best way to share a dial up connection

[kato2274]

just got notice from someone that they will be looking for bids on a project. amoung the many objectives that they want to fill, one of them is to share internet connection with the supervisors. that really is a two-fold issue. the first is sharing the internet and the second is restricting it only to supervisors.

Of course I will probably reccomend DSL or cable connection, but I know these folks and just have the sense that they aren't going to want to dish out an extra $25 a month to upgrade from dial up.

I've not had good experiences with ICS from MS. the 3 or 4 times I've tried to set it up for family or friends it either just doesn't work or it works right away then inexplicably just stops working. and there's no real troubleshooting it except uninstall ICS and reinstall ICS. so I'd like to stay away from that.

anyone know if there is a hardware device that will do it like the cable modem routers. I seem to remember seeing one before that had the phone line jack in addition to the ethernet jack, but am not having any luck tracking anything down.

the second part of the dilemna is more perplexing. If the boxes are 2000/XP I could probably use local policy to not allow access to internet explorer. but if they are 98 I may be looking at having to proxy it. we use wingate at work, so I'm looking into that as an option.

all input would be greatly appreciated it.

[Green_Eyed]

Can't you just tell them how pitifully slow that shared conenction will be? If two computers are are sharing a conneciton of 48k, it will be effectively 24K per computer, or less. I can't imagine anyone wanting to do that to themselves voluntarily.

[kato2274]

Originally posted by Green_Eyed
Can't you just tell them how pitifully slow that shared conenction will be? If two computers are are sharing a conneciton of 48k, it will be effectively 24K per computer, or less. I can't imagine anyone wanting to do that to themselves voluntarily.

I agree. I'm going to push broadband. no doubt about that but if in the end they say they want it done with a modem, then I'm going to have to do it.

I'm thinking I'm going to use smoothwall no matter what. 1 smoothwall box will take care of several issues. It will have firewall. it will assign IP through DHCP which will allow them to more easily add a comp to the network, and will route to the internet whether it's a cable modem DSL or analog external modem..

the problem now is only allowing the correct users to surf the net as smoothwalls proxy does not authenticate users. if you are on the lan, and configured to use the proxy you can surf. If the boxes are 2k/xp I figure I can set up users who do not have install priveledges and aren't allowed to change internet connection settings so the boxes that don't have the proper proxy listed won't be able to get online. my question to this is would that connection setting change based on who logged onto the machine via local profiles. if so this may be the way to go.

[InvisiBill]

Check out www.e-smith.org. FreeSCO and ClarkConnect are similar, but I'm most familar with e-smith. Supports modem, ISDN, DSL, cable, and some people even have it working with satellite and wireless. FYI, we have a Cyrix 225MHz 64MB machine doing mail/web/gateway/VPN for our network of about 20 users, and it does just fine. Anything Pentium-level (ISA isn't supported by default) should be fine for basic ICS...

[craigmodius]

Well it sounds like you need something like 602 pro Lansuite which is free for 5 users and very reasonably priced for more. I'd tell you all it does, but it does it all and more, just check the link.


proxy from analogx is free and it logs traffic, but there's no user authentication module to it.

[kato2274]

Originally posted by craigmodius
Well it sounds like you need something like 602 pro Lansuite which is free for 5 users and very reasonably priced for more. I'd tell you all it does, but it does it all and more, just check the link.


proxy from analogx is free and it logs traffic, but there's no user authentication module to it.

that's an interesting link. they have more than 5 users and as you can probably guess are CHEAP so I'm going to investigate the smoothwall option thoroughly as it would allow me to keep my bid low.

but I've downloaded the lan suite for testing purposes and very well may implement it at my parents small business if I don't build a small domain with win2k server.

[craigmodius]

well if the supervisors are the only ones that know the password then you can get away with just one user, but you have little way of knowing if the first shift super is staying late to surf for porn or if the second shift super is the one turned on by midgets

I say install it on a home PC even if you have only one and set your browser to proxy thru localhost or 127.0.0.1 and test it out.

can't hurt

[kato2274]

Originally posted by craigmodius
well if the supervisors are the only ones that know the password then you can get away with just one user, but you have little way of knowing if the first shift super is staying late to surf for porn or if the second shift super is the one turned on by midgets

I say install it on a home PC even if you have only one and set your browser to proxy thru localhost or 127.0.0.1 and test it out.

can't hurt

so it's not how many IP addresses it's passing out? I thought since they had more than 5 computers that would be hitting the DHCP server, it would consider that more than 5 users. if it works the way you are saying there is less than 5 users that would need internet access

[ilovetheusers]

If you can get them to go to broadband - a simple linksys router will allow you to block individual IP's from reaching the net. You would have to set the machines up staticly but it's no biggie. It lets you filter groups or individual users or even specific ports (though it looks like that's for everyone). It's a NAT too so it provides a small level of protection to those behind it.

Of course it sounds like what your asking for is a dial up router and I don't know if this is what you need but:
http://www.multitech.com/DOCUMENTS/datasheets/487.asp

[Rellik]

my SMC7004 barricade NAT router has a feature that you can attach a 9 pin rs232 56k modem to it and optionally upgrade to cable/DSL.

Not to mention the ability to block mac addresses, a TCP/IP print server and a host of other config options.

here it is:
http://www.smc.com/index.cfm?sec=Pro...prod=67&site=c

[ShadowWynd]

The method I use is AnalogX Proxy and Remote Disconecction Utility. Both are freeware.

RDU is a combo client/server system. It has to be installed on every system. It is also useful to do messaging across network.


RDU allows anyone on my LAN to tell the server to connect to the Internet via Dial-up. RDU also lets anyone turn disconnect the dial-up connection as well. AnalogX then shares internet access from the server to the clients.

http://www.webattack.com/get/rdu.shtml

Again, you are effectively halving the connection. No problem if doing email or just surfing, absolute murder if trying to download files on multiple machines.

A problem that occurs if multiple people are using the internet is if one person is through using the internet and disconnects, it shuts off Internet access for everyone else on the network. One of the other people now has to tell RDU to reconnect.

[kato2274]

still leaning towards smoothwall because it incorporates several solutions into one box. a firewall / router / dhcp server.

I found this page
http://www.sans.org/rr/web/habits.php
which explains in some detail how to use squid to authenticate users who try to gain access to the internet. it seems pretty straight forward and I'm going to give it a shot as I already have the smoothwall box installed.

I let you know if it works

[Gollo]

You could always do something like this. Yeah it's a little dated but the price is right.

[smoke wolf]

http://www.multitech.com/DOCUMENTS/datasheets/487.asp

"The Multi-Tech RouteFinder gives everyone on your network Internet access with just one modem and one ISP dial-up account. The RouteFinder features two RS-232 WAN ports so you can connect as many as two external analog modems or ISDN terminal adapters. Or, you can use one WAN port for dial-in remote access. The RouteFinder also has a built-in 10/100M bps switch to ensure high-speed transmission."

Try one of these if you can find them. They retail around $199 and can support multiple modems.

I used the three port models for a phsical therapy place who used an online database for the client records. They needed a min of 33k per user and had 2-3 users per office. It sets up a little wierd, so it helps to keep unwanted fingers out of the cookie jar.

[kato2274]

gollo,

that's not bad. I may look at it if the smoothwall box won't share properly, though i doubt that will be an issue.

the question now is Effectively limiting access. I'm working it out though.

of course with my luck I'll go through all of this and end up not getting the bid anyway