Can someone help me with my setup

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Can someone help me with my setup

nauru

2 posts

Wannabe Geek
Inactive user

#20718 3-Apr-2008 20:50

I need help i'm confused, can someone tell me if my setup is "safe from hackers", and if it is a stable setup?
Please read first :

*My provider gave me a
5 public Static IP address

Problem:
The old setup was : the modem was connected to the router and the router is connected to the d-link. the problem was, there is not enough ventilation in there. One day i noticed that some of the users are arguing "THERE IS NO INTERNET" when i checked the router, i noticed that it is too hot?. so I tried another router (for 3 days) and concluded that the router is defective.

Now, the owner of the company asked me to transfer the router to the other room (which is the server is located).. Since the router is defective, I tried to look for a spare and sad to say I found another router (same model -- linksys) but it is defective too. Then all of the sudden I got an idea of upgrading the firmware of the 2 router. After few secs. It works normally again BUT. when most of the users use the internet (browse-download mails) simultaniusely. It drops the internet. So what I did is

1. edit the scope in my DHCP server and added another gateway. (in my research, they say that you could setup a fault tolerant gateway in which that if the gateway is not available (due to repair, or not reachable), then windows will look for another gateway in his list.
After reading that, i've made a similar setup -->" I've made Fault tolerant gateway in which that incase the other linksys "request timeout", all users automatically goes to the other linksys (vice versa)"

but the problem is , I've put the modem into the switch along with the network. After my friend see my diagram, he asked me: (along with my answers)

1. Why is that the modem is connected to the "switch and not connected to the router directly?"
--> Because that room was made into a "stock room". and I noticed that the router can't handle the room temperature in there"
2. Your router seems useless since you connected it to the entire network. Also You are subject to hackers since you connected your modem directly to your network.
--> I told him. I tried to use the modem as a gateway ( the modem has a an IP addresss of 192.168.1.1) because i wanted to know if I can use it as a gateway. But i failed. Later I realized that I can only have an access to the internet if I use the public IP given by the provider. so I asked him.. How can a hacker attack one of the PC connected to the same swtich if the subnet is different. So.. to attack one of the PC without going to the two gateway (in my setup) is impossible unless, the provider has configured the modem to allow to act as a "gateway" -- i think

here is the diagram:

network

webwat

2036 posts

Uber Geek
+1 received by user: 145

Trusted

#120936 3-Apr-2008 23:45

Mate, I presume your DLink is an ethernet switch? You never said that.

Your modem must be a NAT router if it has that IP address so why do you need another router? Maybe it is more configurable so that makes sense. If your modem has more than one ethernet port you can connect both Linksys routers directly to the modem, otherwise you need a separate network switch (or put modems LAN snd the WAN ports of the Linksys onto a separate vlan). Both the Linksys and the modem are acting as a gateway but the modem is probably configured as a bridge to send everything to your Linksys router, so that is probably causing half your problems.

Switch connects to LAN port on your router. Wan on your router connects to LAN on the modem.

Time to find a new industry!

tknz

182 posts

Master Geek
+1 received by user: 7

#120950 4-Apr-2008 00:50

hmmm if you realy wanted a secure network i would probably pool the internet into a switch on a dif vlan if u used a managed switch, but if not u cud jus have the modem network, with 2 routers which can pool from those modems, so in a way you have yourself a bit of a DMZ then you run your private lan on a seperate subnet as I wouldn't really trust the firewall capabilities of just modems sitting there... a linux smoothwall wud do the trick..

T

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Any views and ideas that I have expressed in my comments are my own, and do not represent my place of work.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

nauru

2 posts

Wannabe Geek
Inactive user

#121090 4-Apr-2008 14:53

for temporary solution, I used two (2) routers since i just thought that incase the other router drops local network connection again, windows xp would transfer to the other gateway (router).. because as of now, i'm still looking for a high performace dual wan router that is not too expensive that would replace the defective router.

I try to talk to the owner today to discuss on transferring the modem to the server room. If he will approve this, then i'll change the setup again. (internet --> modem ---> router --->switch) which is i think the common setup for some companys.

@ Tuikappo;

I tried to talk to the owner last month in getting another server (to act as a gateway- with linux installed) but he said. "not now"