View Full Version : Multi IP Setup?

03-14-00, 01:03 PM
PacBell is scheduled to setup Enhanced DSL on Thursday but I won't be able to take the day off so I'll have to let my wife know how to handle things... I'll get 5 static IPs and have 2 PC connected right now using a 5-port switch and am using internal 192.168.x.x IPs.

I want him to hook up the DSL modem into the uplink port of my switch instead of installing a 2nd NIC. Will the PacBell guy have to change my IP address to the static assigned IP? If so, will this interfere with my own network or will this make my network visible to the outside?


03-15-00, 11:06 PM

Well, I've been studying all this stuff trying to learn myself, lol, but can share what i know.

Since you are not sharing one IP, you CAN simply plug your uplink port into the dsl modem.

When you access the modem thru yer switch using any computer on your lan, an IP # will be assigned by PacBell to that computer. If they give you static IP's, you'll always have the same ones each time you fire up.

Your computer and lan WILL BE exposed to the internet. However, you can set up each computer with a software firewall to help protect them from hackers. One that is kinda popular right now and free is zonealarm, available at www.zonelabs.com (http://www.zonelabs.com) . In addition, there is some GREAT security info at www.grc.com (http://www.grc.com) (click the SHIELDS UP link).

The pros of using multiple ip's from your isp and a switch or hub: no compatability problems (games, dialpad, netmeeting, etc), since each computer is doing it's own thing and has it's own IP address. The cons: sometimes have to pay extra for extra ip numbers, and don't have a 'hardware' firewall (which some people prefer).

As an alternative, you could purchase a router like the linksys router/switch at www.linksys.com (http://www.linksys.com) or others. The router would put your lan behind a hardware firewall and would allow you to share ONE ip number between all the computers on your lan. The router issues it's own IP addresses to each computer on your lan, and doesn't let anyone outside of your lan see them! Thus, it provides a hardware firewall. The pros: get a hardware firewall, can share one ip number and don't have to buy extra ones. The cons: some applications may have difficulty working thru the firewall since they send and receive data thru various blocked ports that need to be opened up (companies like linksys are working quickly to increase flexibility of their routers...many applications are already set!).

There is some great info on various ways to share your connection at www.timhiggins.com (http://www.timhiggins.com) . He covers mulitiple IP's vs routers vs software options.

Good luck to ya, and I'll be right behind ya...cable modems will be here in 2-3 weeks.


03-16-00, 12:19 AM
Hi XT,

I had pondered with the idea of static IPs versus using 1 IP and a firewall/router solution such as the LinkSys but PacBells normal service is now PPoE and dynamic IP which I don't want.

Therefore I ordered the 5 IP enhanced service. I'll probably buy BlackIce and use that with ZoneAlarm to protect our PCs.

It would be great if some manufacturer would sell a decent priced firewall/router that supports multiple IPs and simply routes 1 PacBell IP to 1 internal IP. But I haven't heard about such a product yet.


03-21-00, 04:14 PM
This is exactly what I want to do, too. I'm looking at the WebRamp 700S product: http://www.buy.com/comp/product.asp?sku=10014347
Unfortunately, their tech was out today, but the online manual at WebRamp contains sections on one-to-one NAT: you can point any of your public IP addresses to individual internal servers: Web, mail, etc., and all your PCs going out to the internet will appear to be originating from another of the IP addresses. I'm going to try to confirm tomorrow. It's a reasonable price, if it works, considering the Umax Ugate Plus I already bought was over $200.

[This message has been edited by sgriffin (edited 03-21-2000).]

03-22-00, 01:34 AM
SGriff......please let us know what ya learn.....THANX! http://www.speedguide.net/ubb/smile.gif

03-22-00, 01:28 PM
Another good source: http://navasgrp.home.att.net/tech/cable_dsl.htm

Here is an article on several medium priced routers, which includes a discusssion of one to one NAT in the Multitech dicussion.

The one that can handle a route multiple IP's is the
Multitech PROXYSERVER FOR CABLE OR DSL Computer4sure.com (http://service.bfast.com/bfast/click?bfmid=9289141&siteid=26544828&bfpid=32508&bfmtype=comp) has it for $433

[This message has been edited by valentinedwv (edited 03-22-2000).]

03-30-00, 12:03 PM
Just a couple more things someone might be interested in: Ramp allows you to save your configuration to disk before upgrading the firmware. I assume it starts downloading it through its web page interface. Also, Buy.com had it for $354.

And, as an improvement over the Ugate, it has protection against Denial of Service and several other attacks.

[This message has been edited by sgriffin (edited 03-30-2000).]

03-30-00, 11:58 PM
Hey, I'm happily set up with the Ramp 700s. Wish I had bought it instead of the Ugate. The Ramp allows me to use all my PacBell static IPs. I have two PCs now, each with two internal IPs. The web server has two web sites, and with IIS, it's easy to assign each web site to a different IP, vs host headers. I use one-to-one NAT to assign the external IPs to the two internals on the web server. If I were to get another web server, I could move one of the web sites onto it and just update the NAT.

On the other PC, I'm running a mail server from TuCows on one IP address, which allows me to check my own email using Outlook 2000 on the PC's first IP.

So I'm much happier now. Plus the Ramp can email me its log file on a regular basis. The only thing I'm not comfortable with is the apparent lack of an option to disable remote login into the router. I think Ugate added this later. Something I need to ask Ramp about is why I can't use the www.domain.com (http://www.domain.com) address to connect from my one PC to my web server. I have to enter the IP address. I know that Ugate fixed this problem.