety.
If your router doesn't provide firewall features then get one that does. Do not rely on 'home' software firewalls. You could get an Ethernet WAN router with firewall and connect the WAN port to your existing router and the LAN port to your existing switch or you could replace your existing WAN router with one with an integral firewall.
The default security on *most* routers will block incoming traffic from the Internet but allow outgoing web requests, FTP, SMTP, POP3 and Telnet. Other outgoing requests will also be blocked.
As this is a corporate LAN I wouldn't stand for any use of software that requires firewall security to be reduced - such as MS Messenger. Some routers provide a feature called UPNP which will allow the router to be configured automatically by such software - disable this unless you really have to use it because it opens up your firewall protection - albeit in a reasonably well controlled way. There are also router features which allow certain machines to be classed as servers accessible from the outside world and possibilities to configure certain internal addresses as being in a DMZ (ie bypassing all security) - DON'T do it unless you have extra firewalls between local PC's and the DMZ or server.
If you have 40 clients - are you using a mail server - such as MS Exchange? You should be! Keep it and all the machines up to date with ALL security patches and forget about software based anti-virus software. Make sure you are using IE 6, Outlook 2000 or Outlook Express 6 or above software for e-mails and ensure security updates are applied.
0
 
LVL 5

Expert Comment

by:nomorefuzzylogic
ID: 9758038
After setting it all up you can run 'Shields Up' (https://grc.com) which will check out your security. Then you can sleep pretty well at night.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

    Over the past few years, small business and home owners have become so dependent on internet that a need for redundancy has arisen.    What happens when your small business or home / home office loses its internet connection?  The results c…
Cable Modem Provisioning from DPoE compliant server  This Article is to support CMTS administrators to provide an overview of DOCSIS compliance configuration file, and to provision a cable modem located at customer place from a Back office serve…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now