Hi everyone,
Me and a friend of mine live in the same building, just one floor apart. We both have internet connections, he has cable and I have DSL. The network setup at this time is (kind of complicated to explain):
4 pc's:
KLAUS, dhcp, wireless, laptop
ROGER, dhcp, wireless, laptop
STIG, fixed, wired, server, gigabit ethernet
CLARKSON, fixed, wired, desktop, gigabit ethernet
HAMSTER, fixed, wired, desktop, DUAL gigabit ethernet
2 gateways:
10.0.0.151 (dsl router downstirs)
192.168.1.1 (cable router upstairs)
ROGER, CLARKSON and STIG sit downstairs and KLAUS and HAMSTER are upstairs. We have two wireless accesspoints, one downstairs, one upstairs.
HAMSTER connects to a gigabit ethernet switch downstairs on 10.0.0.x AND to the cable-router upstairs at 192.168.1.1 (dual NIC onboard). KLAUS connects to the wireless AP on the cable-router @ 192.168.1.1. STIG & CLARKSON connect to the same gigabit ethernet switch downstairs. My gateway and AP at 10.0.0.151 also connects to that switch.
So all machines sit on 10.0.0.x and only KLAUS and HAMSTER connect to the internet through their own gateway. Why? Because the belgian ISP's limit the ammount of data you can download and because the cable connections are faster. So we need to keep HAMSTER and KLAUS connected to the internet through the cable connection, STIG, CLARKSON and ROGER need to use the DSL connection.
STIG runs Windows 2003 Server OS with AD, DNS, DHCP ... all other machines run Vista. I have a spare machine to use for this and about a dozen NIC's.
My question is the following: with this messy setup security is being forgotten. Two wireless accesspoints, no 'global' firewall for all machines etc... And because of the two AP's the laptop upstairs cannot connect to the fileserver through the wireless connection setup upstairs.
I need to:
keep the two internet connections and remove one wireless AP
have the pc's downstairs use the DSL line
have the pc's upstairs use the cable line
keep Gigabit Ethernet between the fileserver and the two desktops
secure the whole network with a firewall
...and I have no idea how to start. Can a linux machine be a solution here? Server's routing and remote access? ISA? Can I add routing rules so that traffic from the pc's downstairs gets send to the correct gateway? Am I trying to do something impossible here?
Thnx for any suggestions,
Lukas
Me and a friend of mine live in the same building, just one floor apart. We both have internet connections, he has cable and I have DSL. The network setup at this time is (kind of complicated to explain):
4 pc's:
KLAUS, dhcp, wireless, laptop
ROGER, dhcp, wireless, laptop
STIG, fixed, wired, server, gigabit ethernet
CLARKSON, fixed, wired, desktop, gigabit ethernet
HAMSTER, fixed, wired, desktop, DUAL gigabit ethernet
2 gateways:
10.0.0.151 (dsl router downstirs)
192.168.1.1 (cable router upstairs)
ROGER, CLARKSON and STIG sit downstairs and KLAUS and HAMSTER are upstairs. We have two wireless accesspoints, one downstairs, one upstairs.
HAMSTER connects to a gigabit ethernet switch downstairs on 10.0.0.x AND to the cable-router upstairs at 192.168.1.1 (dual NIC onboard). KLAUS connects to the wireless AP on the cable-router @ 192.168.1.1. STIG & CLARKSON connect to the same gigabit ethernet switch downstairs. My gateway and AP at 10.0.0.151 also connects to that switch.
So all machines sit on 10.0.0.x and only KLAUS and HAMSTER connect to the internet through their own gateway. Why? Because the belgian ISP's limit the ammount of data you can download and because the cable connections are faster. So we need to keep HAMSTER and KLAUS connected to the internet through the cable connection, STIG, CLARKSON and ROGER need to use the DSL connection.
STIG runs Windows 2003 Server OS with AD, DNS, DHCP ... all other machines run Vista. I have a spare machine to use for this and about a dozen NIC's.
My question is the following: with this messy setup security is being forgotten. Two wireless accesspoints, no 'global' firewall for all machines etc... And because of the two AP's the laptop upstairs cannot connect to the fileserver through the wireless connection setup upstairs.
I need to:
keep the two internet connections and remove one wireless AP
have the pc's downstairs use the DSL line
have the pc's upstairs use the cable line
keep Gigabit Ethernet between the fileserver and the two desktops
secure the whole network with a firewall
...and I have no idea how to start. Can a linux machine be a solution here? Server's routing and remote access? ISA? Can I add routing rules so that traffic from the pc's downstairs gets send to the correct gateway? Am I trying to do something impossible here?
Thnx for any suggestions,
Lukas