Solved

How to configure/route two DSL connections?

Posted on 2007-03-27
6
625 Views
Last Modified: 2012-05-05
I am suffering from a slow Internet connection.  It is being brought on by a new Internet training program that our company is using that is delivered as streaming video.  I have investigated different alternatives.  Before I start spending money I want some external input on what I’m thinking.  As well, I am open to other thoughts for possible solutions.  Last, if the path I’m headed down is a good one, I need to know the specifics of what settings need to be set/changed on which devices to accomplish the intended goal.

Please realize I am a business owner and handle 99% of my network work.  However, I have no formal training.  As long as the jargon doesn’t get to complex I can accomplish just about anything with the excellent assistance I receive on this forum.

I have a small network spread across two stores.  At store one I have the following equipment: a server running SBS 2003 and Exchange, an Altigen VoIP server, 4 workstations running XP Pro, and my Internet connection with a Watchguard firewall and my Internet connection.  It is a 10.0.0.0   255.0.0.0 subnet.

At store two I have the following equipment: a server running: Server 2003, 7 workstations, 6 VoIP phones. It is a 192.168.10.0   255.255.255.0 subnet.

The two offices are connected via a dedicated PTP T-1 with Adtran (3200 & 3205) routers at both ends.

The current Internet connection is AT&T (formerly SBC).  It is 1.5 Mbps down and 384 kbps up.  When I spoke with AT&T they told me that due to the distance from the CO, I have the fastest that is available.

At store two, I can get 6.0 Mbps down and 768 kbps up from AT&T.  However, the current (slower) connection has a TRUE fixed IP and never goes down.  It is grandfathered in regarding the fixed IP, as long as I keep it.  You can no longer get a true fixed IP address from AT&T.  They charge you for a fixed IP then give you a “sticky IP” that connects with PPPoE.  I have that service at my house so that I can use the branch office VPN feature on my Watchguard firewalls to connect to the network.  On that connection, the “Sticky IP” unsticks at least twice a day.  It is very frustrating.

I tried contacting Covad because they have real fixed IP addresses.  However, store two is only 1000’ from a remote terminal and Covad can’t access that remote terminal.  Therefore, they show the location being 11,000 feet from the CO and can’t offer anything faster than my current connection at store one.

My proposed plan is to add the 6.0 Mbps connection at store two with a dynamic IP (to save costs).  Then, I want to accomplish my branch office VPN and Exchange server connections across the slower connection with the true fixed IP.  I want all of the browsing to be accomplished via the faster connection at store 2.

I am having a little difficulty figuring out if this is possible.  And, if it is, how do I point the appropriate equipment in the correct direction to use the desired connections.

All input is greatly appreciated.
0
Comment
Question by:normsrv
  • 3
  • 2
6 Comments
 
LVL 44

Expert Comment

by:scrathcyboy
ID: 18805117
VERY SIMPLE SOLUTION -- you make NO changes to your network

1.  download the streaming video as a "SAVE AS" -- i.e. right click on the video link and SAVE AS a file name to the server.

2.  Now make a link to that saved video on the server.

3.  Send everyone in the office an email with a link to the training video on the server.

4.  Problem solved.
0
 
LVL 7

Accepted Solution

by:
TelnetServices earned 500 total points
ID: 18805290
Ok... let me get this right... you want to have 2 ADSL's - one with a static IP for your incoming emails/web etc (as you do now) - but also add an additional DSL JUST for external connections (web browsing etc) - to complicate (or help) matters - you have a watchguard firewall protecting you from the net nasties??

What model of WG is it - if it's a core or bigger, you will have extra ethernet ports - with a software upgrade yo ucan make these ports active.  You should then be able to tweak the routing tables such that the default route for everything other than your other store goes out the new DSL.  There may be some fun things with exchange - such that traffic would come in through one address an leave through another potentially... not quite sure how you might handle that.

Another (simpler) alternative would be to install a proxy server (squid is free and a great product - runs on linux, or there's a wondows port - look for squidNT - runs  fine on XP/NT/2k/2k3) Have all your browsers look at the proxy server for their web - and make this proxy multihomes - with one interface on your lan and the other one connected to your second DSL.  You could simply 'firewall' this at the dsl router by allowing NOTHING incoming, and only ports 80 and 443  

Diagram of my proposal at http://www.dropshots.com/photos/267328/20070328/b_141850.jpg

I've done this before as part of a relocation.

Good luck!
0
 

Author Comment

by:normsrv
ID: 18805726
There are a couple thousand of the training videos and the method of deployment is proprietary so saving them really isn't an option.  Plus, we really have outgrown the 1.5 Mbps DSL connection for just normal browsing.  We can have up to 10 workstations browsing at once.

I have a WG Firebox X Edge functioning as my network firewall on the current DSL connection and also accomplishing my Branch Office VPN with another X Edge at my house (home office).  I dug around and found my WG SOHO that I would likely use as a firewall for the new connection.

I don't completely grasp your Proxy layout though it is a great diagram.  I'm also guessing that would require a new learning curve for me.  Not that I mind learning a new trick.  I would just need to better understand what exactly it will do for me before investing the time to figure it out.
Not going with a proxy, my real concern is just what you touched on -- how will Exchange handle all of this.  Can I set the SBS machine's default gateway to my current WG's address and set my workstation's at store A with a default gateway as the Adtran handling the PTP T-1?  Then have the Adtran look accross the T-1 to the new DSL connection rather than to the current WG device as it does now?  And, also have all of the workstations at store B look to the new DSL connection for their default gateway?  What about the server at store B?  Does it need to look to the old connection of the new one for it's default gateway?
Staying with my concept I don't have to learn anything new and I understand what I'm doing -- uh, for the most part.
0
Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

 
LVL 7

Expert Comment

by:TelnetServices
ID: 18805805
Hmmmm.. that should work - obviously, you might need to think about firewalling the other connection if you are going to potentially push other traffic than just HTTP down the new wire.

The Default Gateway setting merely tells the PC where to send packets it can't send directly (in the same subnet) so your plan would certainly work (where exchange has def gateway of the old connection). There is one caveat there.. if the PCs in the shop with two connections need to talk across the VPN - depending on whether the subnets are the same in both stores - there is a chance they would be unable to...

The proxy server is merely a box that sits between your web requests and the net/firewall - this has the added advantage that you will reduce your net bandwidth requirements even more - requests for the same object by multpile users (eg graphics and sometimes - but not always videos) will come from the cache and not from the net - improving performance.  Not too hard to set up once you've got your head around the config files.  This way means you are not upsetting your network setup at all - simply handling web traffic sererately....
0
 

Author Comment

by:normsrv
ID: 18810398
I went and looked at the Squid product.  It looks like a time vacuum to me.  I love a new challenge, but I already have several of those waiting for me.  On this one I'm most interested in quick results.  
I am going to order up the second DSL line and leave this question open rather than asking a bunch of questions that I think I know the anser to, but I'm not completely sure of.  Then, once I get the new connection going, I will bring the actual issues back.  If it all goes well, I will close this out and award the points.
0
 

Author Comment

by:normsrv
ID: 18868087
After a few tweaks to the routes in the PTP Adtran units and the WG units, everthing is working good.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Setting up a VPN 60 183
f5 Persistence 14 63
Import AD groups from one domain to another 9 34
Use packet tracer to verify anyconnect VPN 11 64
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question