20 person office internet access router issue

We have ~20 employees with 20 computers.  We have a domain based network with DHCP providing the workstations with IP addresses.

My internal DNS is
My first router is (cheapo linksys vpn/router)
The WAN side of this router is
It points to the AT&T Netopia modem
My mail server connects directly to the netopia
Netopia had 5 static IPs on its public side. Some of which map through (to the mail server for example). It is regular DSL.

I'm not convinced this is the best way of doing this. But I don't know where to start on getting replacement equipment.  It gets very bogged down as more users get on the internet and I doubt the security is particularly strong.

Where should I start?
Who is Participating?
Hypercat (Deb)Commented:
Further comments:  My preference is not to use a device supplied by the ISP except to pass through all traffic to a company-owned router/firewall that you own and manage yourself.  If that's your preference, and if you have access to the Netopia, then you need to put it in pass-through or "bridge" mode so that it passes all traffic to a second firewall router that you put in place.

If you want to do this, then you should look at some more robust routers such as Watchguard or SonicWall. These companies have a wide range of devices available, some of which are very pricey, so be sure you look at the devices designed for the small office.  Keep in mind, however, that if you don't have any experience with these devices, you'll have a somewhat steep learning curve on how to select the software you need and manage the firewall policies and other available options to protect your internal network adequately.
hgj1357Author Commented:
I'd like to stay with the AT&T DSL account - at least for now.  I'm looking to replace the router and modem and need a little help picking hardware and setting them up.
Hypercat (Deb)Commented:
Depending on the model, the Linksys router might be fine for this small a network. However, it seems that you've left the AT&T Netopia router configured as the perimeter firewall, which means that the Linksys router is really not doing anything useful.  

If you have access to manage the Netopia device and if it has a fairly robust perimeter firewall, then you don't need the Linksys router at all.  So, that's my first question - do you know how to and have access to manage the Netopia device and does it have an adequate firewall?  Is it able to do everything you need to do, including VPN access (if you're using that feature of the Linksys device)?
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

hgj1357Author Commented:
I do have access to the netopia. It is a "Netopia Model 3347-02 AnnexA High-Power Wireless DSL Ethernet Managed Switch"  from 2006.  I'm guessing it is short on horses.

I can manage it. But beyond basic settings, I get a bit lost with it.
Hypercat (Deb)Commented:
"Netopia Model 3347-02" - if it's that old, then it's probably not doing the job you need.  See my second comment above.

BTW, Netopia was bought out by Motorola, so you might want to see if AT&T will replace that old device with a straight-up modem, to get you better initial throughput from your DSL service, and then put your own firewall in place behind it.
hgj1357Author Commented:
SHould I get an updated modem router from AT&T or continue to use this model, but in pass-thru mode?

We use Sophos anti-virus and I had a look at their firewall routers.  I don't really have any experience, but they looked good in theory.
Hypercat (Deb)Commented:
See my edited post above.... Sorry - I went back and added that second paragraph later.
hgj1357Author Commented:
No worries.
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Accept: Hypercat (Deb) (https:#a40723897)

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

Experts-Exchange Cleanup Volunteer
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.