Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

5 computers in home network, 5 public ip's...

Posted on 2003-11-28
6
Medium Priority
?
2,196 Views
Last Modified: 2013-11-30
Ok, so I've been thinking about what would be the best way to do the following:

I have 5 computers in my home network, each with windows 2000. Through my isp, I have 5 public ip's...  I would like to be able to have each pc keep a separate public ip, but still be on same home network for file sharing.  I could just have each pc with a public ip, and they would see each other (as i've tried already), but then NetBIOS must be active therefore producing a huge security problem...

At the moment, my broadband line is connected to a switch, and each pc is also connected to that switch. One machine runs windows 2000 server, with two nic cards, one with one of the 5 ip's and other with local ip (gateway) and shares internet through it to rest of machines.

is there any way to keep a safe home network, but each pc have a separate public ip?  if so, what would I need to do?
0
Comment
Question by:teinsa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 7

Accepted Solution

by:
Robing66066 earned 300 total points
ID: 9839806
Yes, to a point.

You can buy a router/firewall that will allow you to assign public addresses to map to internal addresses..

So, your network would look like this:


Internet-->Router/Firewall-->Switch-->workstation1 workstation2, workstation3, workstation4, workstation5

On the router/firewall, you program in all five public addresses.  

On the workstations, you assign each of them an internal address.  

In the config on the router/firewall, you assign each of the addresses to point to the internal addresses of the workstations.  You open or close whatever ports you want, including the ones for NetBIOS.

Bingo.  Done.

Of course, those devices don't actually have outside addreses, but from the Internet it would appear so.  Also, the router/firewall you buy won't be your average $100 dlink device.  You'll have to get something that can handle that many conduits.  (The PIX 501 comes to mind -- I'm pretty sure it would handle it.)  Of course, that will cost you.

Aside from that, you could potentially set up a software firewall to do it for you. ICA will manage it for you as would checkpoint.

Good luck!

0
 

Author Comment

by:teinsa
ID: 9839901
a clarification regarding my isp.  I have a LMDS (radio) internet line.  The actual "modem" (SAS receiver) can be connected to a pc or to a switch/hub...  not sure if i could even connect a router to the "modem"...

I would prefer to find a solution that doesnt involve any more hardware than the 16port switch i just bought...

0
 
LVL 9

Assisted Solution

by:svenkarlsen
svenkarlsen earned 300 total points
ID: 9840538
Hi teinsa,

With 5 boxes in your net, you should consider a dedicated Firewall/router, - otherwise your security cannot be anything but basic.

You could make a dual-subnet solution by adding extra NICs to all boxes and disabling NetBIOS on the NICs with public IPs, but that would only be an illusion of security.

Setting up a router in your config is not a problem. As Teinsa describes, it is not the worlds greatest challenge, but make sure you describe your needs to the supplier so you get a router capable of meeting your requirements.

Either get a router/firewall (I recommend stuff like Cisco PIX 501, Zyxell or Speadstream), or get an old PII-PIII and mock it up with some Linux like RedHat or S.u.S.E.. Choice depends on what resource is most scarce to you: money or time. I can tell you that money comes very scarce to me, but never the less I've chosen a PIX 501 at appx. 4-500 US$ (this isn't a commercial, - I'm truly independant;-)


Kind regards,
Sven
0
Understanding Web Applications

Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites.  So, what is the difference?

 
LVL 18

Assisted Solution

by:chicagoan
chicagoan earned 300 total points
ID: 9842589
>I would prefer to find a solution that doesnt involve any more hardware than the 16port switch i just bought...
Simply setting each pc to use DHCP (if your ISP provides DHCP) or manually setting their IP address and connecting them to your switch would have each pc keep a separate public ip.
>but still be on same home network for file sharing
as these are world routable addresses, they sould be able to communicate

the concerns voiced above are that this scheme would expose all of your machines to every script kiddie and infected machine on earth

the primary reason to use a public ip address is so that a service running on a machine can be easily located by name, i.e. www.yourmachine.com = xxx.xxx.xxx.xxx

SO for a minimum of fuss, rather than use ICS, use it's big brother Routing and Remote Access.
This will allow you to assign all your public IP addresses to the outside interface and reserve a private IP address on the inside for your other workstations, filter the services you want to pass through, etc.

see http://www.mcpmag.com/columns/article.asp?EditorialsID=15




0
 

Assisted Solution

by:yakcora
yakcora earned 300 total points
ID: 9887141
some of the smc barricade models support multiple external ips (only for forwarding)
your internal networked pcs get 192.168.x.x IPs  but they browse the internet from different ips you can forward ports from those ips to the intended local ip means if you have 5 ips basicly your internet access is done on 5 different ips for different PCs.

0
 

Author Comment

by:teinsa
ID: 9905018
all answers helped, so I split the points 4 ways.

thanks everyone!
0

Featured Post

Plesk WordPress Toolkit

Plesk's WordPress Toolkit allows server administrators, resellers and customers to manage their WordPress instances, enabling a variety of development workflows for WordPress admins of all skill levels, from beginners to pros.

See why 2/3 of Plesk servers use it.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question