Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

1 server 2 NIC's - LAN/WAN

Status
Not open for further replies.
audiopimp

audiopimp

MIS
Jun 9, 2002
175
CA
Hi. I'll try and be breif but no promises. I'm hoping someone here will be able to guide me in the right direction or reference of some kind.
The Given :- 1 Office - 1 Server (winNT SP6a) - 4 manager PC stations (Win 982ndE) - 5 Workstations PC (win 98 2ndE)- 1 16 port 10/100 switch - 1 DSL line Modem - : the server is to be used by all PC's, its running a Dialer and writes and reads into a master DB (Most simply put).
The Problem :- I only want the manger stations to have access to the Internet WAN, the other 5 workstations I do not want them to be able to get onto the Internet, only our small LAN while all this protectiing my server from the WAN.
Some Ideas - A buddy of mine told me i can easily do this by installing 2 NICS on my server. One to handle the WAN and the other the LAN. But after this I am lost. Is there a software I need to do this? Am I going to have to install DHCP on the 4 manager stations and static IP's on the 5 other workstations?
I know im almost there but can someone please help me out here? Any good web sites I can check out if its too long to explain.
PS> I did manage to do pretty much what I wanted with the help of a router. The Linksys Router software allows me to block certain IP's ect. Please note: I'd like to do it without the router as described above. Is it possible from the information I gave you'all?
Regards, Mark - Steve
 
Sort by date Sort by votes
First thing that comes to my mind is using a router, which you choose not to, and set up subnets.
 
Upvote 0 Downvote
If you don't want everything on your server available to the Internet, you really need to install some protection between the server and the Internet. A router performing Network Address Translation (NAT) provides a minimal amount of protection. Using 2 NICs puts your box directly on the Internet and vulnerable to every attack that comes down the pike.

Ideally you'll install a firewall between your company's PCs and the Internet.

What you are describing is technically feasible, but VERY scary.

Otherwise, you should be able to create multiple subnets (on the same NIC) to differentiate between "manager" PCs and workstations. You can assign DHCP by MAC address if you like, so the workstations will always get workstations addresses and the managers will always get manager addresses. Then you can create routes based on IP subnet.

Please remember to use martian addressing (RFC 1918 Address Allocation for Private Internets) for your internal addresses to avoid reassigning addresses that you will probably eventually need access to. Commonly 10.x.x.x or 192.168.x.x are used, but there are class B subnets (172.16-31.x.x) as well.

pansophic
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
732
Shmid
Shmid
mcisar
  • Locked
  • Question
Disable CHAP on PPPoE WAN connection
Replies
0
Views
171
mcisar
mcisar
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
526
nnaarrnn
nnaarrnn
Russtoleum
  • Locked
  • Question
Windows client can't connect to sonicwall l2tp server
Replies
0
Views
135
Russtoleum
Russtoleum
TierOneTech
  • Locked
  • Question
TZ105 - can I define a second WAN interface for failover?
Replies
1
Views
119
jcarmichael1203
jcarmichael1203

Part and Inventory Search

Sponsor

Back
Top