Using XP as a router

[[OUPA]MrNutz]

Hey peeps.

i need help ASAP

i've got a customer - telkom spacestream express..

their router only allows for 8 ip's via dhcp - 10.24.124.x (x=112-120).

the limit is imposed for optimal surfing experience - by GILAT(TELKOM).

contract also states only 8 IPS (in the dmz).

now...
they have 10 EXTRA people on the network who would like to either surf the net or share network printers..

so i was thinking..

create a 192.168.0.x range - add a single pc with 2 nics...nic A 10.x.x.x range ip and nic B 192.168.0.x range - and just try this article:

http://www.petri.co.il/configuring_routing_in_w2k_pro_xp_pro.htm

tried the url -application- it doesn't work ..
so basically i want to have the 192.168.0.1 for example as gateway and dns and then the other nic doing the forwarding (as per url) to the router.

any ideas?

really want to use xp - and not linux - this pc is on a farm - far far away - no adsl/3g - so remote desktop is not possible and driving out 50km each time - blegh!

 

[!!DV!!]

Does each PC need access to the internet for any other reason except web browsing?

You could try Internet Connection Sharing, as a option, MS XP as a router is not the best of ideas.

 

[Syndyre]

What about getting a second router like a Linksys WRT54G that could then do NAT for you to support the additional users?

 

[[OUPA]MrNutz]

Does each PC need access to the internet for any other reason except web browsing?

You could try Internet Connection Sharing, as a option, MS XP as a router is not the best of ideas.

90% of them do need internet access - the problem is that the telkom spacestream router has its own authentication method - and you can't access it via a webinterface - it has special software that the techs access it with.

so it basically assigns 8 ips via dhcp - and thats it...anything before or after that 8 ips is dead in terms of traffic (hence its a 8ip protected pool)

so i want to assign 1 pc to THIS pool - and then create a NICE and open 192.168.0.x pool.

thing is - there are network printers as well - and some people who use pastel that have internet - so i would like to get them ALL onto the same segment.

so there is NO easy way currently like ICS ...also its a transport company doing active gps/map tracking - so they need a FULL transparent setup...no proxies allowed.

 

[Cadavre777]

!!DV!!, I was thinking the same thing. XP for routing is trouble. 8 client pc's with public IP's is even bigger trouble.

 

[!!DV!!]

The 2 NIC setup sound the best option off hand.

 

[[OUPA]MrNutz]

those 8 receive natted IP - not public

something like 10.24.124.114 -122 mask 255.255.255.254 and dfgw 10.24.124.113.

 

[angryplum]

Have you concidered a Proxy

try something like winroute from tiny software. the old version 4 is no longer supported by the company and is available on a free ware license.

just install the proxy on the pc connected to the internet and share the connection internally. winroute supports DHCP and has a built in mail server with sorting rule.

then the internal network can be protected by a single firewall and printer and file sharing internally will operate normally.

Good luck

 

[[OUPA]MrNutz]

proxies are a problem - they use active tracking programs for their fleet management (trucks ect).

and there isn't a Proxy port/socks specification that u can do - so it must be transparent as possible (default gateway+dns)....

i've looked at wingate (which is transparent) - but damn its expensive!

 

[!!DV!!]

Have a look at the following: http://www.youngzsoft.net/ccproxy/index.html

Not sure that it will work for your requirement but worth a shot...

 

[Cadavre777]

Woops, yeah I should've taken a closer look at the IP range.

 

[[OUPA]MrNutz]

Have a look at the following: http://www.youngzsoft.net/ccproxy/index.html

Not sure that it will work for your requirement but worth a shot...

been using that for years at another client site - but this , yet again is a non-transparent proxy...REAL COOL app tho

doesn't handle default gateway+dns ...sigh

 

[Syndyre]

Have a look at the following: http://www.youngzsoft.net/ccproxy/index.html

Not sure that it will work for your requirement but worth a shot...

been using that for years at another client site - but this , yet again is a non-transparent proxy...REAL COOL app tho

doesn't handle default gateway+dns ...sigh

And if you combined an app like that with proxifier on the other pc's?

 

[[OUPA]MrNutz]

not gonna work...

looks at the moment like wingate.

if you guys have any other suggestions - all welcomed!

i want to keep this easy as possible - lots of people need the dhcp function.

 

[[OUPA]MrNutz]

not getting any luck in 2 nics...testing 3g as sample..

now: its seems what i want to do is:

nat an already existing natted network.. (10.x.x.x - > 192.168.x.x)

anyone please

 

[howardb]

I added a wireless (AP) Access Point (and I suppose you could do the same with a wired point) to my wired 4 port router with 4 fixed IP addressses - the AP was set as a DHCP server with additional range of IP's with one port on my router allocated to the AP - all PC's that connected to the Wireless AP were auto-configured to obtain IP's from the AP - can access the internet no problem, just file sharing is a mission to setup if needed...

In your case you have IP range: 10.24.124.114 -122 and default gateway: 10.24.124.113
If I translate your IP's to my setup, I would have the following:
- IP 10.24.124.122 was allocated to the wireless AP
- The AP was given a unique ESSID
- MAC address filtering was turned on
- Configured the AP through the AP software as a DHCP Server as follows:
- IP Address: 10.24.124.122 (Fixed IP)
- Subnet Mask: 255.255.255.254
- Gateway: 10.24.124.113
- DHCP Range from 192.168.124.123 to 192.168.124.132
- DNS: use the one given by your router
- Security was then enabled, as it's wireless

You should be good to go, whether you use a wireless or wired Access Point.

Cheers,
HB

 

[bullfrog]

Why not try a dedicated linux machine with a dedicated linux os like smoothwall? I'm sure with a bit of work you will be able to configure it to your needs.

 

[Neo_X]

Solution A:

If you are able to add routes for your 2nd network to your existing router, use a pc with two network cards and change the following registry parameter to 1.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters
IPEnableRouter

Solution B:
If you cant add routes to your existing router, you will have to resort to some application that can do NAT'tin. You can shoot me if i know where, but i found a "free" version of Kerio Winroute Firewall about 2 years ago that could do this. think i still had to enable routing in windows tho.. but the software application handled the rest, with some added features like user management etc.

If somebody can recommend other free apps that can do NAT over two network interfaces, i would appreciate it alot.

 

[koffiejunkie]

Aside from the usual concerns with putting Windows on a job like that, you guys seem to forget one thing:

XP Pro is limited to 10 client connections (Home is limited to 5). Forget about using it reliably for 18 people.

Have you thought of just manually assigning IPs? Unless they've gone and done something like subnetting it (you don't show that) or firewalling out any ips not assigned by the router, that should work.

And why are your clients in the DMZ???

 

[Sapphiron]

I vote for smoothwall Express

Find an old Pentium 1/2 box lying around, stick a second network card in it and go

It's free!!! and simple.

I've got a client who's been running it on a 486 for like 6 years now. It's still running!!! never had a callout on it