Suggestions for a router between LAN and ISPs ADSL router

[Squib]

Hi,

I was hoping someone could give me a little advice on buying a router for the use detailed below.

Here is a little picture of how I hope to install an ADSL connection and then share it safely on my LAN.

(Internet)
I
I
(Splitter)
(Modem)
(ISP Router)
I
I
(My New Router) <-- question about this one.
I
I
(Switching Hub on Internal LAN)
I I I I I I I I I I
(about 40 PC's)


Now the Splitter/Modem/Router near the top is as provided by the ISP and I cannot touch this at all. It comes with a fixed external IP (on the internet), and a fixed private IP address.

As I cannot touch this router I need another router to provide security and connectivity between my LAN internal private ip adresses range (which I do not want to change) and the ISP provided private ip address. I would also like the router to provide NAT and anything else that anyone thinks is useful.

So, can anyone suggest a little router that is up to the job? I dont need it to provide any sort of DHCP services as I already have servers that do that.

To summarise I need a router that provides NAT, has one Ethernet WAN port that will go to the ADSL router and at least one Ethernet Port that will connect to a hub on my network.

Your help is greatly appreciated.

R

 

[MattWray]

Check out a little linksys or netgear DSL router, sounds perfect for your needs, and they're relatively inexpensive (under $200). Matt Wray
CCNA, MCP
mwray77518@yahoo.com

 

[Guest_imported]

I have two concerns regarding your setup. First, with 40 workstation I don't know if the Linksys, Netgear, or any of the other low-end routers can handle NAT with that many PC's. Of course this depends on your traffic volume. The routers can do the job you require but they were designed more for home networks which typically don't have more than a few PC's. I'd be concerned with the internal NAT tables getting too big especially considering these routers probably don't have too much onboard memory.

Second, I'd be concerned with running NAT twice which is what it seems you are planning on doing. It seems that the ISP router is running NAT to enable the ISP assigned private network to access the single public IP. Then you plan on having another router run NAT again for your own private network. This adds more overhead in each packet which could affect your bandwidth. Plus with 40 PC's your bandwidth might really be lousy.

That said, you can also consider as an option a proxy server with 2 NICs. You still have the double NAT issue, but at least it should be able to handle the size of your network memory-wise.

 

[Squib]

Thanks for the advice.

About NAT - The ISP router won't be running NAT, only the sencond router. So hopefully the overhead shouldnt be a problem.

I think I have decided to have a decent stab at security and run a combined firewall/router. I am looking at the Watchguard SOHO box which I believe should be up to the task.

I did think of using a proxy server with 2 NICs but as this will be a 2Mb ADSL I didn't know whether this Proxy would in turn become a bottle neck.

I am sure it will be an interesting time getting everything to play nicely together!

Thanks again,

R

 

[therayster]

I don't know if this meets your needs but you can build a NetBSD firewall/router that does NAT with the files from

http://www.dubbele.com/.

It's free, all you have to do is supply a low end PC (486, 8MB RAM) and two NICs. It's very secure and you can put intrusion detection software, DHCP, etc. on it. I've been using one for about a month with two 3Com 3C905-TX's, servicing 10 PCs, and it flies... I get the same amount of bandwidth as I do when I'm hooked straight into the ISP's modem.

 

[johnny99]

You could also use a FireWall.
Most firewalls will also handle NAT translation.

I would look at SonicWall for a Firewall (they are not too costly and easy to handle)

This would also add more security and logging.

/johnny