I'd like to pick the brains of the collective concerning the best way to setup and configure a router.
Current network setup plan is as follows:
Shaw Cable modem connected to 10/100 unmanaged switch via RJ45 # 0.
RJ45 # 1 to Windows PC - IP address obtained by DHCP
RJ45 # 2 to NAT Router - WAN IP address obtained by DHCP
NAT Router - LAN IP Address 192.168.0.1
RJ45 # 3 from LAN port on Router to Wireless Access Point ( 192.168.0.2) in Bridge Mode to 24dBi Antennae
(WAP's are configured to recognize only each others MAC address)
Wireless Link between Antennae - 350 yds
24dBi Antennae to Wireless Access Point (192.168.0.3) in Bridge Mode (WAP's are configured to recognize only each others MAC address)
WAP to 16 Port 10/100 Unmanaged Switch via RJ45 # 4
RJ45 connections from Unmanaged Switch to workstations.
LAN layout:
10 Windows PC running XP Pro, Home, ME, 98, 98SE and 95 on subnet 192.168.0.nn. STATIC IP's
All access internet and require access to POP email.
GOAL:
Provide secure access to internet for the following groups:
A: Bible School Administration 10 PC's Currently the only group on network
B: Church Administration Offices 5 PC's
C: Student Lab Network 8 PC's
D: Dorm Rooms
A-B-C all have access to Internet, Email etc.
A-B have unlimited access to Internet, Email etc but are protected from C & D
C has CONTROLLED but unlimited access to Lab, Email, Internet
D has CONTROLLED but unlimited access to Internet and Email
Students must log on with individual passwords and some type of log is maintained to determine usage and possibly history.
1. SO, is this possible?
2. Can we set up a firewall that will allow the required access but restrict
access of Student Lab Network and Dorm Rooms to both A and B?
3. Access between A and B - selected stations only ie: accounts related PC's
4. Can security be maintained using MAC addresses vs IP addresses?
5. A and B will in future be connecting to SAMBA server.
If anyone needs to chat I can be reached @ 701.5746 anytime.
Thanks,
Dave Watkins
