Networking

Connecting your offices with VSAT

Ron Nutter explains how recent changes in technology and VSAT simplify the entire satellite connectivity process.


In the past, satellite connectivity meant having a large dish at each end of the connection, spending several thousand dollars for hardware, and spending a great deal of time on the installation. You'd also face large, recurring monthly bills for the satellite service. Recent changes in technology, combined with VSAT (Very Small Aperture Satellite), give you access to a remote connectivity solution that enables you to perform installations without resorting to a professional installer. In this Daily Drill Down, I’ll examine VSAT and explain what you must do to use it.
For the purposes of this Daily Drill Down, we will operate under the assumption that you're using Windows 98 Second Edition for both the gateway system and for the workstations.
Things to do first
Before delving into the setup and installation of a satellite connection for remote offices, you must analyze the type of traffic for which you'll be using this connection. If you're looking at an application that's "chatty" in nature (i.e., request-reply, request-reply, and so forth), you may want to think twice before setting up a satellite link system—the performance may end up being inferior to that of a regular dial-up line or a point-to-point circuit.

Check with the vendors of the applications that you plan to use to see if they offer information as to how well the applications will work on a satellite connection. You should also ask the vendors what configuration changes must be made to get the applications to work optimally on a satellite connection. You'll experience more delay with satellite connections than with regular communications. The distance the signal must travel from ground station to satellite to ground station can account for approximately two seconds for traffic going in just one direction.

How it works
Hughes Network Services offers two different configurations of VSAT, which it refers to as DirecPC. For $50 to $130 for a monthly service contract and less than $300 for hardware, you can have access to a connection with speeds up to 400 KBps in bandwidth. The simplest connection features a dish that's connected via an RG-6 coax cable to either an internal PCI satellite modem or to an external USB interface satellite modem. I strongly suggest that you use the external USB modem. Several dealers have reported overheating problems with the internal satellite modem card.

Another hardware configuration option is called DirecPC Duo. DirecPC Duo provides high-speed Internet access and the ability to watch satellite TV over the same dish.
A third option should be available by late 2000 or early 2001. EchoStar Communications, parent company for the Dish Network, has announced a partnership with Gilat-to-Home from Israel to offer a two-way Internet connection over the Dish Network by adding an additional LNB to your existing Dish Network dish.
After the dish is installed and the cable is run to where you want the satellite modem located, your next step is to install software from the CD that ships with the satellite dish. This software sends your Internet request via the ISP of your choice to DirecPC’s Network Operation Center (NOC). The request is executed and the results are sent back to you via your satellite dish.

Out of the box, this solution supports only one PC. With a little effort, you can have several additional PCs up and running on the same connection. Hardware-based solutions from companies such as Helius can support a significant number of PCs with software-based solutions like Microsoft’s Internet Connection Sharing service in Windows 98.

To use Microsoft’s ICS service for multiple PCs, you'll have to use a gateway device that allows shared access to the Internet connection. You'll also want to ensure that all PCs in this scenario are running antivirus software. In order to keep the connection from becoming saturated with unnecessary traffic, you may want to use a program such as Norton’s Internet Security, which allows you to restrict access to sites and services from the computers connected to DirecPC.

Getting ready for the install
Unless you have experience installing satellite dishes, you'll want to defer the first couple of installs to a professional until you're comfortable doing it. Before you or the professional installs the software required to use the DirecPC system, set up the computer to be able to use your dial-up Internet provider and make sure that you can successfully connect to the provider.

If you plan to deploy this solution at multiple locations, consider using the same ISP for all locations. If the ISP uses its own software to connect you to its service, closely examine the documentation to determine which settings you must use when connecting to the service using a dial-up networking configuration within Windows 9x or NT. Another reason to walk through a couple of dial-up tests with the ISP is to see if there are any special settings that you must use in a Dial-Up Networking (DUN) type of configuration, such as DNS server addresses.

In some cases, you may experience a disruption in the DirecPC server, usually due to heavy rain or snow. Having a dial-up provider installed on your PC prior to the installation of the DirecPC software gives you an alternative method, albeit a slower one, of getting on the Internet in the event that the DirecPC service is temporarily unavailable.

During the installation process (after the satellite signal test has been performed), you'll see a listing of the Internet providers for which the computer has been configured. Don’t be surprised if your list of ISPs only shows Other. I asked DirecPC technical support about this issue and was unable to get an explanation as to why this happens. That is the reason I suggested earlier that you run a couple of dial-up tests to verify which settings you may need to use to connect to the ISP when using DUN.

Provide the settings for connecting to the ISP when using DUN on one of the screens where you can manually configure the dial-up connection to the ISP. The only disadvantage I have seen in the software is that you're limited to a single phone number. It would be nice to have the option of using a backup phone number in the event that your ISP has more than one modem pool in the area or if you want to come in over an 800 number.

Once the DirecPC software is installed, reboot the workstation, verify that you can connect to the DirecPC service, and make sure that everything is working as expected. Now you're ready to proceed with the installation of the Internet Connection Sharing service.

Installing the Internet Connection Sharing service
You now have the option of allowing one or more computers to pass through your computer and be able to share the connection to the Internet (a feature new to Windows 98 Second Edition). You will need to install a network card in each system that you want to connect with the ICS service.

If you're only using two PCs, you can probably get away with using a crossover cable to connect the systems together. Otherwise, you'll need to use a hub to connect the systems via regular network cables.

To start the installation process, select Start | Settings | Control Panel, then click the Add/Remove Programs icon. Select the Windows Setup tab and double-click the Internet Tools option. Click the Internet Connection Sharing option so that the small box to the right of the option has a check mark. Click the OK button twice. After a few minutes, you'll see the Internet Connection Sharing Wizard.

First, you must specify the type of Internet connection that you will be sharing: Dialup or High Speed. In our case, select the High Speed option since we will share a satellite connection. Next, you'll choose the network adapter for the Internet connection. Select the Satellite Receiver USB Adapter, then click Next to continue. The next screen will advise you that you need to create a client configuration disk. Insert a blank disk into the floppy disk drive and click Next to continue. Click the OK button to begin the process of creating the client disk. When the process of writing to the disk has stopped, click OK, and then click Finish. The next prompt will be to reboot the computer.

After rebooting, you'll see a dialog box that indicates that ICS isn't configured to work with the Navigator. Click Yes to configure the software to work with ICS. After rebooting, proceed to the workstation(s) to configure them to use ICS to pass through the gateway system you have just set up.

After verifying that the workstation has a network card installed and TCP/IP bound to the network card, insert the client configuration disk that was created on the system and run ICSCLSET.EXE. This executable will configure your browser to work correctly with ICS. Make sure that your browser isn’t configured to go through an HTTP proxy server. If it is, clear this option and you should be able to get directly out to the Internet once the ICS gateway system is connected.

Go to the Properties option for Network Neighborhood, select the IP Address tab, and verify that it's set to Obtain IP Address Automatically. Select the WINS Configuration tab and verify that the Use DHCP For Wins Resolution option is selected. Next, select the Gateways tab and remove any gateway entries that are listed. Finally, select the DNS Configuration tab and verify that the Disable DNS option is selected. Click OK twice to accept your changes. Click Yes to reboot the computer. Check for the existence of a registry key on the ICS gateway machine. Look for HKEY_LOCAL_MACHINE\System\CurrentControlSet
\Services\ICSharing\Settings\General, then look on the right side of the Regedit window for the InternetMTU entry. If you find this entry, right-click it and select Delete. Exit Regedit and reboot the ICS Gateway before proceeding to configure the workstation(s) for ICS use.

Since we're using Windows 98 as the client (this step will also apply if you're using Windows 95), we need to look for a particular setting in the registry to ensure optimal performance. Open the Regedit program and click HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Vxd. Look for MSTCP and double-click that registry key. Look in the right-hand window for a registry entry labeled DefaultRcvWindow. If the value for this entry is set to 64000, your system is ready to go. If it isn’t set to this value, edit the entry to read 64000, exit Regedit, and reboot the workstation. If you don’t see the MSTCP option listed, create that registry key and then create the DefaultRcvWindow entry with the value of 64000. At this point, you now have a working system for sharing an Internet connection.

Altering ICS to meet your needs
By default, ICS uses the Class C private address range to assign IP addresses to workstations participating in the ICS configuration you've created. If you're planning to use this as a disaster recovery option, you may want to change the address range that the DHCP functionality in the ICS gateway assigns to the workstations passing through it. Go to Regedit and look for the following registry entry: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
\ICSharing\Settings\GeneralHkey_Local_Machine\System\CurrentControlSet
\Services\ICSharing\Settings\General. You will see a value on the right side of the screen that's similar to 192.168.0.1, 255.255.255.0. If you're using a different address range, such as 10.0.1.1 with a 255.255.0.0 subnet mask, you may want to change the address that the ICS gateway uses for the IP address that's bound to its own network card. After you've made this change, change the registry entry HKEY_LOCAL_MACHINE\System\CurrentControlSet
\Services\ICSharing\Addressing\Settings to the next IP address to be assigned. This value can't be equal to or lower than the IP address that will be used by the adapter card in the ICS gateway machine.

Next, provide the last address to be assigned in this range to the Stop value that you will find in this same key. Change the IP address on the adapter in the ICS gateway system so that it can respond on the address range you just changed in the registry keys. Right-click the Network Neighborhood icon, and select Properties. Double-click the TCP/IP (Home) entry, then change the IP address and subnet mask to match what you changed in the registry. After clicking OK, you will be prompted to reboot the workstation. Click Yes and wait a few minutes after it's finished rebooting before visiting the workstations.

If you're using ICS to connect remote workstations to your corporate network and need to be able to access servers on the corporate network using WINS resolution, you'll need to complete a few additional steps. From a Windows 98 workstation, run the WINIPCFG program, click the drop-down arrow and select ICShare. Click More Info and write down the IP addresses for the primary and secondary WINS (Windows Internet Naming Service) servers.

On each of the ICS clients that must access the WINS servers on the corporate network, right-click the Network Neighborhood icon and select Properties. Double-click the TCP/IP network card that connects to the ICS host entry. Select the WINS Configuration tab, enable WINS resolution, provide each of the WINS server IP addresses, and click the Add button for each server. Click OK twice and restart the workstation.

Monitoring the status of your ICS system
By double-clicking the ICS icon on the taskbar, you'll be able to see the number of workstations currently connected to the ICS gateway. Don’t be surprised if the count isn’t totally accurate—a workstation may have just connected to the ICS gateway. It may take up to 15 minutes before the correct number of clients going through the ICS gateway is displayed. ICS holds the TCP and UDP ports open for a client passing through it for up to 10 minutes after any activity from that workstation has ceased. The count for the number of workstations isn’t updated until after the ports are closed.

At this point, you have a functional method of connecting remote or temporary offices when other options aren’t available or if you need a basic system up and running quickly. You'll be dealing with a potentially smaller amount of bandwidth than what you're accustomed to. Therefore, you may want to consider using a product such as Symantec’s Norton Internet Security or Sybergen SyGate for Home Office to limit what hosts the users can access so limited bandwidth isn't wasted.

By all means, you should also consider having some type of antivirus solution in place on both the ICS gateway and client systems in an effort to keep from incurring damage to your network.

Conclusion
This Daily Drill Down has walked you through the process of setting up the Internet Connection Sharing service present in Windows 98 Second Edition (also available in Windows 2000). Since this is a fairly new service, only a limited amount of information is available. More information should be available as enhancements to the service are released.

Ronald Nutter is a senior systems engineer in Lexington, KY. He's an MCSE, a Novell Master CNE, and a Compaq ASE. Ron has worked with networks ranging in size from single servers to multiserver/multi-OS setups, including NetWare, Windows NT, AS/400, 3090, and UNIX. He's also the help desk editor for Network World. If you’d like to contact Ron, send him an e-mail. (Because of the large volume of e-mail that he receives, it's impossible for him to respond to every message. However, he does read them all.)

The authors and editors have taken care in preparation of the content contained herein, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for any damages. Always have a verified backup before making any changes.

Editor's Picks

Free Newsletters, In your Inbox