Help? LinkSys Router Blues.

[NoFreakinWay]

You people seem to have a lot of knowledge. I have a question?

I have a home network using all 3 of my cable IPs. One to my system, one to my server and one to my wifes system, all by way of a switch.

I need to add more systems, so the router took one systems IP and allowed me to hook up more systems. However, the server also has my shared printers and hard dirve space for all the systems. Now with the router I cannot access the printers or drives. Any help would be appreciated..

Thnks

[FunK]

Well, I'm glad you got a router.
Your first setup was not very secure. Having File and Print Sharing enabled on your server (and getting all three IPs from your provider), meant that those shares were open to the internet. I hope they had good password protection.
Anyway, as for your new problem. There are a few things that can cause it. I made a quick picture of the two setups that should help a little. BTW, your setup should look like setup # 2. I hope your switch is no longer in the picture as it is not needed. You can add it back in later (after the router, but that may complicate things further and is not necessary.



Whether you enabled DHCP or not, your IPs will change. They will now be in the 192.168.x.x range. This could be your problem. If you had your shared drives MAPPED, your computer may be looking for the shares on the "24." range of IPs.
Remember that before, you actually had to travers the ISP network to get back to your shares. Your router should be allowing this on your internal LAN.
You may have to get rid of the old mapped drives and attempt to access them through network neighborhood instead.
Try going to network neighborhood and doing a refresh.
You should see your workgroup and then computers listed below that. If not, check to make sure that you DO have file and print sharing enabled on all the comps.
You may also want to be sure that you have connectivity to all of the systems. Try pinging each computer with the new IPs. (this sometimes helps when the refresh is not working correctly, or is taking too long). You may also want to reboot all the PCs and start them up again to ensure that they are getting a good IP from the router. Also check any software firewalls that you have running.
They will see the attempts from new IPs and may be blocking them (especially if you have your software firewall set to not tell you when something like that happens. There are usually advanced settings in these firewalls that allow you to add a range of IPs to pass through. Check your log files and see if this is the case. If you see blocked attempts from 192.xx range IPs, add the range of IPs (assigned o your computers) to access the server and vise versa.
Just for security reasons you should bind your file and print sharing to the NETBEUI protocol. It should be working without this, but you can change it if needed. Do a search on these forums for "binding" or "netbeui" and you should be able to figure out how.

There are more things that could be causing this, but I hope the reason is listed above.
If not, tell us the details of errors or let us know exactly what you see when looking for your shares and we can get ya working.

Peace,
FunK

[JmE]

Originally posted by NoFreakinWay
You people seem to have a lot of knowledge. I have a question?

I have a home network using all 3 of my cable IPs. One to my system, one to my server and one to my wifes system, all by way of a switch.

I need to add more systems, so the router took one systems IP and allowed me to hook up more systems. However, the server also has my shared printers and hard dirve space for all the systems. Now with the router I cannot access the printers or drives. Any help would be appreciated..

Thnks

I needed to be outside the router and still access the LAN shares also. Thus far, I have been unable to do so. If you get it working, I would really appreciate knowing how.

-JmE-

eicher@cinci.rr.com

[NoFreakinWay]

Funk,

You diagram for the new system is incorrect. The sever and router are connected to a switch which is then connected to the modem. The server keeps its 24.24.?.? address. The Workstations then cannot access the files and printers on the server. This is what Im trying to do.

JmE - I think it is similar to what you wanting also.

[cyberskye]

He was recommending the best solution. Otherwise, ALL traffic (even between your computers) is using the RR network. It must be REALLY slow that way. The config that Funk recommends (quite graphically ) is safe and fast. If you require access to your LAN from the outside, you can set up port forwarding to that particular machine that needs it. Otherwise what both you and Jim are trying to do is set up VPN-access and that requires software, hardware, and a lot of know-how. Otherwise all your files may be up for grabs...


Do you both need to give the net access to your machines?

[JmE]

I was afraid it would require VPN... UhhhGG!

I emailed Linksys and suggested complete DMZ via MAC or to incorporate a DHCP relay. A DHCP relay would allow us to access the shares on our LAN AND get the second IP! With a relay and filesharing unbound from TCP/IP, the LAN shares should not route across the NAT to RR.

-JmE-

[cyberskye]

True, but how could you share files with your LAN? What protocol would you use to share files?

[JmE]

NETBUI

-JmE-

[NoFreakinWay]

Actually I have no problem with the speed, all file and printer transfers ran quite fast, I'm using a 100mbit inside. I am using NETBeui for my internal protocol. I know NETbeui isnt routable and the linksys will not pass those packets. I need my server exposed becuase it runs my web, ftp and mail servers and I use it for web based software development. I do not understand routing and how it works well enough to know if manual entries into the linksys routing tables would acomplish what I want or not. Basically isnt it just a matter of routing all traffic intenally that is designated for 24.24.?? to that system directly?? I have to study up on routing and network management

Any suggestions on a good informative book.

[JmE]

Originally posted by NoFreakinWay
Actually I have no problem with the speed, all file and printer transfers ran quite fast, I'm using a 100mbit inside. I am using NETBeui for my internal protocol. I know NETbeui isnt routable and the linksys will not pass those packets. I need my server exposed becuase it runs my web, ftp and mail servers and I use it for web based software development. I do not understand routing and how it works well enough to know if manual entries into the linksys routing tables would acomplish what I want or not. Basically isnt it just a matter of routing all traffic intenally that is designated for 24.24.?? to that system directly?? I have to study up on routing and network management

Any suggestions on a good informative book.

NETBUI is nice and fast... we use it here for file and print sharing.

I too am deficient in the routing knowlege department. I was playing with the routing tables one night and I got the second IP, the DNS(s), and the gateway via DHCP through the router. The system couldn't surf though.... I was playing w/ some exotic settings (had the MAC address of the system blocked, etc...) and I haven't been able to remember what the settings were, so I haven't been able to duplicte it! If only I would have stayed up a few more hours that night...

If you figure it out, please drop me a line at eicher@cinci.rr.com

Thanks,
-JmE-

[NoFreakinWay]

If I figure it out I will.

I solved a simular problem at work. I have about 20 systems networked thru hubs. All have the 10.0.0.0 IPs. I also have a Cisco DSL Modem /Router connected to the hub. One system conntected to the same hub has an Public IP, this is our web, ftp, mail server.

The cisco is setup to route that address thru to that system. However I could not get to the public IP from the locals. They could go out on the internet OK but not to the server. Obviously this is because they are on totally different networks(Address wise anyway). The only way to fix it was add a second IP to the NIC in the server (Win2K allows multiple IPs to one NIC) then all the locals needed a HOST file that pointed mycomp.com to 10.0.0.2

I dont know if this will work with my Linksys problem but I will let you know.
Also I noticed in your other thread that you need to run another CAT5 cable? You are aware that only 2 pairs of the 4 are used per connection right??

[JmE]

Yes, I am aware that I can piggy back down the other wires. But thanks for pointing that out. I was hoping to use them as a backup for the main feed from the office/workshop in case something goes wrong. I had two cables in the conduit at one time, however, the working one (at that time) went dead. I switched over to the second cable and everything has been fine (about 3 years ago maybe). Anyway, I have considered running through the other line that was bad (perhaps 4 wires are OK in the bunch), however, I still am stuck w/ a USB NIC as I have no slots available. I would also need to do some digging under the office so that the cable wouldn't be exposed inside the office as the computer is on the completely other side of the building from the entry point. I never dreamed I would need more than two runs of CAT5 out here and I never dreamed I would need more net jacks over on this side of the room!

I have thought of buying some sort of Cisco router that has DHCP relay.


-JmE-


BTW: You can do multiple IPs on Win98SE. You just have to edit the registry to get them there. They work great, though. You can check it out at [url]http://www.helmig.com,[/url] a pretty nice site for networking Win boxes.

[FunK]

I think you can still let everything access your server by leaving it behind the router and forwarding all the needed ports.
You could even place the server in the DMZ and still be able to access all of the files through the router.
As long as you do not forward your netbios ports, you should be safe (DMZ would kill that idea).

I still don't understand the reason for keeping the server outside of the LAN.
It's dangerous and it's not serving your purposes at this time.
Try it like the picture and forward all your server ports (FTP, HTTP, SMTP, etc) to the IP of the server. It should be really easy and stay fully functional.
Noone on the outside is going to know the difference.

FunK

[JmE]

Funk,

Are you asking me or the original poster?

In case you were asking me:

I don't want to run a server outside the router. I need the other IP for applications that can't be used through the router. So, I need this system outside the router.

-JmE-

[YeOldeStonecat]

Kick up the router a notch to something like a Netopia which itself authenticates VPN, therefore you could be anywhere, VPN to your router, and have access to your LAN.

Depending on your needs, if you need to access your LAN from outside, I'd go with PcAnywhere. So easy, quite cheap, has a fast file transfer, and it's quite secure.

[NoFreakinWay]

Funk,

I may try that. But I have a question. I need to keep the IP of the server for DNS reasons. How do I set that up.? Right now my DNS points to a specific IP, when request come to the router for that IP will they get forwarded to my server? I havent setup the DMZ or forwarding so I'm sure howmit would work.

Olde,

I have thought about that, and still am.......

[JmE]

Originally posted by YeOldeStonecat
Kick up the router a notch to something like a Netopia which itself authenticates VPN, therefore you could be anywhere, VPN to your router, and have access to your LAN.

Depending on your needs, if you need to access your LAN from outside, I'd go with PcAnywhere. So easy, quite cheap, has a fast file transfer, and it's quite secure.

If I go w/ a Netopia router, do I still need to run a VPN server?

My need for the LAN is so that I can function as if I were directly on the LAN. We test alot of things and I do not want to fight with troubleshooting other things while I am trying to test.

-JmE-

To All:

I just now ran a temporary cable across my office (over the systems, across stacks of books, across my desk, etc..). It is working great. I have access to the LAN and I have my second IP.

One thing though. I found that the USB NIC will not do the long haul. I had to run my internal NIC as the one on the long cable back to the server closet.

BTW: I was absolutely wrong!!! Win98SE will send the packets right across from one NIC to the other! I am downloading a test file from the web on one NIC directly to a system on the other NIC. Hmmm I always read that couldn't be done because Win9x wouldn't internally route the packets

I guess I will just have to fish a wire under my office Saturday!

[NoFreakinWay]

JME

What exactly did you do? What you are trying to do is the same as what I need...

[JmE]

Originally posted by NoFreakinWay
JME

What exactly did you do? What you are trying to do is the same as what I need...

HEHEHEH!

Well, I knew that this would work but I was trying to avoid it for various reasons...

You take a hub or a switch (a switch would be better than a hub & only about $10 more) and you connect to it:

- modem (in uplink port on hub/switch or make a crossover cable)
- Linky from the WAN port on the router
- a CAT5 cable to the system that is to have the cable assigned IP

You connect the LAN (other computers hooked to another hub/switch) to the LAN port on the router

You have 2 NICs in the computer that you want to get the cable IP. One of the NICs connects to the hub/switch that the modem & router are on. The other NIC is connected to the hub/switch that the LAN is on (behind the router).

Play w/ your network settings and there you go!

You need one IP from cable for your Linky and one IP from cable for your computer.

Let me know how it goes!
-JmE-

BTW: If you need more info or help, feel free to email me eicher@cinci.rr.com

[NoFreakinWay]

That sounds like the simplest fix for me. If I disable File and Printer sharing on the Cable side NIC I should be safe enough.
Cool, thanks.
BTW: Since I started this thread I have had a connect attempt from a RR subscriber to my printers. IP = 65.25.224.xxx isnt that a bite in the butt...

Thank Norton Internet Security for the help.....:]

[JmE]

I would NOT trust Norton... get ZoneAlarm from http://www.zonelabs.com. It is free for personal use.

-JmE-

[FunK]

Originally posted by NoFreakinWay
Funk,

I may try that. But I have a question. I need to keep the IP of the server for DNS reasons. How do I set that up.? Right now my DNS points to a specific IP, when request come to the router for that IP will they get forwarded to my server? I havent setup the DMZ or forwarding so I'm sure howmit would work.

Olde,

I have thought about that, and still am.......

Are you using the server as a DNS server?
If not, your router will get an IP for DNS services from you ISP. That is how your other PCs are able to browse the net. If you do need the server to run DNS, you can point your PCs to it as the DNS server and it will read from the server's tables.

Let me know.

Peace,
FunK

[NoFreakinWay]

Funk,

No, I'm not a DNS Server, I didnt explain that very well. My domains DNS entries are pointing to that IP. How would I continue with this setup?

BTW: Love the signature.....

[FunK]

Ok man, this is what I would do. I'm sure it will work fine.
Hook up the computers as shown in figure # 2.
Then you have to make a decision. Either enable DHCP on the router and let it assign the IPs for your computers and boot your computers in order, or assign IPs to each computer (so they never change).
If your router assigns the IPs (DHCP enabled) it will do so in order (xxx.xxx.xxx.1, xxx.xxx.xxx.2, xxx.xxx.xxx.3, etc).
This means that you would have to always boot your PCs in order.
After they are all booted the first time, you can reboot any PC after that and it should get the correct IP back as the other two would be taken. Pretty easy huh?
Anyway, after you get that setup, you will want to forward the ports in the router for your server.
Only enable the ports for services that you hae runnning and want others to access. Usually FTP, HTTP, and mail). Telnet is nice, but dangerous and I doubt that you have that running anyway.

To do this, access your routert configs and go to the advanced properties and look for a page that looks like this:



In this case (not the same router as you), you would put a check mark in the box next to the service you want to allow through the router.
Then you just type the IP of the server to the right of that service.
That's it. From now on when a request comes in to your IP (the WAN address on the router), for say HTTP, the router will send that request to the IP specified in the boxes to the right.
You can forward any port to any IP in your LAN and it will work if the computer that it is pointed to runs that service.

That is why it is important to boot your computers in the correct sequence. If you end up with the wrong IP on the server, the requests will get lost etc.
If that sounds like a pain in the booty, then disable DHCP and assign IPs to each computer.

Try it out and see. I bet that your file and print sharing works and your server will still be accessible from both the LAN and the internet (only on the ports you want to expose).
You will not be able to access your file and print sharing from the internet, but you don't want that anyway. It's a HUGE security problem.
If for some strange reason you DID want that, you could specify (in another router screen), to forward port 139 and point it to your server (not recommended).


Peace,
FunK

[FunK]

Bumpity Bump Bump.
Is it working?

[NoFreakinWay]

Funk,

Sorry been busy.

I opted to use 2 NICs in the server. One (WAN) has only TCP/IP protocol and not bound to anything. Secure I think. The other NIC (LAN) only has NETBeui installed for the sharing and it connects to the switch on the other side of the Router. Everything is working great. I need to have the server exposed so because I am a programmer and am statring to do ASP programming and some advanced SQL server stuff.

Thanks for the help...

[FunK]

Well, that was always an option, but I thought you wanted to use your router.
I'm glad it's working for you this way. Cool Beans!

Peace,
FunK

[NoFreakinWay]

I only needed the router to allow more than three connections. Thats all my ISP allows. Now I have a switch sitting on both ports of the router. WAN side can have two connections with real IPS and the other side I can plug anyone into. Its hosting 3 systems now.

Thanks.

[NoFreakinWay]

OK, now I have a problem that I'm not sure whats causing it.

From work I can access my server as usual no problem. However it stops responding during the day for anywhere from 30 secs to 2 minutes or so. It occurs several times during the day. Afterwards its back like nothing ever happened. I cant figure out whats causing it. Anyone have any suggestions? What is a good network monitoring program that will log ALL activity, both internet and intranet, so I can examine it during those problem times.

^ Any Ideas???

[NoFreakinWay]

^

[JmE]

Sounds to me like your IP lease is expiring and a new one is being obtained from your provider's DHCP.

Go to the server and check under more info on your IP addy and see how long until the lease expires. In Win9x, that is under winipcfg and hit more info tab. Under NT varieties I can't remember.

I know ADSL (ZommTown) in Cincinnati, Ohio is giving leases as short as 8 minutes!!! I just say it today when I was on site. It was ridiculous. I was there for about 10 hours and it was consistent...

Of course, I am assuming you have a dynamic IP...

-JmE-

[NoFreakinWay]

Thats what I would have thought also, but I have a Static IP. I reinstalled TCP/IP and did some housekeeping and I will see if I found it or not today.
Do you know a good network monitoring program that can run on the server so I can see whats happening during the day.?