At 09:22 PM 12/7/97 -0500, you wrote:
>You also need to make a decision about the wingate proxy server. Although
>there are things to be gained by using a proxy server, if not set up
>properly,
>it can cause some problems.
>
>If they are going to have their own class c address and with a satellite
>feed,
>I don't think the proxy will be necessary unless there is a problem with
>security
>and they want to keep the local LAN separate from the internet. In this
>case,
>they may still want to use the proxy server.
>
>Using ip forwarding is the wrong way to go in either case. If all machines
>are on
>the users class c. you wouldn't be routing though the NT, and if you decide
>to
>use the proxy, ip forwarding will allow you to go around the proxy and not
>through it.
>
>-----Original Message-----
>From: Mitch Wagers <mwagers@ocsnet.net>
>To: ntisp@emerald.iea.com <ntisp@emerald.iea.com>
>Date: Sunday, December 07, 1997 5:13 PM
>Subject: Re: setup of NT sub-ISP
>
>
>>Um....Here's how it should be done if I understand you correctly. The
>Cisco
>>router will also gain a bunch of performance running by itself instead of
>>relying on a host and is also easier to manage. If you assign him a block
>>of 16 IP's with the *correct* subnet for those 16 IP's. (I.E. you can't
>just
>>remove a chunk of your Class C) and he connects to YOU with HIS IP, then
>>here is what I would do (although I recommend using your IP for his Cisco
>>WAN interface and his IP for his Cisco Ethernet0 interface):
>>
>>His router should have an IP on his subnet. If the NT Server is .80, then
>>set the router to .81 or .82 (anywhere in there) WITH the correct subnet
>for
>>the Ethernet0 Port, you should not have to use two IP's for the router.
>The
>>gateway on the router is set for your "Access Server" that he connects to
>>(the router is what connects to you, not the NT Machine). Then, there will
>>be a flagged route (labeled NL) which the Cisco's IP and your Access
>Server.
>>He should then add the route: "0.0.0.0 0.0.0.0 your.access.server.ip metric
>>permanent" The "permanent" command depends on the IOS he is running. Do
>not
>>turn on RIP, IEGRP, etc, etc...just default routing!
>>
>>If he connects to you via one of YOUR IP's (i.e. not on his subnet), then
>>the Ethernet0 interface of his Cisco is still be one of HIS IP's, but the
>>"controller" or wan interface would be the IP he connects to you with (the
>>IP you give him upon connection, needs to be static for best results).
>>Then, the gateway on his Cisco needs to be set to your Access Server, just
>>as before. The NL route will be different than the above, however. Add the
>>same default route as above.
>>
>>He should really be connecting to you via one of your IP's and not his own.
>>Therefore, his Router will have two IP's, each from a different network.
>I'm
>>not sure I covered everything, but configuring a Cisco router is a bit more
>>entailed than just two paragraphs.
>>
>>Mitch Wagers
>>Network Operations Manager
>>mwagers@ocsnet.net
>>
>>
>>
>>At 11:41 PM 12/7/97 +0200, you wrote:
>>>Hello,
>>>
>>>I will start by specifying that I am working for a Solaris based ISP, so
>>>therefore I thought I could get help from you ,(NT ISPs), in the setup
>>>of an NT sub-ISP for one of my clients.
>>>That client now has the following setup:
>>>NT 4.0 server running mdaemon server for mail and wingate as proxy.
>>>That client also has Routing and Ras server running on that server, and
>>>accepts dial-in connections on 12 modems.
>>>he provides the internet connection to these dial-in connections, by
>>>dialing out to our services (DUN of NT 4.0), where he is assigned a
>>>static IP u.v.w.178.
>>>we also provided him with a subnet of 16 IPs x.y.z.80.
>>>The x.y.z.81 is assigned to the server. the modems are served from a
>>>pool (the rest of
>>>the subnet)
>>>this subnet is routed (in our routing tables) thru the static IP
>>>u.v.w.178.
>>>
>>>Now that client bought a cisco 1005 router, and will be connected to our
>>>services thru a microwave link. The modem (cisco 1005), boots from a
>>>TFTP server (installed on the NT 4.0 server)
>>>later on, that client will extend the Internet access also to his local
>>>LAN.
>>>I am wondering on the configuration that should be done after
>>>installation of the cisco router. I planned the setup as follows, please
>>>add or rectify :
>>>
>>>
>>>1- assign another subnet of 16, e.g s.r.t.80 , for the LAN.
>>>assign for example s.r.t.81 for the NT server ethernet, and s.r.t.82 for
>>>the cisco ethernet port.
>>>2- on the NT server, enable IP forwarding (in order to have all the
>>>dial-in connections routed to the ethernet of the server, and from there
>>>to the router ethernet, than to the router serial port which is linked
>>>to our services).
>>>3- on the NT server, also specify s.r.t.82 (ethernet of cisco router) as
>>>a TCP/IP gateway in network/protocols/TCPIP gateway.
>>>3- in our routing tables, change routing of subnet x.y.z.80 to have the
>>>x.y.z.81 IP (NT server) as a gateway.( or isn't it necessary ???)
>>>4- on the LAN PCs, specify s.r.t.82 as a TCP/IP gateway.
>>>5- what should be the TCP/IP gateway address for the clients dialing
>>>into the NT server ??? x.y.z.81 ??
>>>
>>>
>>>are there any static routes that should be added on the NT server ???
>>>
>>>Please advise on the best setup.
>>>
>>>thank you,
>>>Clara
>>>
>>> ----------------------------------------------------------
>>> NTISP Mailing List listserver@emerald.iea.com
>>>
>>>
>>
>>
>> ----------------------------------------------------------
>> NTISP Mailing List listserver@emerald.iea.com
>>
>
>
> ----------------------------------------------------------
> NTISP Mailing List listserver@emerald.iea.com
>
>