PDA

View Full Version : Connecting computers with Telstra Clear



TideMan
21-10-2005, 08:27 AM
Just got Telstra Clear cable installed.
It works fine on one computer, but how do I make my home network work?
I have an Ethernet switch, but of course when I connect another computer, there is a conflict of IP addresses. With ADSL the router handles all this. What happens with a Telstra Clear system?
I guess there needs to be some sort of intelligence, rather than just a switch, but what?

BIFF
21-10-2005, 08:55 AM
Just got Telstra Clear cable installed.
It works fine on one computer, but how do I make my home network work?
I have an Ethernet switch, but of course when I connect another computer, there is a conflict of IP addresses. With ADSL the router handles all this. What happens with a Telstra Clear system?
I guess there needs to be some sort of intelligence, rather than just a switch, but what?

You will need to use a device to perform network address translation (NAT).
There are public and private IP addresses, a private IP address (eg 192.168.1.12) cannot be routed on the internet. A NAT device hides these private addresses behind a single valid public IP address (the address issued to you by telstraclear).
In windows you can use Internet Connection Sharing to make a single computer become a NAT gateway. However I would suggest getting a hardware firewall to perform this role, otherwise the gateway computer will need to be on for access to the internet. You can also get free linux based firewalls (eg clark connect, smoothwall, IP cop) which can do this for you, but once again you have a computer that needs to be on 24x7 which is not very desirable.

I personally would suggest getting something like a wireless access point which supports firewalling, ethernet and wireless networking all in one device.

TideMan
21-10-2005, 09:18 AM
Thank you for your very helpful reply, BIFF

Actually, I have one computer that runs 24/7, updating sevaral pages on my website hourly. So I guess Internet Connection Sharing is a good option for me.

But what hardware do I need? I have the TelstraClear modem connected to an Ethernet switch, with one line going to the main computer. Can I just hook the other computers into that switch? Or do I need more hardware?

Rob99
21-10-2005, 09:49 AM
Just plug the other computer into your switch.

Murray P
21-10-2005, 10:05 AM
Welcome to cable Tideman.

I run a simple network with the internet connection to Telstra/Saturn cable via a NAT capable router.

It is also possible to use MS ICS (Internet Connection Sharing) but, IMO, it is a pig of a system and gives you absolutely no protection from the WAN side to your LAN. Because the Telstra modems are just that, a modem with no NAT or routing function, and, you now have a fixed IP, your computers LAN IP's are accessable from the internet.

Your only and best way to secure your LAN is to use a NAT router which isolates you from the WAN (internet) IP. You set the router up in the same fashion as you would an ADSL router/modem, the main difference is you have to enter the Telstra modems IP so the router can talk to it and translate for each individual computer on the LAN.

You can pick up a goodish 4 port router for around $100-. I use a Trendnet Tw100-S4W1CA broadband router which does a good job.

Edit:

Just to explain something here, NAT is not strictly speaking a hardware firewall, although many vendors claim it as such. It stands for Network Address Translation, and that's what it does, translates between networks. A router routes data, the NAT side addresses from IP(s) to IP(s) between networks (in this case the internet and your private network).

This has the spin-off that your network does not have to talk directly to the internet network (WAN) and is in fact hidden from it thus giving you pretty good protection from hacking or the curious. Without a NAT capable router, you are Wide Open to the internet, which is fine if you don't value your data, privacy and identity, go right ahead and plug your system straight in to the modem.

You can call me paranoid but, I did not connect to the net for one minute directly through the Teltra modem. I hope you have a very good sotware firewall loaded on each computer with the rules set to a stringent security level, because that's all you've got at the mo.

TideMan
21-10-2005, 03:10 PM
All the computers in our LAN can now see the Internet, but they can't see each other yet. I've found in the past that this is usually a fire wall probelm.

I've used Internet Connection Sharing, which was very easy to set up once I realised that you need to use two network cards. One for the static IP from the Telstra modem and the other to the Ethernet switch, and thence to the other computers. I didn't need to touch the network set up on the client computers, only the host.

BIFF
21-10-2005, 05:24 PM
All the computers in our LAN can now see the Internet, but they can't see each other yet. I've found in the past that this is usually a fire wall probelm.

I've used Internet Connection Sharing, which was very easy to set up once I realised that you need to use two network cards. One for the static IP from the Telstra modem and the other to the Ethernet switch, and thence to the other computers. I didn't need to touch the network set up on the client computers, only the host.

Not bad for a 1st timer to have this up and running by 3:30 :)
Yes, I did neglect to let you in on the fact that you will need 2 network adaptors, sorry for that... There could be a number of issues with regards to the PCs not talking to each other on the LAN, but I think your idea of checking your clients' firewall settings would be a good place to start.

Murray P
21-10-2005, 08:04 PM
Can't believe you'd connect your LAn to the internet via a modem only. Yeah sure, most people on dialup do it, but they're running at 5KB not up to 256KB. Lot's more scope for mischief and a much more desirable target.

Still, it's your system, as long as you don't go spreading anything I guess it's up to you.

TideMan
21-10-2005, 10:19 PM
Murray, Murray, Murray

Don't get upset. I've got Sygate looking after me.
He/she is pretty good in my experience.
I've had a static IP with Paradise/Jetstream for 2 years.
The only reason for changing from Jetstream to Telstra was that those SOBs at Telecom were going to knackerise me if I continued to use Paradise.

So, instead of buckling under to the monopoly (which I'm a shareholder in) we decided to support the other guys.

Isn't cable fast?
I didn't realise how slow Jetstream is.
We're lucky to have a choice in ChCh and Wgton.

My only complaint is that I had to come here to get advice.
Telstra Clear refused to tell me how, or even refer me to a webpage.

Thanks for your help guys.

Cheers
TideMan

PS I now have 2 out of 3 machines talking to each other, and the third can see the other two, but the host cannot see it...............

Murray P
22-10-2005, 01:05 AM
No I'm Not GEtting UPSet WITh YOU, OK!!

IMO, a software firewall on the client computers is not enough and often too late, the attack/whatever, is already interacting with your system (ie, if your firewall alerts you, something is there, good or bad, on your system, it may not be running independantly yet, but). Alot of malware is now directly tageting AV and firewall software in order to disable it before doing it's usual bizzo.

Being open, as in naked, to the net, just makes you that much more vulnerable than if your LAN is hidden. In fact, more than a few experienced members of this board use a NAT router first and foremost before any other security and, for some it's all they use. Put it this way, I may be tempted to connect to the net without a software firewall, but I would never, ever, connect without NAT.

BTW, I don't know a hell of alot about Sygate. Does it give you real time application control? Does it allow you to set rules regards system processes and applications/dll's running applications in general?

Another BTW, I see there was a Secunia security alert out regarding Sygate recently. If it fails, do you want it to be your only line of defence?

Yet another BTW. I don't adhere to the BS put forward by some as common wisdom, that your private stuff is not that important, therefore, the security you have at home doesn't need to be as strong or thorough as that for a business. Tell that to someone who has had their ID pinched or their PC used to pay for some scrote's spamming, or their thesis wiped. Relatively, it can be just as, or more devastating.

Just trying to help, is all :)