1 server 2 nics ? huh? Gateway/ Please help

[audiopimp]

Hi. I'll try and be breif but no promises. I'm hoping someone here will be able to guide me in the right direction or reference of some kind.
The Given :- 1 Office - 1 Server (winNT SP6a) - 4 manager PC stations (Win 982ndE) - 5 Workstations PC (win 98 2ndE)- 1 16 port 10/100 switch - 1 DSL line Modem - : the server is to be used by all PC's, its running a Dialer and writes and reads into a master DB (Most simply put).
The Problem :- I only want the manger stations to have access to the Internet WAN, the other 5 workstations I do not want them to be able to get onto the Internet, only our small LAN while all this protectiing my server from the WAN.
Some Ideas - A buddy of mine told me i can easily do this by installing 2 NICS on my server. One to handle the WAN and the other the LAN. But after this I am lost. Is there a software I need to do this? Am I going to have to install DHCP on the 4 manager stations and static IP's on the 5 other workstations?
I know im almost there but can someone please help me out here? Any good web sites I can check out if its too long to explain.
PS> I did manage to do pretty much what I wanted with the help of a router. The Linksys Router software allows me to block certain IP's ect. Please note: I'd like to do it without the router as described above. Is it possible from the information I gave you'all?
Regards, Mark - Steve

 

[GiaBetiu]

Hi,

There are few ways to solve your problem.
The one with using the server as proxy is a very good one.
One of the best server of this kind is Jana Server.

http://www.janaserver.de/en/

Try it. Yo have also the possibility to set the rights based on IP or username.

Success. Gia Betiu
m.betiu@chello.nl
Computer Eng. CNE 4, CNE 5

 

[rubbaninja]

Use proxy server with one nic and disable anonymous access, create a proxyuser grouping in user mgr and place those you want to use it. Install prox client on the inet users pc's and point their browsers proxy settings to your proxy IP. This will enable NT auth to the proxy.


If your routing is setup right and you set up correct routing on the proxy box (all unknown traffic goes to inet) then you are all set. Don't forget about DNS and other a-typical networking 'stuff'.

Of course if you do not have a seperate firewall and want to use proxy packet filtering and the such, don't do this, the above configuration is for CACHE and AUTH only. You would need a seperate firewall for security from the outside.

Do not use your proxy as your gateway either.

My configuration

Cloud
|
router
|
PIX Firewalls
|
Proxy with PIX as its default gatway, ISP DNS settings.
|
Users

Since your box is used for other things then add routes on that box to your internal networks so it knows what is what, all the rest of the traffic will go out to the inet.

This is documented on the net, try google groups searching for tips or check

http://proxyfaq.networkgods.com/

http://www.windowswebsolutions.com/Articles/Index.cfm?ArticleID=7913

Keep in mind that you will see people say not to do this but it is more than possible. They say NOT to do it if your going to use Proxy for security reasons rather than just auth and cache.

whalla. beecee
confused as a baby in a topless bar