Re: sharing a firewall?

From: N. Miller (anonymous_at_discussions.microsoft.com)
Date: 08/22/04


Date: Sun, 22 Aug 2004 14:19:08 -0700

In article <FF94B027-055B-41A8-A8CA-35D2DDB0147C@microsoft.com>, =?Utf-8?B?
TGl6IE11cnBoeQ==?= says...

In your follow up post you apologized for getting this sent to the wrong
group. I have, hopefully, fixed that by a cross post with follow up to set.
There were three networking groups to choose from; but I selected the
Windows XP group because that is the computer you are considering running
ICS on.

> I have an xp pro that I want to network with two 98s and a 95 computer at
> home, so we can all share one dial-up connection. (so the kids can access the
> internet without tying up my work computer)
> the xp has an ethernet card, and we use dial-up
> I am new to networking and have some basic questions:
> (I don't even know the terminology for networking, so please be patient.)

> If I use the xp pro as the host computer, can I configure the other
> computers to access the internet through it's firewall, or does each computer
> have to run it's own firewall app?

Use a firewall application on each computer. If you use the XP as a host,
you will wire an Ethernet adapter on the XP to a hub, or a switch. The
prices are about the same, and the switch should provide better performance.
You will have to set up ICS, sharing the modem adapter with the LAN.

Also, if you enable "File and printer sharing for Microsoft Networks" on the
XP, only bind it to the Ethernet adapter; do not bind "Client for Microsoft
Networks" or "File and printer sharing for Microsoft Networks" to the modem!
If you need more detail, just ask.

> or do I have to buy a router with it's own firewall?
> do they even work on dial-up connections?

There are a few out there; I think D-Link has one. One of the pricier
Netgear wireless firewall/routers appears to have one (FWG114P; would that
they had done that on the FR114P!). And the SMC Barricade 7004ABR. It is the
successor to the SMC Barricade 7004BR, which I used for two years; the
difference seems to be that the BR has to be manually switched to dial-up
mode while the ABR can be set to automatically switch in a 'fail-over' mode.
Only a factor for people with HSI connections. You could just configure it
to use a modem in your circumstance.

> if I do that, do I have to disable my xp's onboard trend firewall?

If you are going to run a third party software firewall application,
disabling ICF might be a good idea; or not. I haven't played with such a
combination, so I don't know what kind of conflicts that might cause.

> Does anyone know a link to a site which could help me determine what
> hardware (cords, adapters, switches-whatever) I will need to buy to create a
> network?

http://www.broadbandreports.com/
http://www.practicallynetworked.com/

> I'm hoping for maybe a vendor site where I can input what I want to do and
> it will try to sell me the required hardware.

For the SMC Barricade 7004BR:
http://www.smc.com/ {First time visit should let you pick a region.}

For the D-Link DI-707:
http://www.dlink.com/products/?pid=64 {DI-707; has an RS-232 port.}

For the Netgear FWG114P:
http://www.netgear.com/products/prod_details.php?prodID=220&view=

The SMC link will let you pick the region of the world where you are; I
didn't take you directly to the Barricade 7004ABR because I don't know if it
would jump there after asking for your region. Navigating to that product
shouldn't be hard. The other two products have a DB-9 RS-232 port, according
to the product descriptions; but the 7 port switch (D-Link) and wireless
router (Netgear) probably make them a bit higher in price than the SMC
Barricade 7004ABR. You will have to visit each site and make your own
comparison. Maybe a Google search on "dial-up router" might turn up others.
Or try "Asante"; they are an OEM source for the 7004BR, and maybe the
7004ABR as well.

I've used the SMC Barricade 7004BR (not the ABR; which is newer, and a
replacement), and the Netgear FR114P (which is not wireless, and does not
have the RS-232 port, alas; but is otherwise identical, and a very nice unit
with Stateful Packet Inspection (SPI) filters); both were easy to configure,
and afford better than average options of most routers.

> does each of the non-host computers have to have a network card?
> or can they be networked through their modems with a phone line to the xp's
> ethernet card?

Phoneline networking exists, but I don't know what equipment is required for
PN-to-Ethernet conversion. Ethernet network adapters are cheap enough, and
it would be easier to add them and a switch. If you actually decide to
spring for one of those routers I mentioned, they have the RJ-45 ports to
link up at least four computers (the D-Link will link up at least seven
computers). If you need more ports than those devices have, you just add a
switch; use a CAT 5 patch cord from one of the router ports to the uplink
port of the switch.

> when we convert to cable or dsl will I have to buy a whole new set of
> networking cords and adapters to upgrade the dial-up sharing to cable/dsl?

Not for the Ethernet adapters in each computer; those are the same
regardless of the means of connecting to the Internet. If you obtain one of
the routers I listed, the ones with the RS-232 port for a modem connection,
the switch to HSI is just a switch from a serial cable between the router
and the dial-up modem to a CAT 5 patch cord from the router to the cable/dsl
modem. No new equipment at all.

If you used ICS on the XP, you would disable ICS, and add a router; wiring
all computers to the new router. If you used a switch with ICS first, the
switch becomes an excess piece of equipment; unless you exceed the port
capacity of the router. If you find one of the three routers with dial-up
support worth the cost, it would be smart to pick one of those. In that way,
you get to share your dial-up connection right now; and have nothing extra,
but the cable/DSL modem, when you switch to HSI. The Netgear has the
advantage of wireless connections, if you don't want to pull CAT 5
throughout your house.

> from what I've read, I assume I have to create the entire network before
> enabling internet connection sharing, is this the only way to do it, or can
> I add one or two computers initially, then add the others later without too
> many glitches/reconfigurations?

You would only need to set up ICS once, and only if you don't want to spring
for one of those dial-up supporting routers. You should be able to add
additional computers without doing anything to the ICS computer; it should
pick up the new computers without a hitch. Configuring the new computer
properly can always be an adventure, though; even with a router instead of
ICS.

> any comments, suggestions or links would be appreciated

I hope that you can find something useful in my comments. Personally, I
would go with a router that has dial-up modem support if I were at the point
that you are. Especially if you plan to upgrade to HSI any time soon. You
will have the equipment, except for the cable/DSL modem, already at hand.

-- 
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint


Relevant Pages

  • Re: Trouble obtaining IP address
    ... So some internet providers will not ... On newer systems, you have to power cycle the cable modem to make it work reliably, with a pause of about a minute between off and on. ... This is what the "clone MAC address" function on routers is for - you log into the router from the system that was originally connected to the cable modem, ... >said I cannot switch Ethernet cable from one computer to another and>expect ...
    (microsoft.public.windowsxp.network_web)
  • Re: DSL Router
    ... Du kannst den AirPort-Express als PPPoE Router konfigurieren und den ... der LAN-Port mit dem DSL-Modem verbunden). ... Router-only Modus* mit einem externen Modem, und haben einen Switch ...
    (de.comp.sys.mac.internet)
  • Re: sharing a firewall?
    ... so we can all share one dial-up connection. ... and the switch should provide better performance. ... Networks" or "File and printer sharing for Microsoft Networks" to the modem! ... Maybe a Google search on "dial-up router" might turn up others. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Comcast High Speed Internet and Router
    ... I knew it was a router issue but thought ... Their modem will only route to 1 ... I myself have a 25mbits connection - also with just one MAC address, but I have never had any problems ... Instead of a router, I bought a 8-port Belkin Gigabit cabled switch,, - connected it to the broadband modem - and voila - all machines are able to go online when and if i want to. ...
    (comp.sys.mac.apps)
  • Re: dial-up and wireless networking
    ... how exactly is a garden-variety router going to share a dial-up ICS ... You have to look at the router specs. ... You connect a standard full service serial modem to the DB9 port, ... connection. ...
    (microsoft.public.windowsxp.network_web)