Good Day, Whil! Out here in the Upstate NY/Rochester/Geneva area I have seen Time Warner/RoadRunner move to a combo Cable Modem/Router (often with WiFi) unit for both business class and residential use. These units can be configured as "Pass Through" devices where you end up with a WAN IP popping out of the LAN side, which requires you to use your own firewall, or as a Router where the LAN side pops out with a 192.168.1.nnn IP at all the LAN ports (and WiFi if that is turned on). For my clients I have always opted for the Pass Through configuration as their SonicWall firewalls are set up for incoming VPN use. For home users that are friends I have no problem with them using the Router configuration and saving a few bucks by not having to go out and buy a separate Router of their own. If the home users need a VPN to match a remote location I will go with Pass Through, then place a firewall with VPN behind the RR unit.
So, how do you tell if you have the Pass Through (sometimes called "transparent mode") or Router configuration? From what I have seen the Router config is the default setup. One has to request the Pass Through configuration, then hope the RR folks know what the hell is meant by that. If the IP coming out the LAN ports (4 ports you mentioned coming out of the 6 playing card deck size box) are 192.168.1.nnn, then you have the Router setup, which is okay unless you need an incoming VPN based on your own firewall settings. In the case where you have the Router config the RR Tech Rep was somewhat correct in saying you only have one active IP, as he likely means (whether he knows it or not) you have only one WAN/Public IP. If you paid more for a static IP, than that is the static IP assigned to your unit on the WAN/Public side of the box. You can get multiple WAN IPs, static or dynamic, for real reasonable (no longer $50 each, now down to $10 each, per month of course). If the 4 ports are popping out something other than 192.168.nnn.nnn, then your unit is set up as Pass Through. If indeed you have 4 separate IPs in the non-192.168.nnn.nnn range then you have 4 WAN/Public IPs, whether static or not. If you did not request multiple WAN IPs this is an unlikely scenario. Now, for the $1,000 question... If you connect to one of the 4 ports with a PC, is it auto-assigning (DHCP) an IP to your PCs? Or do you have to set up each PC with a static IP (which you can do with a DHCP system anyway)? This is more a question out of curiosity than anything else. I have only seen DHCP configurations on the LAN ports with the new RR Cable Modem/Router units. You can still use static LAN IPs for your PCs with a DHCP unit. The advantage I see with DHCP is if the DNS Server IPs ever change, the PCs' DNS address is updated upon IP resetting/rebooting. But wait, there is more! If you are hosting web/eMail/ftp,etc. Servers, and have been using your own firewalls to manage all that, then you need to have the RR unit set up as a Pass Through configuration. That way your firewall(s) manage which ports are allowing Port Forwarding or DMZ management with your Servers. If you try to do that behind the RR unit in Router configuration you will have a real good time trying to get it configured properly. For me, I prefer the Pass Through config, then use my own equipment to manage the signal processing. I hope that helps <g>... Regards, Gil > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Whil Hentzen (Pro*) > Sent: Tuesday, November 07, 2006 6:57 AM > To: [EMAIL PROTECTED] > Subject: [NF] What are people doing with cable interfaces? > > > I've just acquired a line with Time-Warner BizClass. The rationale > behind it, let's leave that for another time. <s> > > So now I've got some pretty basic questions.... I've been spoiled for so > long, with a pair of T1s coming into the house right next to this TW > line... Kind of like the frustration at having to deal with a dial-up. <s> > > Anyways, the fellow who installed it wasn't terribly helpful (BIG > SURPRISE), nor were the folks on the other end of tech support. But > that's OK, I can experiment. > > At the end of the line coming in from out-of-doors, there's a box the > size of maybe six decks of playing cards. The line goes into it, and > there are four Ethernet ports available. Tech support says that only one > is active, but I don't quite believe him, as I can plug a box into any > of them and get out. I've got four static IP addresses. > > I'm guessing this box-like thingee is a 'cable modem'. All it provides > is access outside. No firewall, no nothing, right? > > So what do I do now? <s> > > I could hook up a single box that's running a firewall as well. Block > everything but 80, for example. > > I could hook up four boxes, too. But I'm not sure I'm comfortable having > to mess with four firewalls on four boxes; that begins to become a lot > of admin that I should be able to handle in a central point. > > So I could also plug a firewall into one of the cable modem ports, then > a hub into the other side of the firewall, and plug boxen into the hub. > > JUST CAN'T DECIDE!!!!!! > > So what are y'all doing with a setup like this? > > Whil > > [excessive quoting removed by server] _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
