TomSims
join:2003-08-16
Saint Augustine, FL
| Basics, please!
I feel like I'm getting closer to understanding all this stuff at a minimum level but I'm not there yet.
Here's my story.
We have Cayman 3220-H ADSL 4 port routers. We have 5 static IP addresses on each router (Bellsouth - they sell you 4 port routers and five static IPs).
I'd like the computers to be able to do file and printer sharing on the LAN side of the network (peer-to-peer, we have no routers other than the Cayman).
We have the static IPs for use with our Cisco VPN. But my reading seems to indicate we may not need them.
So, five computers all need to be able to access the VPN simultaneously and I'd like them to be a peer-to-peer network.
Can I do it with the Cayman alone (obviously five computers don’t fit on a four port router)?
Do I need static IPS to do it - especially considering the VPN requirements?
Any and all insight would be greatly appreciated and talk to me like I know nothing; which ain't far from the truth.
Thanks to all who share their knowledge and experience.
Tom
|
|
dgilbert
Good Bye My Friend
Premium,MVM
join:2002-06-15
none
clubs:
| since you are trying to use a VPN server, you must use the statics assigned to each device. ipmaps don't work well with a VPN server FWIW. you should just get a switch and hook the machines to it, and the switch to the 3220.
word of advice, use a firewall on each machine. with public ips on your NICs, you are WIDE open to the net. you can set the firewall to allow file shares ONLY from your other ips.
--
If you can read this, thank a teacher..........and since it's in English, thank a soldier. |
|
TomSims
join:2003-08-16
Saint Augustine, FL
| OK, I'm a little disappointed that I have to stick with the static IPs (was hoping to save a little money), but I can live with that. The Cayman manual said something about being able to pass VPN traffic through but it did look complicated.
Anyway, so I need to code the static IP addresses into the NICs, get a 6 port switch and plug the 5 computers into it and the other port to the Cayman router, then set-up a peer-to-peer between the computers.
Sounds simple enough; not what I hoped for but do-able.
Thanks. |
|
dgilbert
Good Bye My Friend
Premium,MVM
join:2002-06-15
none
clubs:
| reply to TomSims
that about sums it up. if you wanted to go with only a single static, you could have your provider drop you down to their single static packeage, set the cayman for bridge mode, and hang a linksys or other SOHO router with VPN passthru capability behind the cayman, then hook all machines to that router. this will allow all machines to share a single ip, yet still do what you want without being wide open to the net.
or you could purchase the VPN option for the cayman, but this is really only good for allowing the cayman to be the VPN server.
--
If you can read this, thank a teacher..........and since it's in English, thank a soldier. |
|
TomSims
join:2003-08-16
Saint Augustine, FL
| Just to complicate things, I want to be able to log into the computers from my remote location using something like PC Anywhere.
How does that affect my situation?
For instance, I have two groups of computers set up on the Cayman routers but I can't ping from any of the computers to any of the other ones. Even though they are on the same router or even though they have static IP addresses, I can't ping them. I can ping the routers but not the computers behind them. Obviously, I'm missing something very fundamental.
Thanks.
Tom |
|
dgilbert
Good Bye My Friend
Premium,MVM
join:2002-06-15
none
clubs:
| reply to TomSims
the ping problem sounds like a firewall setting either in the router or most likely a software firewall on each machine. if you are running XP, it has a built in firewall which could be killing the pings. the only other thing i can think of is that you may be using NAT and public ips mixed or with ipmaps. in the case of ipmaps, you MUST ping by the local ip, not the public ip since the cayman does not do loopback. if you are running concurrent routing and bridging, NAT on some machines and public ips on other, they will NOT see each other. i sort of doubt this last option, since it is extremely tricky to get this to work with BSFA.
as to reaching them via PCA, it is pretty simple. since each machine currently has a public ip, all you should have to do is load pca on them and set the host to lauch with windows or setup a shortcut to launch it, whichever way you want to do it. of course, you must allow PCA in any firewall you run.
if you go to a single static ip, the setup is only slightly different. you would configure the first machine's host to be on the default ports of 5631 and 5632. then, the second machine 5633 and 5634, and so on and so forth. you then create pinholes in the cayman to point the proper ports to the proper machine. then from your remote, you setup a connection for each machine pointing to the same ip, but different ports.
--
If you can read this, thank a teacher..........and since it's in English, thank a soldier. |
|
TomSims
join:2003-08-16
Saint Augustine, FL
| The firewall is not installed in the Cayman but we do have Sygate Personal Firewall Pro on each machine. According to the documentation, "Allow ping reply" is enabled by default. The only thing I can find that might relate to it is a setting in Advanced Application Rules for allowing ICMP traffic.
Like I said, I'm missing something very basic.
Thanks
Tom |
|
