Solved

Integrate ADSL into a corporate network

Posted on 2006-11-30
10
355 Views
Last Modified: 2013-11-30
Hi all,

I work in an environment where the US dictates our WAN link and they also route our connection through the US, therefore our latency is very high making the internet experience quite poor. I was wondering if anyone could give me any advice in regards to integrating one or more high speed ADSL connections into our LAN. This of course would have to be done semi-secretly.

What I don't know is:
How can I stop internet traffic looking to the corporate router, and instead look to an ADSL gateway?
How can I ensure that Intranet traffic would continue to flow through the corporate router?
How would I ensure applications such as SAP would continue to look to the coporate router?

One of the restrictions is that I do not have access to the config of the coporate router. Is this stuff possible? We are using an MPLS service provided by Orange \ Equant and for 50 users we have a 2MB link and it is slow!!!

Does anyone have any advice or some other suggestions I could investigate further?
0
Comment
Question by:loganb2003
10 Comments
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18049889
You could configure an adsl router connected to adsl modem.  This would allow a second connection to the internet.  Do you want all users to go through this connection for the internet, or just some?  Since you have no access to the corporate router it will be slightly difficult.  You need traffic to continue to go to the corportate router for LAN routing to other corporate subnets so chaning the default gateway on PC's may not be a good solution, but it could work.  How many subnets are there on the corporate LAN?

Here is a possible solution depending on number of subnets etc.

Configure a router that you can buy can even be something small like linksys etc.  Connect it to your adsl service.  Configure static routes on your router connected to the adsl router to point to the corporate router.

Let me know if this makes sense, also answer a few of the questions I asked and I may be able to give you a better solution.
0
 

Author Comment

by:loganb2003
ID: 18050079
Interesting. We have only one subnet.

Your second suggestion would have the ADSL router sitting between the LAN and the corporate router, correct? Then I would configure static routes for all traffic I want to go through the corporte network, and everything else would flow over the ADSL connection?

Do you forsee any problems with this? I would need to lock down that ADSL router connection very tightly yes?

Its a good idea, but could go horribly wrong I think, I think we would need something a lot more configurable and robust than a linksys router.

Would the same harware structure apply to a subnet re-configuration?
0
 
LVL 4

Expert Comment

by:Trilotech
ID: 18050275
If this is a corporate network do you even have the ability to change the default gateway on the workstations? They may be assigned and you might not have permissions to change it.

If you have more control over your network then I would set the default gateway of the computers to your ADSL and set up static routes to corporate. If you have your own server with DHCP you can assign out all of this information there.
0
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18050472
Well depending on your needs you can certainly use some nicer Cisco equipment or Juniper depending on what you are familar with.  Of course with any setup if it isnt planned and implemented properly you could have some large problems.  

Placing the router in front of your corporate router will allow you to route between the adsl wan and your corportate router for the rest of the network.  Now of course with static routes, if new subnets are added elsewhere you would have to update the static routes each time this happens.

Dont know if there is anyway of involving corporate in this, maybe they could get a better solution with dynamic routing or other solutions.

And yes, now that you have an adsl connection coming in, you need to make sure it is secure otherwise corporate will not be very happy!
0
 
LVL 3

Accepted Solution

by:
JRockSolid earned 250 total points
ID: 18050620
What about turning a spare box into a proxy and pointing the proxy at the ADSL.  You would then need to setup the PCs you wanted to access the internet with the appropriate IE settings.  Seems like this would be the least intrusive.  Only the HTTP protocol traffic would be redirected by IE to the proxy. I simple vb Deployment Script could accomplish the Settings on a large scale.  Are these changes possible?
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18050638
This will only fix HTTP.  If you use any other protocols to the internet such as SMTP, FTP etc, those will go through the corporate router.
0
 

Author Comment

by:loganb2003
ID: 18050695
Nice rocksolid.

I like it... simple but sounds effective.
0
 

Author Comment

by:loganb2003
ID: 18050747
Stupid question... Intranet traffic is using either HTTP or HTTPS yes? So if I were to proxy, this traffic I would need to create excpetions for all *.intranet.com?
0
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18050791
You could create those exceptions right in IE.
0
 

Author Comment

by:loganb2003
ID: 18050895
ok
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Hello All, I have been training on Multicast for a while now and whenever I start the topic , I find out that my friends /  Colleagues mention that they do not know how to test Multicast Joins. As most of the multicast would be video traffic and …
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now