If I subnetted a public IP address can I Legally use one of those subnets on a branch office server

Hello Experts, I have been given the task of installing server 2008 on 2 new servers, I am totally new to this and would like some help, i have 2 questions,
1.  If I subnetted a public IP address can I Legally use one of those subnets on a branch office server, and 2. what is a good ene to end hardware firewall device that I should use to connect the two sites.

Thanks for any help
PullbeakAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Andrej PirmanCommented:
Hi,

regarding 1)
NO, you may not use ANY of public available IP's, if they were not assigned to you via your ISP! Not only this is a violation and misuse, but may aslo be very risky and in many cases WILL lead to IP conflicts in public internet. Do NOT do that!
Also, you should NOT expose your servers directly to public internet - instead, put them beyond firewall or router, which is doing NAT translation, and use public IP on firewall/router's public interface, and LAN subnet (192.168.x.x, or 10.x.x.x) on your local side. From public to local side you should only forward (and open) ports, which you need, others let stay closed for security reasons.
For example, on your router/firewall (NAT device) for the purpose of configuring publically available WEB server, you should forward only 2 ports to be opened to public:

YOUR public IP (port 80) -> FORWADRED TO -> Your LAN IP of server 192.168.0.10 (port 80)
YOUR public IP (port 443) -> FORWADRED TO -> Your LAN IP of server 192.168.0.10 (port 443)

Regarding 2)
depends on how much you can afford to invest.
You may use ANY Cisco 800 or 1800 series routers WITH VPN bundle to connect 2 distant sites into single LAN subnet.
In lower price range, you may use D-link or Linksys or 3com routers, but look at Specs PDF before buying, to be sure that device supports NOT "VPN passthru", but VPN-to-VPN (L2TP) site-to-site connections.

Alternative is also to use ANY router, which supports "VPN passthru" (which most routers support), and configure server on 1st site to be RRAS (VPN) server, and other side server to be VPN client. This sollution is not so reliable, but would work fine if you want to save some money.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
PullbeakAuthor Commented:
Thanks for the info, now I think that I can actually set this thing up
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
TCP/IP

From novice to tech pro — start learning today.