[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Request for advice on internet sharing in a LAN/WAN

To: klug@xxxxxxxxxxxxxxxx
Subject: Re: Request for advice on internet sharing in a LAN/WAN
From: awilliam@xxxxxxxxxxxxx
Date: Fri, 07 Jan 2000 02:25:45 GMT
In-Reply-To: <MDAEMON-F200001061707.AA071540md50000073050@adacplastics.com>
References: <MDAEMON-F200001061707.AA071540md50000073050@adacplastics.com>

>I'm willing to RTFM, but since I have very little time to myself
>between college and work, I'd like to eliminate some of the
>research time and narrow my search for the "perfect" solution with
>your collective advice.

Wow, do I know that feeling.

> Our setup:
> We have multiple facilities all of which have users that need to
> access the internet.  Our network is entirely Win9x with NT boxes
> in the hands of IT personell only. Our servers are Novell, each
> facility has it's own tree.  (I can hear some of you cringing, maybe
> laughing.  It's not my choice, don't blame me about the multiple
> tree thing.)  Most of that has no bearing and is just for reference.
> Currently our internet sharing is being accomplished using a
> LanBridge program that runs on a Win95 box.  Each facility has a
> server that reaches the internet through a proxy on our firewall.
> Client software is loaded on the "internet authorized" users
> systems.  That software intercepts internet requests and puts them
> through the LanBridge server.  TCP/IP does not need to be
> installed on the client machines (which is nice, but no big deal).  If
> the LanBridge server is down at one facility, the client software will
> scan our WAN for any others connecting to the first one.

Holy cow, and that actually works?  

By client software what do you mean?  With a Linux solution TCP/IP 
will have to be installed on anything that wants to be "attached" to 
the internet.  What type of WAN do you have?  If your not using TCP/IP 
how is routing handled?  If TCP/IP is verbotin, you might be able to 
use an IPX enabled Linux box, with WinXX boxes uses PPTP connections 
configured through Windows DUN to tunnel IP packets to the gateway 
box,  but that may be more complicated than your current solution.

> My desire get away from this setup because we've recently had
> problems with the LanBridge software spontaneously expiring it's
> registration key, forcing us to contact the authoring company to get
> it re-activated.  With Linux and Squid + (Mystery program) we
> could control it all in-house.  That would be a good thing in my
> book.  It would also be the first application of Linux in my shop...
> I'm fighting uphill to legitimize it in my supervisor's eyes.

The "Mystery Program" is a kernel module called IP Masquerade,  and is 
part of just about every default kernel image.  There might be some 
presentations about this in the past presentation section of the KLUG 
web site.

> I'd like to have central, one-stop configuration of authorization,
> including being able to limit what web-sites, and time of day a given
> computer can be used to access the internet.  Also, is there a
> "Surf Watch" equivalent out there that's free for Linux?

What is "Surf Watch"?  If you mean a porn-buster, we simply publish a 
list of all the web sites each user visits on our Intranet, where 
anyone can go and read.  Peer pressure seems to work great.

> Any help would be greatly appreciated.  My apologies for the length
> of this post.  If I've betrayed any ignorance of the topic(s), please,
> banish it for me.

Hey, the solution to ignorance is long posts.

Follow-Ups:
- Re: Request for advice on internet sharing in a LAN/WAN
  - From: tgray

References:
- Request for advice on internet sharing in a LAN/WAN
  - From: tgray

Prev by Date: Caldera IPO
Next by Date: Meeting January 4th - Beginners Meeting
Prev by thread: Re: Request for advice on internet sharing in a LAN/WAN
Next by thread: Re: Request for advice on internet sharing in a LAN/WAN
Index(es):
- Date
- Thread