20 person office internet access router issue

We have ~20 employees with 20 computers.  We have a domain based network with DHCP providing the workstations with IP addresses.

My internal DNS is 192.168.11.6
My first router is 192.168.11.19 (cheapo linksys vpn/router)
The WAN side of this router is 192.168.1.19
It points to the AT&T Netopia modem 192.168.1.110
My mail server connects directly to the netopia 192.168.1.2
Netopia had 5 static IPs on its public side. Some of which map through (to the mail server for example). It is regular DSL.

I'm not convinced this is the best way of doing this. But I don't know where to start on getting replacement equipment.  It gets very bogged down as more users get on the internet and I doubt the security is particularly strong.

Where should I start?
LVL 2
hgj1357Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

hgj1357Author Commented:
I'd like to stay with the AT&T DSL account - at least for now.  I'm looking to replace the router and modem and need a little help picking hardware and setting them up.
0
Hypercat (Deb)Commented:
Depending on the model, the Linksys router might be fine for this small a network. However, it seems that you've left the AT&T Netopia router configured as the perimeter firewall, which means that the Linksys router is really not doing anything useful.  

If you have access to manage the Netopia device and if it has a fairly robust perimeter firewall, then you don't need the Linksys router at all.  So, that's my first question - do you know how to and have access to manage the Netopia device and does it have an adequate firewall?  Is it able to do everything you need to do, including VPN access (if you're using that feature of the Linksys device)?
0
hgj1357Author Commented:
I do have access to the netopia. It is a "Netopia Model 3347-02 AnnexA High-Power Wireless DSL Ethernet Managed Switch"  from 2006.  I'm guessing it is short on horses.

I can manage it. But beyond basic settings, I get a bit lost with it.
0
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

Hypercat (Deb)Commented:
Further comments:  My preference is not to use a device supplied by the ISP except to pass through all traffic to a company-owned router/firewall that you own and manage yourself.  If that's your preference, and if you have access to the Netopia, then you need to put it in pass-through or "bridge" mode so that it passes all traffic to a second firewall router that you put in place.

If you want to do this, then you should look at some more robust routers such as Watchguard or SonicWall. These companies have a wide range of devices available, some of which are very pricey, so be sure you look at the devices designed for the small office.  Keep in mind, however, that if you don't have any experience with these devices, you'll have a somewhat steep learning curve on how to select the software you need and manage the firewall policies and other available options to protect your internal network adequately.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Hypercat (Deb)Commented:
"Netopia Model 3347-02" - if it's that old, then it's probably not doing the job you need.  See my second comment above.

BTW, Netopia was bought out by Motorola, so you might want to see if AT&T will replace that old device with a straight-up modem, to get you better initial throughput from your DSL service, and then put your own firewall in place behind it.
0
hgj1357Author Commented:
SHould I get an updated modem router from AT&T or continue to use this model, but in pass-thru mode?

We use Sophos anti-virus and I had a look at their firewall routers.  I don't really have any experience, but they looked good in theory.
0
Hypercat (Deb)Commented:
See my edited post above.... Sorry - I went back and added that second paragraph later.
0
hgj1357Author Commented:
No worries.
0
frankhelkCommented:
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Accept: Hypercat (Deb) (https:#a40723897)

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

frankhelk
Experts-Exchange Cleanup Volunteer
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Hardware-Other

From novice to tech pro — start learning today.