Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

I need help setting up two Modems on a network

Status
Not open for further replies.
paulclane

paulclane

IS-IT--Management
May 23, 2003
7
0
0
IE
I need to access a particular website everyday for business purposes. I download the latest prices and check stock, etc. I use an ISDN router for this. The problem is, they won't let me access any other website on this (networked) modem for fear of a hack attack. I need to set up another ISDN modem, with a firewall, on this network and tell it to access any website EXCEPT the one above. So basically : Modem one is for website A only. Modem Two,after a firewall, is for every website except website A.
Any ideas? I'm really stuck
 
Sort by date Sort by votes
This is a relatively trivial problem if you are only talking about one computer. You just need to make sure that your two ISDN Routers (they aren't really modems) have different IP addresses, and then set a static route with the IP address of the website set to its router and a default route that points to the other router.

You can configure the default route in your Network configuration under TCP/IP Settings.

To add the static route use:

route add <website ip> mask 255.255.255.255 <isdn router ip> metric 1 -p

I believe that this is the right syntax, I don't have a Windows machine around to check. The -p switch will make the route persistent (it will survive a reboot).

If you are talking about more than one computer, you will have to set the routing up in the default gateway router unless you want to set this up for every single PC that needs to access both sites. You will probably also want to do some subnetting, so it is not a trivial exercise.

You also need to make sure that you are not violating your usage agreement with the stock provider. The reason that they have you dial into their network directly is probably to keep you from being connected to the Internet and their network simultaneously. By doing what you are suggesting, you are creating a &quot;backdoor&quot; into their network. Their security will never be any more effective than your security. It is a transitive trust model, one that has proven to be ineffective at best.


pansophic
 
Upvote 0 Downvote
Hi Pansophic.

Thanks for your reply.
Just a few more details. These routers ARE on a network. I am resonably familiar with routing tables and network configuration, But I don't know how to exclude one modem from using a particular website. My temporary workaround was to use netscape on all the machines and get it to access the net. This worked perfectly, when the users used IE they could only access the stock provider and when they used Netscape they could access any site, except the stock provider. However they use online banking and the bank is not geared up for Netscape users, (128 SSL), so back to square one. BTW, I have a firewall between the second router and the network, as per agreement with the stock provider
 
Upvote 0 Downvote
What I would do is to put the stock provider router on a separate subnet, preferably an RFC 1918 address like 192.168.2.x. I would add a secondary address to the default gateway (internet router) that is on the same subnet. Then add a static route to the internet router that points the IP address (or subnet) of the stock system to the stock system's router.

If you have enough interfaces on your firewall, I'd do the routing there, and never allow packets from the Internet to that network. The idea is to have a single gateway, and then forward packets from the default gateway to the stock gateway as needed. Everything else goes out through the Internet.

Why are you having trouble using 128 bit encryption on Netscape? It has been available forever.


pansophic
 
Upvote 0 Downvote
The problem with the SSL is not with Netscape, which is excellent, but with the bank itself. They instructed me to unistall Netscape 7.0 and install 4.7, because that is all they supported, but still no joy. The SSL works perfectly on IE6. Thanks for your help on the routing, when I figure out what you are suggesting I'll give it a shot.
I have already blocked the Stock Provider using the firewall and have the two routers and the firewall on different subs. The stock provider router is already configured for a static IP address,(their IP address)

Ah, I think I see what you are saying
 
Upvote 0 Downvote
Sounds as if they are a little behind the times, only supporting 4.7. You may have trouble downgrading though. I would guess that if you installed 4.7 on a clean system it would work OK.

In my routing example, I meant to explain that all traffic should go to your default gateway. If the default gateway identifies a packet as being bound for the stock website, it should forward the packets. It adds some overhead, but in theory you have at least a 10Mb network feeding into something that is probably 128Kb or 144Kb, so having to duplicate some of the traffic on the 10Mb segments should be OK.


pansophic
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Karl_vvk
  • Locked
  • Question
Can you advise me router model which can receive any ip from external network and create own local n
Replies
0
Views
97
Karl_vvk
Karl_vvk
OzzieGeorge
  • Locked
  • Question
Modems over SIP
Replies
2
Views
130
2600hz
2600hz
Sarfraz Ahmad
  • Locked
  • Question
NS500 - Connection from the Internet is not allowed
Replies
0
Views
87
Sarfraz Ahmad
Sarfraz Ahmad
stoobiedoo
  • Locked
  • Question
Windows 10 softmodem will only connect at 2400
Replies
1
Views
147
LoPath
LoPath
LOKIDOG
  • Locked
  • Question
Hayes Modem Won't Install on XP (SOLVED)
Replies
1
Views
94
LOKIDOG
LOKIDOG

Part and Inventory Search

Sponsor

Back
Top