|
|
Single Point Internet
I have two Win 7 PCs and two Win XP PCs, all Pro versions and several
NAS sitting on my LAN. Would it be beneficial and or doable to have only one PC, call it the master, connected directly to the internet through the ATTUVerse modem? What are the pros and cons? If so, can someone explain or point me to a how to for one point internet access. My definition of one point internet would be to have the LAN disconnected from the internet but PCs have access to the internet through the master PC therefore I can monitor all traffic to the internet on the master PC. Would I need additional hardware beyond the two switches and secondary router that I already have? Just reroute differently. --- news://freenews.netfront.net/ - complaints: --- |
Single Point Internet
On 11/17/2015 8:36 AM, OldGuy wrote:
I have two Win 7 PCs and two Win XP PCs, all Pro versions and several NAS sitting on my LAN. Would it be beneficial and or doable to have only one PC, call it the master, connected directly to the internet through the ATTUVerse modem? What are the pros and cons? If so, can someone explain or point me to a how to for one point internet access. My definition of one point internet would be to have the LAN disconnected from the internet but PCs have access to the internet through the master PC therefore I can monitor all traffic to the internet on the master PC. What's your definition of "monitor all traffic" and what tool are you gonna use to do that? And what are you gonna do with the data once you acquire it? Getting a PC off the internet, but still active on your lan is easy...if it's just a matter of convenience. If you expect greater resistance to hacking, that's a bigger issue. Would I need additional hardware beyond the two switches and secondary router that I already have? Just reroute differently. --- news://freenews.netfront.net/ - complaints: --- |
Single Point Internet
On 17/11/2015 17:02, mike wrote:
What's your definition of "monitor all traffic" and what tool are you gonna use to do that? He can use Wireshark https://www.wireshark.org/ |
Single Point Internet
OldGuy wrote:
I have two Win 7 PCs and two Win XP PCs, all Pro versions and several NAS sitting on my LAN. Would it be beneficial and or doable to have only one PC, call it the master, connected directly to the internet through the ATTUVerse modem? What are the pros and cons? If so, can someone explain or point me to a how to for one point internet access. My definition of one point internet would be to have the LAN disconnected from the internet but PCs have access to the internet through the master PC therefore I can monitor all traffic to the internet on the master PC. Would I need additional hardware beyond the two switches and secondary router that I already have? Just reroute differently. ICS --- FIOS modem/router ---- PC_with_two_NICs --- router ---- PCTV (Set for Internet ---- PC2 Connection Sharing) ---- Buffalo NAS ---- WD Cloud NAS https://en.wikipedia.org/wiki/Intern...ection_Sharing One limitation of ICS under Windows, is the LAN segment on the right of that picture (labeled "ICS"), is fixed at 192.168.0.x subnet. It's possible if you set up the PC_with_two_NICs under Linux, you might have more choices on the subnet. This is only an issue, if you're trying to avoid "upsetting" the existing setups. I have set up ICS in the past, but don't remember anything of the experience. Maybe someone else can give a rundown on the operational characteristics. When you string a bunch of routers like that, sometimes you manage to "partition" or isolate the file sharing on one PC from the other PCs. If the PC_with_two_NICs is not doing file sharing, then chances are the above diagram will work OK. Paul |
Single Point Internet
On 11/17/2015 9:40 AM, ~BD~ wrote:
On 17/11/2015 17:02, mike wrote: What's your definition of "monitor all traffic" and what tool are you gonna use to do that? He can use Wireshark https://www.wireshark.org/ Sure, but to what end? Anybody who thinks they can manually decipher ALL traffic with wireshark has a lot of time on their hands. Hence, the request for clarification. I've been trying to sort out wake on lan magic packets. I have wireshark running on a laptop to monitor traffic...heavily filtered. I don't have to route the traffic through any particular machine...it just works for what I need. I try to PREVENT instead of monitor traffic. I did this when I had too many machines and metered internet. I didn't want them all burning thru my data allocation for no good reason. My router is at 192.168.1.1 My primary machine has a default gateway of 192.168.1.1 Other machines have a default gateway of 192.168.1.250 They can access each other, but attempts to leave the subnet get dumped. To access the internet, I have options. A utility to change the default gateway. Just use VNC or Remote Desktop to actually use the primary machine's connection. I make no claims for absolute security. You can easily subvert it. It just worked most of the time for what I needed done. It all comes down to what the OP is trying to accomplish. And we don't know that. |
Single Point Internet
~BD~ wrote:
On 17/11/2015 17:02, mike wrote: What's your definition of "monitor all traffic" and what tool are you gonna use to do that? He can use Wireshark https://www.wireshark.org/ The key to this, is observability. The device running Wireshark must be located where it can see all WAN traffic. This assumes WAN-bound traffic is the source of the complaint. That's why in the diagram, I placed a PC between the Internet modem and the rest of the network. The machine needs two NIC interfaces, to do it this particular way. ICS --- FIOS modem/router ---- PC_with_two_NICs --- router ---- PCTV (Set for Internet ---- PC2 Connection Sharing) ---- Buffalo NAS (Wireshark here) ---- WD Cloud NAS HTH, Paul |
Single Point Internet
On 18/11/2015 06:42, Paul wrote:
~BD~ wrote: On 17/11/2015 17:02, mike wrote: What's your definition of "monitor all traffic" and what tool are you gonna use to do that? He can use Wireshark https://www.wireshark.org/ The key to this, is observability. The device running Wireshark must be located where it can see all WAN traffic. This assumes WAN-bound traffic is the source of the complaint. That's why in the diagram, I placed a PC between the Internet modem and the rest of the network. The machine needs two NIC interfaces, to do it this particular way. ICS --- FIOS modem/router ---- PC_with_two_NICs --- router ---- PCTV (Set for Internet ---- PC2 Connection Sharing) ---- Buffalo NAS (Wireshark here) ---- WD Cloud NAS HTH, Paul Just about everything I've ever read in your posts has been helpful, Paul! Thanks. :-) |
Single Point Internet
On Wed, 18 Nov 2015 01:42:06 -0500, Paul wrote:
~BD~ wrote: On 17/11/2015 17:02, mike wrote: What's your definition of "monitor all traffic" and what tool are you gonna use to do that? He can use Wireshark https://www.wireshark.org/ The key to this, is observability. The device running Wireshark must be located where it can see all WAN traffic. This assumes WAN-bound traffic is the source of the complaint. That's why in the diagram, I placed a PC between the Internet modem and the rest of the network. The machine needs two NIC interfaces, to do it this particular way. ICS --- FIOS modem/router ---- PC_with_two_NICs --- router ---- PCTV (Set for Internet ---- PC2 Connection Sharing) ---- Buffalo NAS (Wireshark here) ---- WD Cloud NAS HTH, Paul In the old days, you'd stick a hub there, instead of a dual-NIC PC, but hubs have pretty much disappeared now. I haven't seen one since the mid to late 80's, and it was proudly advertised as 10 megabit, so it'd be a bottleneck by today's standards. A pfSense box would be a decent choice for a proxy/gateway. Meanwhile, it would also serve as a firewall. -- Char Jackson |
Single Point Internet
Char Jackson wrote:
In the old days, you'd stick a hub there, instead of a dual-NIC PC, but hubs have pretty much disappeared now. I haven't seen one since the mid to late 80's, and it was proudly advertised as 10 megabit, so it'd be a bottleneck by today's standards. Nowadays you could use a gigabit switch with port mirroring, this one is considerably cheaper than an 'enterprise' switch ... http://www.dual-comm.com/port-mirroring-LAN_switch.htm |
Single Point Internet
Andy Burns wrote:
Nowadays you could use a gigabit switch with port mirroring, this one is considerably cheaper than an 'enterprise' switch ... http://www.dual-comm.com/port-mirroring-LAN_switch.htm Sorry, wrong link, that's 10/100Mb, they do a GbE version, bit more expensive, plus other copper/fibre TAP devices ... http://www.dual-comm.com/gigabit_port-mirroring-LAN_switch.htm |
Single Point Internet
On Wed, 18 Nov 2015 11:51:20 +0000, Andy Burns
wrote: Andy Burns wrote: Nowadays you could use a gigabit switch with port mirroring, this one is considerably cheaper than an 'enterprise' switch ... http://www.dual-comm.com/port-mirroring-LAN_switch.htm Sorry, wrong link, that's 10/100Mb, they do a GbE version, bit more expensive, plus other copper/fibre TAP devices ... http://www.dual-comm.com/gigabit_port-mirroring-LAN_switch.htm Yep, thanks, I meant to mention port mirroring. I have a virtual network device that offers port mirroring, which comes in handy at times. I'm not sure, but maybe dd-wrt even does it. They've made it do everything else, so why not that. :) -- Char Jackson |
| All times are GMT +1. The time now is 01:40 PM. |
Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright © 2004 - 2006 PCbanter
Comments are property of their posters