If I subnetted a public IP address can I Legally use one of those subnets on a branch office server

Hello Experts, I have been given the task of installing server 2008 on 2 new servers, I am totally new to this and would like some help, i have 2 questions,
1.  If I subnetted a public IP address can I Legally use one of those subnets on a branch office server, and 2. what is a good ene to end hardware firewall device that I should use to connect the two sites.

Thanks for any help
PullbeakAsked:
Who is Participating?
 
Andrej PirmanConnect With a Mentor Commented:
Hi,

regarding 1)
NO, you may not use ANY of public available IP's, if they were not assigned to you via your ISP! Not only this is a violation and misuse, but may aslo be very risky and in many cases WILL lead to IP conflicts in public internet. Do NOT do that!
Also, you should NOT expose your servers directly to public internet - instead, put them beyond firewall or router, which is doing NAT translation, and use public IP on firewall/router's public interface, and LAN subnet (192.168.x.x, or 10.x.x.x) on your local side. From public to local side you should only forward (and open) ports, which you need, others let stay closed for security reasons.
For example, on your router/firewall (NAT device) for the purpose of configuring publically available WEB server, you should forward only 2 ports to be opened to public:

YOUR public IP (port 80) -> FORWADRED TO -> Your LAN IP of server 192.168.0.10 (port 80)
YOUR public IP (port 443) -> FORWADRED TO -> Your LAN IP of server 192.168.0.10 (port 443)

Regarding 2)
depends on how much you can afford to invest.
You may use ANY Cisco 800 or 1800 series routers WITH VPN bundle to connect 2 distant sites into single LAN subnet.
In lower price range, you may use D-link or Linksys or 3com routers, but look at Specs PDF before buying, to be sure that device supports NOT "VPN passthru", but VPN-to-VPN (L2TP) site-to-site connections.

Alternative is also to use ANY router, which supports "VPN passthru" (which most routers support), and configure server on 1st site to be RRAS (VPN) server, and other side server to be VPN client. This sollution is not so reliable, but would work fine if you want to save some money.

0
 
PullbeakAuthor Commented:
Thanks for the info, now I think that I can actually set this thing up
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.