OZSJ
asked on
Network setup advice newbe
I am setting up a network for 10 computers. The main requirement is that there must be a central file server that can be accessed via VPN and a direct dialup connection. Here is where the confusion sets in. Should I purchase a ADSL modem/router that acts as the gateway to the internet and then plug all of the computers into a switch, or must the file server be the machine which establishes the internet connection and acts as a gateway for the other computers.
That is, shoudl the file server be between the Internet and router (Internet-Server-Router) or does it not matter?
Will this have any impact on whether someone dialing in can access the server and internet over that connection?
I hope that the quesiton is clear.
Thank you
That is, shoudl the file server be between the Internet and router (Internet-Server-Router) or does it not matter?
Will this have any impact on whether someone dialing in can access the server and internet over that connection?
I hope that the quesiton is clear.
Thank you
2hype
You would place the file server on the inside of the Router. If you plugged it on the outside you would have no firewall in place to protect it. You would configure your firewall to allow VPN to pass through to your Server (Which will autheniticate the VPN Clients) Once connected through the VPN they will be able to acces your File server.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok,thanks for the comments... so to clarify... will the server be the only device that is plugged into the router? Would the file server still work if the other computers were plugged into the router as well.. or would this be a bad thing to do (why?)
OZSJ, what do you have from equipment? Is it just server and router? You will definetly have to have switch to connect all computers into it cause I don't think you will be able to plug everything into the router. Even more - the router is for another purposes like being an edge device between you network and the internet. If you don't have firewall it is better to buy one (either hardware or software). It doesn't matter where you plug the server - to the router or not, depend on security policy you implement. So more information is requred to answer your question.
Regards.
Regards.
ASKER
Gen2003, I have the switch as well. I just did not want the hassle of having to set up the server for DHCP and NAT (which may or may not be difficult), hence my preference for having the other machines connecting directly to the internet through the router(via the switch) and not from the server directly. I guess this was just the lazy inexperienced way of doing it and not optimal as far as network security goes.
dsl
|
|
10.0.0.1 adsl router ( port forward VPN prot to 10.0.0.2)
|
|
switch (if not enough port to connect all computers)
|
--------------------------
10.0.0.2 10.0.0.3 10.0.0.4 (etc......................
| | | | |
file sever+ vpn sever comp 1 comp 2 comp3 ... etc comp 10
+ dail up server
|
|
10.0.0.1 adsl router ( port forward VPN prot to 10.0.0.2)
|
|
switch (if not enough port to connect all computers)
|
--------------------------
10.0.0.2 10.0.0.3 10.0.0.4 (etc......................
| | | | |
file sever+ vpn sever comp 1 comp 2 comp3 ... etc comp 10
+ dail up server
i think this is a more easire way to make it works if u didn't reqire very high sercurity :P
Nice diags peeps:)
Some routers have built in switches. If you have one that does, you will not need a separate piece of hardware for this. You plug your DSL/Cable Modem/internet connection to the WAN port on the router. Then simply connect each workstation and the server to the various built-in LAN ports.
If your router does NOT have a built in switch, or does not have enough ports, you will need to get a separate switch. (You want a switch specifically, NOT a hub. Hubs do not prevent network collisions and while they do work, you get much slower performance out of them). In this scenario, you would plug the broadband modem into the WAN port on the router, and the switch into the LAN port. Each workstation and the server would then plug into the switch.
Your router will have the public IP address provided by your ISP and each workstation will have it's own private IP address that is not directly accessible from the internet. You can either specify the private IP's yourself, or many routers also have options for DHCP (Dynamic Host Control Protocol). This is handy in that it will assign IP addresses automatically - each workstation will be configured to "Obtain IP address automatically".
As for the filesharing, that depends on your operating system and specific need. In a windows environment, you could create a Workgroup or Domain, and then simply choose the Share option on any files, folders, or drives that you want other members to see.
If your router does NOT have a built in switch, or does not have enough ports, you will need to get a separate switch. (You want a switch specifically, NOT a hub. Hubs do not prevent network collisions and while they do work, you get much slower performance out of them). In this scenario, you would plug the broadband modem into the WAN port on the router, and the switch into the LAN port. Each workstation and the server would then plug into the switch.
Your router will have the public IP address provided by your ISP and each workstation will have it's own private IP address that is not directly accessible from the internet. You can either specify the private IP's yourself, or many routers also have options for DHCP (Dynamic Host Control Protocol). This is handy in that it will assign IP addresses automatically - each workstation will be configured to "Obtain IP address automatically".
As for the filesharing, that depends on your operating system and specific need. In a windows environment, you could create a Workgroup or Domain, and then simply choose the Share option on any files, folders, or drives that you want other members to see.
ASKER
Thank you everyone for your help, I would like to allocate points to you all. The diagrams have been particualrly helpful. I will try to set up the first diagram with with a Linux or Mac server. (10 client computers are Macs)