General discussion

Locked

Public or Private IPs...

By camy2079 ·
My current scenario is:

-a full T1 with 32 static IPs from the IPS.
-A soho3 firewall.
-a 50 user microsoft network.

Right now I have one public IP used by my soho3, which is set to NAT mode. Each WS is set with a static private IP. Although the firewall will serve DHCP to guest stations.

It was suggested to me that I set each WS with a public IP and set my firewall to standard mode. I do not allow my users remote access so I don't see how this would benfit.

Any thoughts? What would be the benefits or consequences?

Thanks
Chaz

This conversation is currently closed to new comments.

11 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Public or Private IPs...

by JustAnAdmin In reply to Public or Private IPs...

I would definitely suggest leaving it set up as you have it currently configured. The NAT may/should add a little bit of extra security and there is no need to use the public IPs for your workstations.

Reserve the public IPs for any public servers you may end up using, or any other special uses that may pop up in the future. I don't suppose they would give you any discount if you only need a single IP? :)

Collapse -

Public or Private IPs...

by camy2079 In reply to Public or Private IPs...

Poster rated this answer

Collapse -

Public or Private IPs...

by timwalsh In reply to Public or Private IPs...

You only need a public IP address if you have a server that MUST be accessible from the Internet (such as a webserver). If you have have a firewall that will let you map ports to specific internal (private) IP addresses, then you really only need apublic IP address for your NAT box.

The consequences of using public IPs is that they are all potentially accessible from the Internet. Based on your description above, there don't appear to be any benefits.

Collapse -

Public or Private IPs...

by camy2079 In reply to Public or Private IPs...

Poster rated this answer

Collapse -

Public or Private IPs...

by scott In reply to Public or Private IPs...

Agree with both !!!

Don't use public IP's for internal clients.

Collapse -

Public or Private IPs...

by camy2079 In reply to Public or Private IPs...

Poster rated this answer

Collapse -

Public or Private IPs...

by Whatme? In reply to Public or Private IPs...

"reserve" your extra valid IPs. Assign one to your outside nic and use NAT for internal use. You never know when you may decide to subnet even further and it is better (in my opinion) if you use DHCP to assign your workstations. you may want to install a firewall with a DMZ at some time... there is 2 valid IPs and a third for internal. This is where I would assign the rest of your valid IPS. Mail servers, SQLs, web etc could all be put in the DMZ.
In my opinion, a 50 user or 5000 user networkis just as hard to manage so you may as well set it up with growth in mind.

merv

Collapse -

Public or Private IPs...

by camy2079 In reply to Public or Private IPs...

Poster rated this answer

Collapse -

Public or Private IPs...

by Maelgwyn In reply to Public or Private IPs...

I was once told by a little birdy (John the TAFE lecturer)... If you never need to use a public address; DON'T! They are exactly that - public, so therefore it makes a potential security hole. Hey, if it works and works well, why fix it?

Maelgwyn

Collapse -

Public or Private IPs...

by camy2079 In reply to Public or Private IPs...

Poster rated this answer

Back to Security Forum
11 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums