If they are going to have their own class c address and with a satellite
feed,
I don't think the proxy will be necessary unless there is a problem with
security
and they want to keep the local LAN separate from the internet. In this
case,
they may still want to use the proxy server.
Using ip forwarding is the wrong way to go in either case. If all machines
are on
the users class c. you wouldn't be routing though the NT, and if you decide
to
use the proxy, ip forwarding will allow you to go around the proxy and not
through it.
-----Original Message-----
From: Mitch Wagers <mwagers@ocsnet.net>
To: ntisp@emerald.iea.com <ntisp@emerald.iea.com>
Date: Sunday, December 07, 1997 5:13 PM
Subject: Re: setup of NT sub-ISP
>Um....Here's how it should be done if I understand you correctly. The
Cisco
>router will also gain a bunch of performance running by itself instead of
>relying on a host and is also easier to manage. If you assign him a block
>of 16 IP's with the *correct* subnet for those 16 IP's. (I.E. you can't
just
>remove a chunk of your Class C) and he connects to YOU with HIS IP, then
>here is what I would do (although I recommend using your IP for his Cisco
>WAN interface and his IP for his Cisco Ethernet0 interface):
>
>His router should have an IP on his subnet. If the NT Server is .80, then
>set the router to .81 or .82 (anywhere in there) WITH the correct subnet
for
>the Ethernet0 Port, you should not have to use two IP's for the router.
The
>gateway on the router is set for your "Access Server" that he connects to
>(the router is what connects to you, not the NT Machine). Then, there will
>be a flagged route (labeled NL) which the Cisco's IP and your Access
Server.
>He should then add the route: "0.0.0.0 0.0.0.0 your.access.server.ip metric
>permanent" The "permanent" command depends on the IOS he is running. Do
not
>turn on RIP, IEGRP, etc, etc...just default routing!
>
>If he connects to you via one of YOUR IP's (i.e. not on his subnet), then
>the Ethernet0 interface of his Cisco is still be one of HIS IP's, but the
>"controller" or wan interface would be the IP he connects to you with (the
>IP you give him upon connection, needs to be static for best results).
>Then, the gateway on his Cisco needs to be set to your Access Server, just
>as before. The NL route will be different than the above, however. Add the
>same default route as above.
>
>He should really be connecting to you via one of your IP's and not his own.
>Therefore, his Router will have two IP's, each from a different network.
I'm
>not sure I covered everything, but configuring a Cisco router is a bit more
>entailed than just two paragraphs.
>
>Mitch Wagers
>Network Operations Manager
>mwagers@ocsnet.net
>
>
>
>At 11:41 PM 12/7/97 +0200, you wrote:
>>Hello,
>>
>>I will start by specifying that I am working for a Solaris based ISP, so
>>therefore I thought I could get help from you ,(NT ISPs), in the setup
>>of an NT sub-ISP for one of my clients.
>>That client now has the following setup:
>>NT 4.0 server running mdaemon server for mail and wingate as proxy.
>>That client also has Routing and Ras server running on that server, and
>>accepts dial-in connections on 12 modems.
>>he provides the internet connection to these dial-in connections, by
>>dialing out to our services (DUN of NT 4.0), where he is assigned a
>>static IP u.v.w.178.
>>we also provided him with a subnet of 16 IPs x.y.z.80.
>>The x.y.z.81 is assigned to the server. the modems are served from a
>>pool (the rest of
>>the subnet)
>>this subnet is routed (in our routing tables) thru the static IP
>>u.v.w.178.
>>
>>Now that client bought a cisco 1005 router, and will be connected to our
>>services thru a microwave link. The modem (cisco 1005), boots from a
>>TFTP server (installed on the NT 4.0 server)
>>later on, that client will extend the Internet access also to his local
>>LAN.
>>I am wondering on the configuration that should be done after
>>installation of the cisco router. I planned the setup as follows, please
>>add or rectify :
>>
>>
>>1- assign another subnet of 16, e.g s.r.t.80 , for the LAN.
>>assign for example s.r.t.81 for the NT server ethernet, and s.r.t.82 for
>>the cisco ethernet port.
>>2- on the NT server, enable IP forwarding (in order to have all the
>>dial-in connections routed to the ethernet of the server, and from there
>>to the router ethernet, than to the router serial port which is linked
>>to our services).
>>3- on the NT server, also specify s.r.t.82 (ethernet of cisco router) as
>>a TCP/IP gateway in network/protocols/TCPIP gateway.
>>3- in our routing tables, change routing of subnet x.y.z.80 to have the
>>x.y.z.81 IP (NT server) as a gateway.( or isn't it necessary ???)
>>4- on the LAN PCs, specify s.r.t.82 as a TCP/IP gateway.
>>5- what should be the TCP/IP gateway address for the clients dialing
>>into the NT server ??? x.y.z.81 ??
>>
>>
>>are there any static routes that should be added on the NT server ???
>>
>>Please advise on the best setup.
>>
>>thank you,
>>Clara
>>
>> ----------------------------------------------------------
>> NTISP Mailing List listserver@emerald.iea.com
>>
>>
>
>
> ----------------------------------------------------------
> NTISP Mailing List listserver@emerald.iea.com
>