Sign in with
Sign up | Sign in
Your question

Advise needed on complex setup

Last response: in Networking
Share
May 4, 2006 8:15:21 AM

Hi- Here is an interesting case that I need advise on.
This concerns a small workshop with 6 older computers running W98SE and even W95-OSR2, connected with a classic 10Mb 8-port hub in a peer-to-peer networking setup.
Currently there is a HP printer connected to the LPT1 port of the W98SE computer.
All this is available in a small office room about 40 meters distance from where the phone line enters the building.

Our goals are to:
0) Get rid of ISDN dial-up connetion to the ISP from one of the W95 machines;
1) Connect a network printer;
2) Connect a fresh WXP Prof machine to the network (two 100Mb network cards installed);
3) Connect an ADSL connection to the network. The ISP supplies a so-called multi-PC modem-router;
4) Add an wireless Access Point to the network to allow the occasional personal laptop user to print documents, exchange files with the other PC's and play around on the Internet;
5) Shield the classic hub-based network from the Internet;

Unfortunately, there is no budget to replace existing computers.
We already have a new Brother network printer and a LinkSys Wireless Router with 4 LAN ports. The range of the LinkSys router should be sufficient for the office room.

Limitations and remedies already recognized:
a) The W95 machines are too old to run modern anti-virus software. Hence the need to shield them from the Internet. These machine are used for simple office work, document handling, etc. No mail, no browsing.
b) The machines in the classic network have fixed IP addresses 192.168.1.2 etc.
c) Users logging on to the WXP machine should do their work as limited users (LUA). This has already been achieved. They can mail, browse, etc. Virusscanner installed.
d) The network printer currently is not recognized on the classic network. Apparently it works best if connected to a DHCP server.
e) The multi-PC modem-router will have to be installed in the closet. I need to get a Cat-5 cable (and a spare) from the closet to the office.

I have trouble to decide on the final set up of the network with all these wishes and limitations.
My idea was to start with the following setup:

phone-->splitter-->multi-PC modem-router --(40 meter cable)--> LinkSys AP router
>>from there:
LinkSys AP router --> Brother printer
>>and:
LinkSys AP router --> WXP machine (Eth-0)
>>from there:
WXP machine (Eth-1) --> hub with classic network

The rationale behind this setup is that the classic network is shielded from the Internet because there is no bridging between the the Ethernet cards of the WXP machine.

Questions:
+ Is this a realistic setup ?
+ How do I setup printing from the classic network to the network printer ?
+ Is there sufficient protection against worms etc. which may crawl through the shares ? I am aware that the drive's base directories (i.e. C: )should not be shared.
+ How do I allow the wireless laptop user to exchange files with the machines on the classic network ? (this is not big issue)
+ Which one should be the DHCP server: the multi-PC modem, or the LinkSys AP, or both ? And what about the wireless connections ?
+ Is there a better and cleaner setup to achieve the goals ?

Any hints and tips are very welcome. I am not a complete nono on the topic of networking, but this is bit....
May 4, 2006 5:57:57 PM

Will try,

Printer, SET STATIC IP, since it is a network printer. You don't need it moving around. Set ip to a range outside the dhcp lan.

It might be easier blocking port 80 on the clasic network. and remove the gateway and dns (?), from the static setup. This will prevent outside access. This is what I did with my 98 machine. Has worked well.

If the clasic net has it's own subnet it will be isolated. IF needing access, set the DHCP range where they will not conflicing.

I think the linksy router can be set to operate as a switch. This would be ideal connecting to the modem/router.
May 5, 2006 3:54:09 AM

what modem is being provided by which dsl provider?


if you really have 2 routers, you might make a separate network conprised of just the old computers that won't have internet access. you can configure the subordinate subnet to browse up to print.

as a further protection, require all machines to have tcp/ip configured manually including dns. eliminatine dns on older machines.

the most effective way to deal with the virus, trojan horse, spyware problem would be to go out and buy a bunch of older apple compturers and get on with life.
!