Solved

Netgear ADSL Wireless router, NAT and proxy?

Posted on 2004-09-10
7
494 Views
Last Modified: 2013-12-14
Hi,

I have been doing some research on various proxies, and I have finally found one that is very simple to use and seems to be reliable.

Now I'm stock on the next step. I feel that having a proxy is pretty much useless you can ensure that users will not simply change their connections settings in IE from using a proxy to the IP of the ADSL Router.

I contacted one of the companies that sell a proxy and they told me to disable the NAT on my ADSL Router, but when I do this it gives me a message saying that my ADSL router will only act as a router? Also, it no longer allows me to access anything on the internet.

Is there a way to ensure that users can not use the IP of the ADSL router and are force to go the the proxy address only, not via IE settings and policies, but through networking?

There has to be a way to do what I'm explaining here as I just think this would be too open if users knew the IP of the ADSL Router.

Any suggestions?

Thanks all.

T.
0
Comment
Question by:taf
  • 3
7 Comments
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 12032356
Are you running all this in a Windows Domain?  You can lock out your users from changing virutally anything with Group Policy, if you are running a Windows 2K+ Domain Controller...

Additionally, if you are running XP/2K you can always set the Local Security Policy...

FE
0
 

Author Comment

by:taf
ID: 12032372
Hi,

Thanks for feedback, but I really would like to try this a different way. I'm not pushed by the idea of using policies whether server based or local.

I'd like to find out why as well, it is compulsory for my ADSL router to have to use NAT or none can access the internet.

I am setting this up on my own machine at home which is running on Win200 Advanced Server with latest service pack and clients are xp, but the place I want to set this up anyway runs NT4 Server and a mix of clients i.e. XP, Win98, etc... They will upgrade their server to a new one running 2003 in the next 2 months or so, but in the mean time I'd like to find a solution.

I saw maybe what could be my solution, but I'm not sure. By disabling the NAT on the router, does anyone know whether or not I am still allowed to access the internet but it simply can translate the address? I suppose I could ping to find out. Anyway, in win2000 server there is an option to create a NAT, but I'm not sure on how to do this and whether or not it would be worth doing.

I thought that maybe by setting up a NAT on the NT Server, that I would then somehow redirect this to the ADSL router thus forcing the users to go through the proxy as going through the adsl router would not work.

Does anyone know if this is possible and how I could do this.

Thanks.

T.

Thanks.

T.
0
 
LVL 40

Accepted Solution

by:
Fatal_Exception earned 500 total points
ID: 12033883
Well, I see the issue, as it is difficult to use policies to stop pre-W2K users from changing settings.  

If you disable NAT on the router, then you won't have a routing table that reflects where the packets are heading..  If you are using private and public addresses, then you have to have NAT enabled.

You can setup NAT on your server, but you will need 2 NICs.  I suppose you could use ICS on it, but I don't recommend that.  Rather, RRAS is the way to go.  In other words, subnet the internal LAN on one NIC, and make all requests go through the RRAS server.   Now, I believe (it has been a while) that NT4 only comes with RAS, with does not have the advanced features of RRAS (W2K+).

FE
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 12244685
:)
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

This solves the problem of diagnosing why an internet connection is no longer working. It also helps identify the likely cause of the lost connection if the procedure fails to re-establish your internet connection. It helps to pinpoint the likely co…
Sometimes you have to pull out old tricks to get a new firewall to work… While we were installing a new Sonicwall at a customers site we found that sites they were able to visit before were not working.  It seemed random and we could not understa…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now