Add a router to existing network?

[mattmc97]

Hello all.

I have a network at work with about 25 users. We currently have 25 IP addresses leased with our DSL line and now need to add users. We do not need for everyone to have an IP, that is just the way it was originally setup. What we would like to do is take a router, assign a users IP address to it, and then connect two users to the router which would free up one IP for the new user we need to add.

We did this and can connect to the internet and a terminal application BUT we cannot login to the Win2000 server for a Network drive or connect to MS Exchange for Outlook Company Mail.

I have looked extensively on the net and found that I need to set up a relay agent and possibly an IP Helper Address but do not know how to do this. If this is not correct for Windows 2000, then I need X-tra help!

Using:
Win 98 terminals
win 2000 server
d-link 4 port router

Any help would be greatly appreciated.

:<)
Mattmc

 

[karmic]

You have 25 INTERNET ip addresses leased? Is that what you're saying?

If you're going to install a router why don't you use NAT and get rid of all the extra IP address from your ISP?
Everyone can access the internet through a router/firewall and the security is typically better.

I guess if you're using internet IPs, you are probably assigning them statically... If you set up DHCP and DNS on your domain and set up a server option for a router with the router IP address, that will work for you.

~ K.I.S.S - Don't make it any more complex than it has to be ~

 

[wtotten]

What is the layout of the network - where are the clients relative to the server and the router?

 

[oceanid1]

You have 25 ip address from you isp. Now you said you need to route thoughs ip's. You will need a special router to do that trick dlink 4 port routers are not designed for what you intend you will need a special router if you need the ip addresses routed where each ip address can be access or seen you are going to lose a couple ip addresses in the process since each router will need a gateway.I am assuming that one ip address is used to tunnel the rest of the ip address.I don't know you setup so i am only guessing.

 

[mattmc97]

The network was already setup when I got here. The IT person here basically got the entire system setup by SW Bell when they went to a server/client system. At that time they setup 25 users in the scope 64.219.208.0 . The address leases in this scope are 64.219.208.3 - ...27 .

We filled up the leases on this scope and then hired someone new. We took one address from someone who doesn't use their computer very much and then assigned it to the new guy. We now want to take one of the other users addresses and split it between two people so they can both have Outlook company email, network drive access, and internet access.

I figured the best way to do this from searching the web was to take a router, assign an IP address to it, and then connect the two users to it so they are basically sharing an IP address.

With the router setup just described, they can connect to the internet and can run a terminal emulation program that connects to a second server, but cannot log in to the MS exchange server for email and do not have access to the network drive which is accomplished by logging in to the computer thru client for MS networks.

I did not forsee this as being as difficult as it has been. I have tried setting up an additional scope with the routers internal address, tried setting up a super scope, and now think I need a relay agent or ip helper address according to the DHCP help in windows 2000 server help but cannot configure it.

My setup is I have a single network with a unix server, a windows 2000 / exchange server, and 25 users set up using DHCP in a scope with 25 users. From looking at the pictures in win2000 help. I am trying to setup two subnets. One which I described above the second would be the router (linking the two) and then two computers on the other side of the router which would use the router to connect back to the DHCP server.

Example here:

with the BOOTP gateway as a router is what is pictured in MS WIN2000 help.

I may be going about this the wrong way and it appears I am definately over my head, so any help is greatly appreciated!

thanks.

mattmc

 

[joebloeonthego]

dude, I'm far from being a network wizard (or even anything posing as one - and I've simplified everything) but I think you should just revamp it all.
simplest solution:
get ONE ip from your isp.
Buy a router and have it dhcp addys to your network.
now you have all the addresses you want (internal addresses - invisible to the outside world), and can just use a switch to seamlessly add more. and you shouldn't really have to change much.

I'd probably recommend (again, I'm no pro) buying one of those preconfigured linux gateway/firewall/all-in-one solution boxes as your 'frontman' (and then use a switch) to hide everyone behind, but a simple router would work.

 

[wtotten]

If understand correctly, you plugged in a DSL/Cable (ethernet) router with the WAN port connected to your LAN and two PCs plugged into the LAN ports. If that's true, did you configure the router as a &quot;router&quot; or a &quot;gateway&quot;?

It should work if you have it configured correctly.

Is the IP address for the WAN port of this new router in the 64.219.208.3 - ...27 range?

Bill

 

[mattmc97]

OK. Here is an update on where were at for all you who have been kind enough to give advice.

We are making progress but are not there yet!

We actually have two interfaces already setup in the router. 64.219.210.23 and a secondary interface at 64.217.113.85 which allow up to have two subnets under different scopes.

Each interface has its own gateway, even though they are physically on the same line. My two router gateways are 64.219.208.30 and 64.219.211.222.

See here for details,

http://support.microsoft.com/?kbid=255999

[/url] under superscoping

excerpt from page...
*****************************
When you use the superscoping option, you need to superscope a number of scopes together. Create each scope individually and then create a superscope to incorporate the individual scopes. This action requires you to perform the following steps:
1. Add secondary IP addresses to the current router interfaces.
2. Create a new DHCP scope for the new logical subnet.
3. Create a superscope and add the old and new DHCP scopes as children.
*************************************

I have set up two scopes and put them under a superscope and the first scope works fine 64.219.208.3-.25 Upon adding beyond the 22nd user, the new user then shows up under the address leases for the second scope of addresses 64.219.211.193 like it should. Ipconfig from client computer is showing it is getting the ip from the DHCP host of 64.219.211.193 and a default gateway of 64.219.211.222 which is the second interfaces gateway.

BUT, the client computer on the second subnet(scope) cannot connect to the internet or login to the server on the first subnet at 64.219.208.10 .

AM I missing something that would allow the two subnets/gateways to talk to each other???? It seems like there should be a way to link the two subnets but I haven't found a setting to tell the two to look for each other.

Specs once again:
Win 2000 server
cisco router
all clients win98, 2000, or XP

Thanks in advance once again!

mattmc

 

[frkb]

Matt -

From what I can tell you are attempting to address a relatively straightforward problem with a complex solution. With the details you've provided your best long-term solution (as suggested by others) is to use a router as your Internet gateway for all systems (including your mail server). Your systems will be more secure and you'll have more spare time to browse this site.

To accomplish this you need to do the following.
- Assign one of your public IP addresses to the external interface on your router. (Preferably the one currently used by your mail server.)
- Assign a private range to the internal interface on your router. 192.168.1.0/24 is most commonly used. (Disable DHCP on your router.)
- Assign a static address from the private range to each of your servers.
- Add a DHCP scope for your private range to one of your servers. (Be sure to configure the DHCP, GW & DNS servers that will be issued.)
- Port forward SMTP ip port(s) on router to mail server. (This is why I recommended mail server IP address for router - no MX record updates.)
- Assuming you have DHCP enabled on all of your clients, you should be able to restart them and start taking two hour lunches.

In the end you will be using one public address and you have the flexibility of having up to 254 internal hosts.

 

[chiph]

I agree with frkb -- people do this stuff all the time and it's not as complex as you're making it out to be. Look on eBay for a used firewall/router (the stuff you can buy at BestBuy & Circuit City won't handle your load). Something like a Cisco PIX 501 along with a couple of switches.

Here's one with a 50-user license, never used:

http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=3063653430&category=51168

You'll also get the ability to VPN into the network, so users can work from home.

Chip H.


If you want to get the best response to a question, please check out FAQ222-2244 first

 

[DrewSmith]

Hey Matt,

I'd love to give ya some free advice. If you would like to talk, contact me by email. drewsmith@wdkmfm.com

Drew