New server

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

cantthinkofanick

Thread Starter
Joined
Apr 18, 2007
Messages
4
I am going to fit a Windows server 2008 serving several PCs/Laptops (which may be used remotely) around and need to rationalise the LAN. Currently have an old DG834 to the ADSL and a 100Mhz switch (48 ports) connected going thence to all the PCs. The router also connects to a Belkin g wireless router which works fine to all our laptops. There is another Belkin used as a relay in another building. I would like some of the PCs to be on a separate subnetwork as I don't want them associated with the server but all need to access the internet. I would also like the server to be connected with a GBit ethernet link to help with throughput. There is only one route out to the internet but I will want a link into the server (a fixed IP can be arranged) to control it (VPN?). I will rationalise the cables but these are cat5e so can largely stay.

Can anyone suggest any eqmt. type for the router/switch to replace the DG834. I would like to keep the Belkins for the time being but could have a n/g router with wireless which I could keep silent for now (phase in later when we have n type laptops)?
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,661
So first question, do you need total isolation of the server from the workstations? If not, you can get a router like a Netgear FVS338. The FVS338 allows you to have secondary IP addresses assigned to the LAN side of the router. This will allow you to run your server and workstations on different subnets. The only catch is from a security aspect....well....it's not really all that secure.

If you want total isolation, you're going to have to get a managed switch to set up VLANs and a router/firewall which can either support VLAN tagging or one with multiple interfaces.

With respect to having GigE for the server, you would just need switch which support GigE speeds.
 

cantthinkofanick

Thread Starter
Joined
Apr 18, 2007
Messages
4
Thanks zx10guy. Well, I want a hacker (sitting at) the "public" PCs to be unable to query the other networked PCs/laptops/server(s) which must work together in the context of a windows server SBS2008. I assumed that I would configure one subnet say 192.168.0.x and the other 192.168.1.x via some sort of configuration on the switch/router. But The "public" PCs do not really need to be networked themselves (although that might be a later option so I would expect to configure them). They are also setup with a limited account for day2day users with a separate account and password for admin. use (as of course are all other machines!). By "secondary" are you referring to configuring another IP address for the "public" PCs? One slight complication is that the wireless is shared all round so I would need to provide separation there as well!
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,661
So outline again what you're trying to accomplish in bulletized format. It's a bit hard to understand your objectives with everything in one big paragraph.

As far as secondary IP addressing, a router which is capable of doing this can support another subnet on any interface on the router. With the Netgear, it supports multiple secondary IP addresses for its router interface on the LAN side. The problem with the Netgear and how it supports this is that traffic for all subnets are still mixed together. If someone figures out what subnets you're running on your network, then they can easily circumvent the IP separation. This why it's better to use VLANs to group devices you don't mind talking to each other at the layer 2 level and then control traffic going in and out of that VLAN with ACLs.
 

cantthinkofanick

Thread Starter
Joined
Apr 18, 2007
Messages
4
Yes thanks, I'm looking at the NetGear PROSAFE 24-PORT 10/100 SMART which I think will do the job and provide me with a port for the server. That gives me the VLANs which I can use to isolate the "public" PCs and connect both LANs to the router.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Top