?
Solved

Local Area Network

Posted on 2010-01-11
33
Medium Priority
?
518 Views
Last Modified: 2012-05-08
Hi
I have domain base Network setup. All Pc's gets their IP addresses from the local server which has DHCP running. I have assigned some of the PC's public IP address for Remote Desktop Connection and login purpose.
Followings are the problems I am having see if you can help.

1. The Pc's has public IP address cannot see other computer which has local ip address on the network.
2. The PC's has local ip address cannot see other computers which has public ip address

Subnet mask for local PC's are 255.255.255.0 and ip adress range is 192.168.100.1
sunet mask for public ip address is 255.255.255.240 and ip address range is 217.34.9.

3. the other problem I have is if I assing the public ip address for some reason it gets access to all local network drives even though permisson are set.

please advise accordingly
0
Comment
Question by:CJ
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 13
  • 9
  • 8
  • +2
33 Comments
 
LVL 13

Expert Comment

by:GuruChiu
ID: 26289017
For those PC that have public IP addresses, are you assigning the public IP on a different NIC or those only have 1 NIC?

Do you have a domain controller running?

0
 
LVL 1

Author Comment

by:CJ
ID: 26289053
only 1 card
I tried to give both internal and external ip address but in the router it would only show the internal so i couldnt open the port for internal then i changed the ip address to public ip address only
0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 26289138
It's not clear to me how *all* the PCs can get IP addresses via DHCP and yet have public addresses.... ???

It would be good to know the network topology.

Generally the devices with public addresses are connected to the internet.  Is that your objective?  If so, how do they connect to the internet?

Of course, the devices with private addresses aren't connected directly to the internet.

There needs to be a router in between your one (or more) public address(es) i.e. THE INTERNET and the private address subnet.  This might be as simple as using Internet Connection Sharing with 2 NICs on one computer or by having a router like a Linksys WRT54G, etc.

If you don't expect to actually be connected to the internet then the same applies - there needs to be a router between the two subnets the "public" one and the "private" one just as there would be between two private subnets, etc.

You might look at:
http://www.mission-systems-inc.com/How%20Subnets%20Work%20in%20Practice.pdf

Also, what you say is likely correct about being able to "see" or "not see" various computers because they are on different subnets.  But then this doesn't explain how you can observe: "it gets access to all local network drives even though permisson are set."

So, a little explanation might help so we can give better advice.



0
Plug and play, no additional software required!

The ATEN UE3310 USB3.1 Gen1 Extender Cable allows users to extend the distance between the computer and USB devices up to 10 m (33 ft). The UE3310 is a high-quality, cost-effective solution for professional environments such as hospitals, factories and business facilities.

 
LVL 1

Author Comment

by:CJ
ID: 26289202
Many thanks for your detailed repky.
Yes there is BT router which has a local ip address.
There are total 20 machines
Most of them are configured to get local ip address from the server dynamically
Only few machine I have setup static public ip address. They don't get local ip address from server
If I try to give just public ip address and keep the same subnet mask as local server ending with 0. Then Pc don't get access to the internet
Therefore I have to give pubilc ip address with subnet mask of ending 240
These public ip addresses have been assinged by BT in 217.34.9.0 range with subnet mask 255.255.255.240

The other problem I am having with one user is he has access to all drives since I assinged public ip address. I changed it back to local but still same problem

I hope this help

Regards
0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 26289274
OK - so you have public IP addresses assigned by your ISP "BT".  Is that right?

And, those addresses are 217.34.9.0 to 217.34.9.15 with .1 to .14 usable for your purposes unless one of them is the ISP gateway like 217.34.9.1 perhaps.

You need to connect the computers with the public addresses *upstream* of the router and somehow connect them to the internet.    If you have a modem then you can put a switch on the ethernet port and plug all the public addressed machines into that switch.  Your ISP should advise if this is going to work for you.  At least it's a start.

If you have a router with a DMZ port then you may be able to put the public addressed PCs there (on a switch).

So, a lot depends on how your ISP expects you to be able to use the assigned subnet of public addresses.

Then, you plug the router into that same switch and the router will have one of the public IP addresses.

Then, all the private addressed PCs go on the LAN side of the router.

I hope this gets you started.....
0
 
LVL 1

Author Comment

by:CJ
ID: 26289361
Many thanks again for quick reply

Your correct with ip addresses range.
I already have a switch and all pc are connected to the switch including router
The entire network is connected togather.
Access to internet is not an issue.
My question if I have two different range of IP addresses local and external then can't see each other is there way around it ?
The purpose of public ip address to PC is it can be accesses remotly directly and user can logon to their office PC from home. Which at the moment only the user of that computer or administrator can logon remotely other user on the network cannot logon due to different ip range and subnet mask is there a way around it ?

I will wait for your reply

Regards
0
 
LVL 21

Expert Comment

by:Rick_O_Shay
ID: 26289503
To answer your question about devices in two different ranges of addresses being able to see each other what you would use is a router that has an interface sitting in each subnet.

A solution for your situation would be to use VPN from home to office and then anyone could securely connect to the office and access their office machines.
0
 
LVL 13

Expert Comment

by:GuruChiu
ID: 26289839
Try this:

Can the PC with the IP 192.168.100.x ping the PC with the IP 217.34.9.x and vice versa?

If yes, you just need to make sure you have a way for NetBios to know about machines in different subnets. Typically we do it with domain controllers, DNS or WINS servers.

If no, you have a routing issue. The BT router is not routing between the two subnets for you. Even you have all these PC connecting to the same switch, same VLAN, they are still on two different subnets. Most PC is setup to just listen to network traffic on the same subnet. To get around this, either you beg BT to make changes to make this happen, or you can install a router yourself.
0
 
LVL 13

Expert Comment

by:GuruChiu
ID: 26290105
Assuming PC do not have firewall blocking ping.
0
 
LVL 14

Accepted Solution

by:
Roachy1979 earned 668 total points
ID: 26291141
Typically you would not connect the users PC's directly to the internet without some kind of perimeter device.  Each PC should ONLY have a private address.  The public addresses should all be handled by the perimeter device (firewall) that can then be used to NAT traffic to the private PC's on a per port basis.

Typically you would have

BT ROUTER -> FIREWALL->SWITCH->PC's

There are a number of open source firewalls out there that support Virtual IP's....namely the single device can listen on 217.34.9.1 - 14, and then then map traffic to 192.168.1.0/24 or whatever your internal address range is (on port 3389 for Remote Desktop)

Is this any clearer?

I'd use a pfSense for this purpose as a firewall...but there are many others out there.... (http://pfsense.org)
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 26291179
To add to this, you could then have the following rules set up...

217.34.9.1 -> NAT TCP Port 3389 -> 192.168.1.1
217.34.9.2 -> NAT TCP Port 3389 - > 192.168.1.2

Etc.....this will maintain the integrity of your internal network, while allowing remote access from outside.

The other option would be to add a VPN into the equation (and use a single public IP address) but if you have multiple public IP addresses already then that adds unnecessary complexity at this stage.....

I hope this helps

0
 
LVL 1

Author Comment

by:CJ
ID: 26291306
First of All Many thanks to you all for such a detailed reply with very usefull information.

Roachy I am doing excatly what you have said since yesterday that is what i thought would be the best and safest way forward. for some reason NAT is not working properly on the router. since BT change the public IP address range for our business nothing was working properly but I manage to fix the firewall settings on the router yesterday, today I will speak to them and try fix the NAT.
for some reason it will not let me NAT on local ip 192.168.100.0 range either static or dynamic, before I could do it.

I will come back to you all after having a go at NAT.

Guru thanks for your replies. Yes I can ping each other. in fact I can see the entire neowrk in my server its just the PC's playing about.

Rick, I know VPN is best way forward for user login but as it requires lots of settings so I have not done it yet but will do in due course. The reason i setup RDC so that in the mean time I can solve their problem remotly.

Regards to All
0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 26294273
Here is the topology that I tried to convery earlier:

Modem > Switch 1 > All Devices with Public IPs including Router

From above:

Switch 1 > Router > LAN .. All Devices with Private IPs

The modem does not do NAT, it simply provides access to the ISP gateway / internet.

The Router uses a public IP address on its WAN or Internet side so must be configured that way.
The Router provides NAT between the internet and the LAN.

The PCs with private addresses can see the PCs with public addresses just like any other device "on the internet".

The PCs with public addresses can't see the PCs with private addresses - just like any other device "on the internet".  
Then, if you want one of your public PCs to see one of your private PCs in some fashion then you need to make provisions for that such as what Roachy1979 describes.
0
 
LVL 13

Expert Comment

by:GuruChiu
ID: 26295628
If the PC can ping each other, then the problem most likely lies with your DNS, DHCP or WINS server. If you are using Active Directory, look at your DNS and make sure all your PC are there.

If you have good relationship with your ISP or they allow you change their router/firewall setting, I do agree with Roachy that it is best not to connect your internal PC directly to the public internet. It is safer to nat your PC to outside using the method Roachy listed.
0
 
LVL 1

Author Comment

by:CJ
ID: 26300093
Dear Roachy, Fmarshall, and Guru

thnak you so much for your detailed replies. I have spent whole day with BT tried to sort out NAT as it wasnt working on the router. they made me do so many changes including resting firewall, LAN and NAT on the router as it wasnt working. everytime we had to reset the router to get it worked.

finally we managed to NAT the public IP addresses on Private IP addresses. we also open the ports 3389 in the firewall.

the only problem we are having now is to access the PC's remotley. with NAT it doesnt work but if I assign it direct to PC it works.

I had enough of BT as its 03:21 I will do rest tomorrow.

any suggestion it may be the way BT guy told me to do the settings are not correct ?

the other thing I just wanted to confirm with you all was

1. BT Tech said I have to enable DHCP on the router otherwise NAT will not work ?
2. I cannot have static private ip address as NAT will not work on a static private ip address it has to be dynamic ?
3. He said I will have to stop DHCP on the server and enable it on the router which he did.
is he right on all above 3 points ?

the other problem started since I stoped DHCP on the server now Terminal Service License server doesnt work. the license server has disapeared and everytime i try to connect it comes with error messages.

I will wait for all your replies
0
 
LVL 13

Expert Comment

by:GuruChiu
ID: 26300258
In general, those three points are not true. Except #3. In general it is easier to have jsut one DHCP server to give out IP addresses for any particular subnet, unless the DHCP server(s) are aware of each other and will not give out overlapping addresses.
0
 
LVL 26

Assisted Solution

by:Fred Marshall
Fred Marshall earned 668 total points
ID: 26300936
In the layout I gave you, BT should have nothing at all to do with "the router" - which below I call the NATRouter.  They should only be concerned with that which below I call the ModemRouter.

So, just to be clear, I mentioned a "modem".  
These days it is common for the ISP to provide a modem that includes a router - so I'll call this the "ModemRouter".
You need the modem function and NOT the router function of the ModemRouter if it's included in that device.
If it's included in that device then you need another router for NAT.
OTHERWISE there's no place for the devices with public IP addresses.

So here I repeat what I sent earlier with slight changes in language:

Here is the topology that I tried to convery earlier:

BT ModemRouter > Switch 1 > All Devices with Public IPs including NATRouter
(no NAT here)

From above:

Switch 1 > NATRouter > LAN .. All Devices with Private IPs

The ModemRouter is set so that it does not do NAT, possibly in bridging mode,  it simply provides access to the ISP gateway / internet.  Otherwise there's no place to connect devices with public IP addresses.

The NATRouter uses a public IP address on its WAN or Internet side so must be configured that way.
The NATRouter provides NAT between the internet and the LAN.

The PCs with private addresses can see the PCs with public addresses just like any other device "on the internet".

The PCs with public addresses can't see the PCs with private addresses - just like any other device "on the internet".  
Then, if you want one of your public PCs to see one of your private PCs in some fashion then you need to make provisions for that such as what Roachy1979 describes.

I hope this clarifies and helps you...
0
 
LVL 1

Author Comment

by:CJ
ID: 26304898
Hi Guys

Thanks you so much once again for detailed and very usefull reply, now a days you dont realy get detailed replies.

I thought to use NAT on the BT router which was nightmare, by enabling the DHCP on the BT router the entire network bacme very slow. and all those PC i did the NAT from BT router could not access any network drives, as soon as I read both of yours posts I revert it back to original settings I mean disable the NAT & DHCP on BT router, and enabled DHCP on the server.

GuruChiu

Firstly I come to your reply.
1. If we have DHCP enabled on the server we can still do NAT from BT router ? (Although I am not going to do it due to Fmarshall advice this is for future refernce so I know what is right and what is wrong)

2. Can Public IP address be assigned to static local private IP address. ( I am sure you are right otherwise how else would you assign local private IP address to your server, it would be not be sensible to assign a local private ip address dynamically to servers AM I RIGHT) i think this is a feature which may BT router doesnt support (What do you say Fmarshall ?)

the above two points are only for knowledge for future.

Fmarshall

trunning to your detailed reply I am really sorry I miss understood and ended up enabling the NAT on the BT router.

OK here is how our setup is

1.We has have Switch => All computers including servers are connected to that switch which is 3com 10/100/1000 base switch.

2. We have BT 2Wire (Silver & Black) Modem Router which is also connected to Switch. so that everyone can have access to internet.

3. You are 100% correct BT Modem router is the Gateway to the internet and its comes by deafult with an internal local private IP address which is by default 192.168.1.254 and DHCP enabled. I disabled the DHCP and gave the router local ip address as 192.168.100.180 same range as LAN.

4. I have enabled DHCP on the server which assigns local IP address to all computers connected to switch and server has static local ip address on one NIC and static public ip address on second NIC (For RDC)

5. I then assigned few static IP addresses to few more PC on the network

6. I then enabled port 3389 in the firwall settings of the BT Modem Router for all the PC's including server for RDC purpose. I can access all those PC's without any problems remotly which were assigned static public IP addresses and had their port 3389 open on the BT Modem Router firewalls settings

7. It is very true all computers in order to get access to the internet connects via this BT Modem router which then NAT local ip to public IP and grant access.
What you have suggested here leave this BT Modem Router as it is only for the pupose of Internet access.

8. What you suggest is I should  get another router and connect it to switch which will automatically connect to entire network.

7. you then suggest I should give a public IP address to that router and enable NAT on it so that PC with local IP can be seen or access via RDC. Am I right so far ?

Here are my questions.
1. when I get a new Router for NAT purpose I assign one Public IP to it then how would I get access to all PC's on the network, would NAT work for all PC's or would I have to assign more than one public IP to the router for each PC's NAT.

2. would still have to enable port on the BT Modem Router for NAT Router to be accessed remotly or once I give public address to NAT Router it will automatically be connected to the internet through switch=>BT Modem Router, so does that mean I should be able to access NAT router without going through BT Modem Router.

3. I know BT Modem Router cannot be accessed remotely anymore before we could by giving the public ip address with poryt 8080.

I just need little bit more clarity on the second NAT router how would that be setup and will work as NAT for all PC with one public address or more.

any recomendation on the NAT router

Many thanks

Regards



0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 26306406
I'll just try to go through your questions:

1. If we have DHCP enabled on the server we can still do NAT from BT router ? (Although I am not going to do it due to Fmarshall advice this is for future refernce so I know what is right and what is wrong)

***DHCP and NAT are two different things.  Without getting into the particulars there'd be no reason to *not* have them separated that I can think of.    Of course, it may be more convenient to have them together.

2. Can Public IP address be assigned to static local private IP address. ( I am sure you are right otherwise how else would you assign local private IP address to your server, it would be not be sensible to assign a local private ip address dynamically to servers AM I RIGHT) i think this is a feature which may BT router doesnt support (What do you say Fmarshall ?)

***I can't be sure what you mean by assigning an address to an address.  An address is an address.  I seem to recall a method (that I have very little experience with) in which one can assign multiple IP addresses to the same *interface*.  However, the needs would have to be very special to want to do this and I don't see your needs as being in that category.

***In general it's easier to assign a static IP to a server - partly because it is often a DHCP source or a gateway or both.

the above two points are only for knowledge for future.

Fmarshall

trunning to your detailed reply I am really sorry I miss understood and ended up enabling the NAT on the BT router.

OK here is how our setup is

1.We has have Switch => All computers including servers are connected to that switch which is 3com 10/100/1000 base switch.

***OK but I'm not sure how firewalling works then..... maybe it's OK, I just don't know.

2. We have BT 2Wire (Silver & Black) Modem Router which is also connected to Switch. so that everyone can have access to internet.

3. You are 100% correct BT Modem router is the Gateway to the internet and its comes by deafult with an internal local private IP address which is by default 192.168.1.254 and DHCP enabled. I disabled the DHCP and gave the router local ip address as 192.168.100.180 same range as LAN.

***You need to be careful with this notion because:
Maybe I'm wrong but if you have multiple public IP addresses then the ethernet port on the BT ModemRouter needs to present a public IP interface.  Maybe it has its own public IP and maybe not.  
How one reaches the *control panel* of such a device is another matter.  The attached file is a simple model of how I like to envision it.  The actual device can vary in the details but not very much in the concept.
If the ModemRouter is assigned a public IP address then it might be accessible (subject to settings) for its Control Panel from the outside world.  This is handy for the ISP at times if you allow it.
Anyway ... it's not clear to me how you connect devices with public IP addresses up to this BT ModemRouter now.  Maybe it will work that way on the out-bound packets but I'm not at all sure about the inbound packets destined for those particular public IPs.


4. I have enabled DHCP on the server which assigns local IP address to all computers connected to switch and server has static local ip address on one NIC and static public ip address on second NIC (For RDC)

***That sounds right.  And the switch is on the LAN NIC of the server, right?

5. I then assigned few static IP addresses to few more PC on the network

6. I then enabled port 3389 in the firwall settings of the BT Modem Router for all the PC's including server for RDC purpose. I can access all those PC's without any problems remotly which were assigned static public IP addresses and had their port 3389 open on the BT Modem Router firewalls settings.

***Interesting.

7. It is very true all computers in order to get access to the internet connects via this BT Modem router which then NAT local ip to public IP and grant access.
What you have suggested here leave this BT Modem Router as it is only for the pupose of Internet access.

***Well, based on my experience it's simpler to comprehend that way.  But, what you have seems to be working it appears.

8. What you suggest is I should  get another router and connect it to switch which will automatically connect to entire network.

***Yes.  That's what I would have thought of.  One box to connect the public IPs and this other box to route from public to private.

7. you then suggest I should give a public IP address to that router and enable NAT on it so that PC with local IP can be seen or access via RDC. Am I right so far ?

***I wasn't too focused on RDC but I should think so.  If you're using RDC, you might want to consider UltraVNC instead because the local machine windows login won't be disturbed AND a local person can see and interact (or not) if that's what you want.

Here are my questions.
1. when I get a new Router for NAT purpose I assign one Public IP to it then how would I get access to all PC's on the network, would NAT work for all PC's or would I have to assign more than one public IP to the router for each PC's NAT.

***One public IP for the "Internet" side of the router.
***It takes care of the NAT.  Each PC and each application on each PC is addresses magically (well, really using port numbers which are nothing more than extensions to the IP address).
***The PCs don't have NAT - they have private IP addresses that's accomodated by the NAT in the router.

2. would still have to enable port on the BT Modem Router for NAT Router to be accessed remotly or once I give public address to NAT Router it will automatically be connected to the internet through switch=>BT Modem Router, so does that mean I should be able to access NAT router without going through BT Modem Router.

***OK.  Well, everything on the internet side goes through the BT.  But if it's as I've been talking then the BT is transparent and you access the NAT Router via its own public IP address directly - maybe that's what you mean by "without going through BT Modem Router".  I believe that one only needs port forwarding IF there's NAT..... otherwise the connection is "direct".

3. I know BT Modem Router cannot be accessed remotely anymore before we could by giving the public ip address with poryt 8080.

***That's a detail that I can't comment on.  You say "THE public ip address".  If the modem is in bridge mode or some such then it won't have its own ip address at all and you will only be able to see the things with public IP addresses that are behind it ... and, by extension, the private LAN as normally intended.

I just need little bit more clarity on the second NAT router how would that be setup and will work as NAT for all PC with one public address or more.

***As above and in my post of 1/12.  It would not be directly associated with PCs with public addresses at all.  
***The typical situation is:
1) the modem
2) a firewall which may be as simple as a NAT Router.
Then, if needed:
3) a public IP zone - often called a DMZ - where all the computers with public IP addresses reside.  

any recomendation on the NAT router.

***I tend to use Linksys WRT54G routers for nonmanaged sites.    Or, the Linksys RV042 has a DMZ port which might be useful for your application..... you hang a switch on the DMZ port to get more RJ45s and put all the public addressed computers there.  It provides a bit of protection for the public computers.....

Router-Inside.txt
0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 26306451
Just to be clear:
The DMZ and/or public computers are located:
Behind the modem.
AND in "front of" the NAT Router and not behind it as my answer may have implied.
The private computers are "behind" the NAT Router.
0
 
LVL 13

Expert Comment

by:GuruChiu
ID: 26307869
1. If we have DHCP enabled on the server we can still do NAT from BT router ? (Although I am not going to do it due to Fmarshall advice this is for future refernce so I know what is right and what is wrong)

DHCP and NAT are separate function, so they should not be related. However depends on the software on the BT router, it may not have the option to enable NAT if it is not enable for DHCP. You may say it is stupid, but I have seen many stupid devices in my career.

2. Can Public IP address be assigned to static local private IP address. ( I am sure you are right otherwise how else would you assign local private IP address to your server, it would be not be sensible to assign a local private ip address dynamically to servers AM I RIGHT) i think this is a feature which may BT router doesnt support (What do you say Fmarshall ?)

If you have available public IP address (which in your case you have .1 to .14 usable), you should be able to create a static public IP to static private IP mapping for routers support static NAT. Some router may not support static NAT, and some may call it port forwarding or DMZ host. Some cheap - cheap router only support everything inside NAT to the interface IP of the router and nothing else.

It will help if you can let us know the model# of the BT router.
0
 
LVL 1

Author Comment

by:CJ
ID: 26310139
Once again many thanks

Here how its setup

Computer + Server  => Switch => BT Modem Router ( BT Modem Router has NAT + Firewall)
Option1
I then do NAT from BT Modem Router to PC with Public IP
I then open port 3389 on BT Modem Router for PC with Public IP

Option2
I give a public IP address to PC and open port 3389 on BT Modem Router.

If I choose option1 then I have to disable DHCP on server. Users takes long time to logon
User cannot access any network drive
Whole system becomes slow

If I use option 2 everything works fine just the local PC cannot be seen on the netwirk

Regards
0
 
LVL 13

Expert Comment

by:GuruChiu
ID: 26311487
There is another possibility that you might want to look at. May be one of the PC have virus. If you make that PC to public IP, it cannot affect the private network so private network is working fine. If you make that PC part of the private network and NAT using BT router, then that PC is affecting your private network.

Just a thought.
0
 
LVL 1

Author Comment

by:CJ
ID: 26324249
Dear Fmarshall and Guru.

Many thanks for your detailed help.

Untill I get another router, I will assign public ip address to those PC which have 2 NIC, leave DHCP running on the server and leav BT Modem Router as it is, and use RDC.

Jus finall question with both of your experinece.

Is it advisable to give static private ip addresses to LAN computers or let server allocate it ?

one more question not related to this, I have login.bat file running where when user logs on get access to all local drives. i made few chnges to logon.bat file, but for some reason it still runs old file on the computer, but of i log the same user on another computer it runs new updated bat file. so there is somewhere in PC I need to clear or delet cach etc. can you help its windows 7 ultimate 32 bit
0
 
LVL 13

Expert Comment

by:GuruChiu
ID: 26330066
Unless there are other factors to consider, generally I like to set aside a range for static assignment for servers and other public resources and use DHCP to assign IP address to the rest of the workstations. I like this because in the future if there are other changes to setting, e.g. subnet, DNS etc., it is much easier to manage using DHCP.
0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 26331574
I thought I'd posted this earlier.....

Set up separate ranges for DHCP and for static addresses like:

192.168.1.1 to 192.168.1.100 for static.  (Often .1 will already be used by the router)
192.168.1.150 to 192.168.1.253 (sometimes .254 will already be used by a device)
This leaves .101 to .149 as "spares"
or xxx.xxx.xxx.1 etc. according to your subnet

I like to assign static addresses for small, stable networks.
I like to assign static addresses to network printers.
Use DHCP when there's going to be transient visitors, system changes that are frequent, etc.

The one small issue with static addresses is that you have to get DNS right.
I like to use ISP DNS addresses because:
- if your internet connection is down it won't work but it also won't matter
- it avoids issues internal to your network.
The default with DHCP is generally the gateway router and you might add that as the first one if setting it up manually - just in case it speeds things up a tiny bit and avoids internet traffic a tiny bit.  But the ISP DNS addresses for DNS ought to be pretty "sure".
0
 
LVL 1

Author Comment

by:CJ
ID: 26331618
Very clear and detailed many thanks fmarshall.
The ISP DNS I will have find this out from BT Modem Router settings. Will it be static ip address or dynamic.
0
 
LVL 1

Author Comment

by:CJ
ID: 26331931
Sorry I read your post again I have asked u question which u have already answered that default gateway is the DNS for ISP and you suggest that I should keep that as first DNS and then my server as second DNS am I right ?

Just one more and final question and I will tehn close this issue as accepted solution for everthing is that you suggested to have two pools one for static and one for dynamic. Is there a settings when setting dhcp pool range to set it as static ?
0
 
LVL 13

Assisted Solution

by:GuruChiu
GuruChiu earned 664 total points
ID: 26333093
The correct way is to setup one pool, e.g. 192.168.100.1 to 192.168.100.255.
Then reserve a range e.g. 192.168.100.1 to 192.168.100.100.
So DHCP server will only give out address 192.168.100.101 to 192.168.100.255 and you can manually assign any address between 192.168.100.1 to 192.168.100.100 for static.
0
 
LVL 1

Author Comment

by:CJ
ID: 26333375
Thanks a million Guru.
All of you have given me enough knowledge now I need to implement
Thank u all.
0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 26335582
You asked: Is there a settings when setting dhcp pool range to set it as static ?

The range itself is manually entered and static.
The addresses are dynamic .... unless:
Some devices (i.e. routers) in the DHCP settings will allow you to assign certain IP addresses to MAC addresses so that the computers with those MAC addresses  (and only each of those computers) gets the their assigned address via DHCP.  I guess this is a way to have your cake and eat it too: The computer gets what appears to be a static address and you don't have to worry about DNS, etc.
0
 
LVL 1

Author Comment

by:CJ
ID: 26376752
i have taken Guru approach for setting up DHCP pool
0
 
LVL 1

Author Comment

by:CJ
ID: 26376780
in order to resolve the problem temprory I have Installed two NIC on all those PC which need RDA.
now they all can see network public to local and local to public.
i tried NAT on a second router but didnt work for me I will give another go later.
I am using BT Modem Router for Internet purpose only and also the firewall to open ports on the bT Modem router.
I am using server for DHCP, DNS, terminal etc.
I have assigned static local ip addresses to remaing PC as the dyminic were causing access to IE and speed issue.
All these opitin were implemented from the suggestion of Roachy, Gurur, Farmshall.
I like to thank you all and if any more isuues I will start new questin. I will accept all three of your suggestions
Regards
0

Featured Post

Get proactive database performance tuning online

At Percona’s web store you can order full Percona Database Performance Audit in minutes. Find out the health of your database, and how to improve it. Pay online with a credit card. Improve your database performance now!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question