Can I use a windows 200 server as a router? 1

[jgeddes]

I have a list of 5 internal IP address, supplied by my ISP, that can access the internet through the router they supply.

I have a new windows 2000 server and would like to run DHCP. With that said, is it possible to use DHCP and set the default gateway to the IP of my server (which has 2 nic cards - if it matters) and then use the server to point all traffic to the ISP's internal router? I am wanting the router to see all traffic coming from one of their assigned internal IP addresses.

My main problem is they chose a poor ip range to access the internet and my office is growing. I would like to re-organize my network and still have internet connectivity.

I plan on adding a watchdog firewall/vpn unit soon, will that help or make matters worse.

Thanks.

John

 

[GiaBetiu]

Yes, you can make from WIndows 2000 what router you want.
But I don't see any reason why do you want to do it.
Why do you need more IP addresses if they are used just to access the Internet?
Use a nonroutable class of addresses in the internal network, install a NAT on your Win2k server (router), and then all your network will access the internet.
I see only one reason why you request more IPs from provider: when you want to have some servers from your internal LAN to be accessible from the Internet. ANd, then, again NAT wil help you specifying how to route the call s to thos addresses. Gia Betiu
giabetiu@chello.nl
Computer Eng. CNE 4, CNE 5, MCSE Win2K

 

[jgeddes]

The ISP's router will only allow the 5 internally assigned ip's to access the internet. It won't allow any other ip's through the router.

 

[GiaBetiu]

How can ISP do this???
If you have NAT nobody knows how many computers you have in your network!!!! Gia Betiu
giabetiu@chello.nl
Computer Eng. CNE 4, CNE 5, MCSE Win2K

 

[speedracercjr]

The main use of NAT is so that many computers can get on the net using only 1 outside IP address. If you have to get a public ip address for EVERY computer it wouldn't be feasible.

 

[jgeddes]

I am new to this so forgive me. I am learning about NAT, but the address assigned are internal. They allow only 192.168.100.2 - 192.168.100.6 permission to go through the ISP's router. I believe the internal ip is 192.168.100.1, since that is the default gateway currently on all of my systems. I want to put my server at 192.168.100.5 (other nic card is 192.168.100.254) and use DHCP to assign internal ip addresses with a scope of 192.168.100.100-192.168.100.199. I was told that I could use a default gateway of my server (192.168.100.5) and the router would only see the server ip of 192.168.100.5, allowing me to use dhcp and other internal ip's to access the internet.

I have the gateway of both of my server's nics set to 192.168.100.1.

How do I do this?

 

[Teamaker]

If you set all stations to use the NAT server as their default gateway for internet access the ISP will only see one station (the NAT server) as accessing the internet.
The NAT server forwards and receives all client requests.

 

[reggiegrenier]

This is good info. Is there a web site witha step by step of this process. I am trying to do the same thing.

 

[Seaspray0]

It sounds to me like you are using a router between your computers and your internet connection (DSL router or cable router or modem). That router has NAT built into it but it is only supporting 192.168.000.002 through 192.168.000.005. Here's the trick: You don't need that router, what you need is a second nic in your server and install NAT directly on the server (through RRAS services). Plug one nic directly to your interenet connection box and plug the other to a hub to feed the rest of your network. The NAT on the server will support 192.168.000.002 through 192.168.000.254 giving you the entire class C range to use. On the server, go to windows help and look up the following: networking/routing and remote access/routing/concepts/understanding routing/understanding network address translation. This will answer alot of questions and even provide you with an example.

 

[Lee168]

Looks like your ISP is trying to limit your company's internet access. Call them up and ask them if you have a WAN IP Address (If it's static) also ask them what is the password to get acces to the Router. Once you have the access you can do pratically anything on the router hence avoiding doing anything on your server itself; because it will give you a headache when you are implementing the VPN or firewall.

 

[jgeddes]

Thanks for the help. I am told that part of my agreement with them is to leave their router as is. No access what-so-ever. I can, purchase more licenses to get out to the internet.

I plan on installing a firebox 1000 in the next couple of months, putting it directly between my switch and their router. I have heard that it will do the same thing and I trying to do now.

 

[Lee168]

Word of cautious, your firebox behavior and setting only apply for the connection to your ISP router NOT THE INTERNET. My advise to you is to eet as much as possible about your contract w/ your ISP. We used to be in the same situation as you are; and we were end up paying more compare to sign up w/ different ISP. We were having problems in term of having a firewall sitting behind their router, setting up our web and e-mail servers, DNS configuration, VPN configuration and whole lot more. Worst yet for every call we made to have them change the setting of their router we were charged for it. We had no control at all on how our network would communicate to the outside world.