1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New Network - Help w/ Security and Random Problem with wired clients.

Discussion in 'Networking Issues' started by googlymoogly, Oct 30, 2007.

  1. googlymoogly

    googlymoogly LI Guru Member

    Hi all, I have finally got a somewhat stable setup working after a lot of configuration issues. Here is what I currently have set up:

    From the cable modem I have the cat5 going to a (underpowered 500mhz 128 ram) Windows Server 2003 box, which has 2 NIC's attached to it and is running NAT for the internal clients.

    Hanging off that internal NIC on the server, I have my WRT54G set up to do DHCP for all of my clients, which are both wired and wireless.

    I am having no problem keeping the wireless computers connected but I do have about a 100 foot cable of cat5 running to my roommates Desktop and he is having trouble with his internet working, it "half works" in that it takes forever and soemtimes drops out randomly.

    If I use a 2 ft cable wired to the WRT54G I have no problem whatsoever so I am thinking that the two 100' UTP cables running side by side maybe are getting some interference somewhere along the way. When running a continuous ping test to google.com I occasionally get timeouts (5%) on that 100' UTP connected desktop.

    So that is my first issue, and my 2nd question is:

    Other than installing all service packs and updates for security, how best should I secure my server that is directly connected to the internet?

    I'm wondering if my server isn't already hacked... I have no firewall enabled on it currently... lol

    I want to know if there is a way to just have server2003 be my internet connection (reason being my ISP (comcast) only gives a wan ip to computers, not routers..... I know I'm pissed) then have my router do all the NAT and DHCP and configuration on the internal side of things. Basically having the server2003 PC be "invisible" to the router other than providing it with a gateway to the internet.

    ANyways, got to get to class sorry if I was unclear and rambled-- kind of in a hurry.
     
  2. thepianobar

    thepianobar LI Guru Member

    1st Issue - sounds more like a cable issue than anything else. 100' is well within spec (285' is the max). Was this cable self-made? If so, maybe try re-terminating. Running two cables side-by-side shouldn't be a problem, you see it in cable raceways all the time.

    2nd Issue - Comcast lies. On your WRT54G there should be a "MAC address clone" tab underneath the main tab. Get the MAC from the NIC on your Win2k3 server that is currently connected to the comcast modem and plug it into your WRT54G on that mac address clone tab. Then put it in place of your win2k3 server. It'll work like a charm. I rather dislike ISPs and the lies they tell, if only I didn't need them to get my Internet fix.
     
  3. googlymoogly

    googlymoogly LI Guru Member

    1st issue solved: bought a wireless adapter for the computer and cranked the xmit power on my AP to about 70 from default 28 and has been working great ever since.

    2nd issue: How would that explain one wireless router working (a netgear) while 3 others were unable to obtain a WAN ip address. Also I should note that after bringing the AP over to my friends house who also has Comcast, it picked up a WAN ip with no problem whatsoever and was giving full 6-7Mbit speeds wired or wireless. He did have a different modem than the two I had tested with (sb5100 and linksys' gemcu10 or whatever it's called.)

    It just does not make any sense...
     
  4. thepianobar

    thepianobar LI Guru Member

    My experience with cable modems is that it often takes a few power cycles of both devices involved to get a new device recognized. My typical procedure is to unplug both, wait at least 30 seconds, plug in the cable modem and wait for it to train, then plug in the router.

    Did you try the MAC address clone? Other than that, there really isn't a way for your modem to know you're not using the Win2k3 server anymore.
     
  5. googlymoogly

    googlymoogly LI Guru Member

    EDIT:

    1st issue solved: bought a wireless adapter for the computer and cranked the xmit power on my AP to about 70 from default 28 and has been working great ever since.

    2nd issue: I have tried the old mac address clone trick but I am convinced the MAC does NOT matter. I was able to switch between my laptop being directly connected to the modem and then on to the working netgear router and it had no mac cloning enabled and got a WAN ip no problem, and then switched back to laptop and it worked flawlessly for both.

    How would one explain one wireless router working (a netgear being able to get a WAN address) while 3 others (buffalo, linksys, and a D-link) were unable to obtain a WAN ip address. Also I should note that after bringing the troublesome linksys AP over to my friends house who also has Comcast, it picked up a WAN ip with no problem whatsoever and was giving full 6-7Mbit speeds wired or wireless. He did have a different modem than the two I had tested with (sb5100 and linksys' befcmu10).

    It just does not make any sense...

    I really don't like having to have a dedicated PC running 24/7 eating up power just so we can have an internet connection. Comcast and linksys keep giving me the run around, comcasts says call linksys and linksys says call comcast, lol.

    Another side note that is kind of odd - I can never get advertised speeds of 6-7Mbit when running common speedtest apps with my current setup either from the 2003 machine or any of our wireless or wired clients, I usually see a max of about 2Mbit on these speedtests. However, if I am downloading a well seeded torrent I have seen speeds of 700K+ which is about 5.5 Megabits, very close to our advertised rates. What the heck does that mean?
     
  6. thepianobar

    thepianobar LI Guru Member

    Not sure what to tell you about the router not working with your cable modem. Are you leasing/renting the modem from comcast? ask if you can swap it out, I used to do this with Time Warner any time we had problems.

    Also, double-check your WAN settings on the router and make sure it's set to be a DHCP client. I'm running DD-WRT and it gives options to set a hostname which it says is required by some ISPs. Try setting that equal to your server's name.

    The bandwidth question... bandwidth speeds are an interesting thing. In my experience, you'll almost never get your advertised speed unless you have a business-class line and SLA. As far as torrents getting higher speeds, my guess is that they are able to take advantage of multiple connections which gets you to that peak speed which a single connection to one place doesn't get. Also, check out this recent blog post from Cisco about what bandwidth speeds really mean. Pure speed is only part of a solid, reliable internet connection. http://blogs.cisco.com/gov/2007/11/broadband_what_is_the_right_sp.html
     
  7. googlymoogly

    googlymoogly LI Guru Member

    I tried buying a linksys cable modem to try to see if that was the issue. it wasn't.
    Like I've mentioned before I've tried the linksys AP at my friends house who also has comcast and it picked an ip up just like THAT.

    I am out of ideas... for now though my server 2003 does nat and dhcp and then I just have my AP acting as a wired/wireless switch. Seems to be working okay though, rock solid. Think about it that scares me is I have no experience securing a server that is directly connected to the internet.... EEEK!
     

Share This Page