> Hello to all users out there, > > I'm a relative novice to network administration so forgive me in advance > for asking questions that may sound to most of you trivial at best :) > > I'm running a small LAN in an office. Currently, all my machines are > connected directly to the Internet via a Shiva Integrator 150 router (ISDN > line 64K). I have a class C address range distributed by a DHCP server > running on one of my Novell NetWare servers. Since we intend to move into > a lease line, we need some sort of IP filtering/firewalling. A full > firewall is beyond our budget, so we decided to use a Qube 2 instead. > > The idea is simple - connect the Qube to the router and the rest of LAN to > the Qube and have all internet traffic go through the Qube. I tried two > options - one: using NAT for IP masquerading, two: creating two subnets > (we have a class C range, and enough leeway to divide network to two). > I've experienced problems in both settings and couldn't accomplish > mission. Would appreciate any help or advice. Following is an exact > description of the configurations I tried. > > 1. NAT - the x.x.x.1 of my address range is reserved to the router. I gave > the secondary port of the Qube a x.x.x.2 address, and a private address > range (192.68.27.4) to the primary. both subnet masks 255.255.255.0. > > I couldn't reach beyond that point, 'cause I couldn't connect to the > router with my workstation (that still had a "real" IP address distributed > by the router). Hence, I couldn't continue changing the configuration. To > be honest, I wasn't sure exactly how this works, so I decided to go for > option 2.... > > 2. Subnetting - Router stays the same. Secondary x.x.x.2, subnet mask > 255.255.255.0 > Primary - x.x.x.129, subnet mask 255.255.255.128. DNS setting - ISP DNS > server + DNS turned on on the Qube. DHCP distributing 130-254 addresses. > > Setting works fine on MAC and NT machines, but fails on W95 machines. the > latter can only reach the gateway (Qube), but not beyond that. A few > questions about this setting? > > 1. Is my Subnet Mask definitions correct? Do I need to change the subnet > mask on router (currently on 255.255.255.0)? > 2. Do I have to use as domain name the same one used by my ISP (my > comapny.com), or can I use a "fake" doamin name for internal DNSing ? > > This is more or less the story - sorry for the long message. Will > appreciate any help or advice.... > > > Thanks in advance > Ariel Levin > in Brussels > > > > > > > > >
<<attachment: winmail.dat>>