1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

New server

Discussion in 'Networking' started by cantthinkofanick, Apr 3, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. cantthinkofanick

    cantthinkofanick Thread Starter

    Joined:
    Apr 18, 2007
    Messages:
    4
    I am going to fit a Windows server 2008 serving several PCs/Laptops (which may be used remotely) around and need to rationalise the LAN. Currently have an old DG834 to the ADSL and a 100Mhz switch (48 ports) connected going thence to all the PCs. The router also connects to a Belkin g wireless router which works fine to all our laptops. There is another Belkin used as a relay in another building. I would like some of the PCs to be on a separate subnetwork as I don't want them associated with the server but all need to access the internet. I would also like the server to be connected with a GBit ethernet link to help with throughput. There is only one route out to the internet but I will want a link into the server (a fixed IP can be arranged) to control it (VPN?). I will rationalise the cables but these are cat5e so can largely stay.

    Can anyone suggest any eqmt. type for the router/switch to replace the DG834. I would like to keep the Belkins for the time being but could have a n/g router with wireless which I could keep silent for now (phase in later when we have n type laptops)?
     
  2. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    6,300
    So first question, do you need total isolation of the server from the workstations? If not, you can get a router like a Netgear FVS338. The FVS338 allows you to have secondary IP addresses assigned to the LAN side of the router. This will allow you to run your server and workstations on different subnets. The only catch is from a security aspect....well....it's not really all that secure.

    If you want total isolation, you're going to have to get a managed switch to set up VLANs and a router/firewall which can either support VLAN tagging or one with multiple interfaces.

    With respect to having GigE for the server, you would just need switch which support GigE speeds.
     
  3. cantthinkofanick

    cantthinkofanick Thread Starter

    Joined:
    Apr 18, 2007
    Messages:
    4
    Thanks zx10guy. Well, I want a hacker (sitting at) the "public" PCs to be unable to query the other networked PCs/laptops/server(s) which must work together in the context of a windows server SBS2008. I assumed that I would configure one subnet say 192.168.0.x and the other 192.168.1.x via some sort of configuration on the switch/router. But The "public" PCs do not really need to be networked themselves (although that might be a later option so I would expect to configure them). They are also setup with a limited account for day2day users with a separate account and password for admin. use (as of course are all other machines!). By "secondary" are you referring to configuring another IP address for the "public" PCs? One slight complication is that the wireless is shared all round so I would need to provide separation there as well!
     
  4. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    6,300
    So outline again what you're trying to accomplish in bulletized format. It's a bit hard to understand your objectives with everything in one big paragraph.

    As far as secondary IP addressing, a router which is capable of doing this can support another subnet on any interface on the router. With the Netgear, it supports multiple secondary IP addresses for its router interface on the LAN side. The problem with the Netgear and how it supports this is that traffic for all subnets are still mixed together. If someone figures out what subnets you're running on your network, then they can easily circumvent the IP separation. This why it's better to use VLANs to group devices you don't mind talking to each other at the layer 2 level and then control traffic going in and out of that VLAN with ACLs.
     
  5. cantthinkofanick

    cantthinkofanick Thread Starter

    Joined:
    Apr 18, 2007
    Messages:
    4
    Yes thanks, I'm looking at the NetGear PROSAFE 24-PORT 10/100 SMART which I think will do the job and provide me with a port for the server. That gives me the VLANs which I can use to isolate the "public" PCs and connect both LANs to the router.
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/914452

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice