• Creator
  • #2244635

    Public/ Private IP addresses


    by al_alonzo ·

    General Question:
    I work in a small office with about a dozan users. Our network setup includes NT 4.0 server and a win 2000 server. Our new ISP provider gave me a cluster or range of IP addresses. To make my network work I use these addresses for our network but was told I should not for security reasons. How do you setup a network using internal Class C (private IPs) and still have access to the public IPs used for internet access for my users using XP desktop??

All Answers

  • Author
    • #2551241


      by al_alonzo ·

      In reply to Public/ Private IP addresses


    • #2551236

      use a router and a firewall

      by jiminpa ·

      In reply to Public/ Private IP addresses

      Setup your internal network with private IP’s then use a router. One side presents a private IP to the local LAN and use a Public IP to present to the internet. Also you will want to make sure you use a firewall in order to keep the bad guys out.

    • #2551234

      humm ok so you don’t know how to setup a network.

      by cg it ·

      In reply to Public/ Private IP addresses

      Is that the problem? So you want some guidance on where to learn networking?

      plently of self help books availble on you could also take a CompTIA Network + training program.

      or did you want us here to tell you how to setup a network?

      • #2659270

        Noop. Done it both ways

        by al_alonzo ·

        In reply to humm ok so you don’t know how to setup a network.

        Currently I set up and have running our LAN using the cluster of IP’s from our ISP provider to have internet access.

        Previosuly I had set up and running our LAN using class C IP addresses.

        What I want is direction on how to use internal or private IPs for my LAN and yet use the public IPs provided by our ISP to access the internet.

        • #2659254


          by churdoo ·

          In reply to Noop. Done it both ways

          Whoever recommended for you not to put your LAN on pub IP’s was right, as are the other posters.

          Multiple private IP LAN clients can “share” a single public IP for internet access via NAT, i.e. Network Address Translation. Most routers have this capability.

          A simplistic description: the router takes the outbound traffic from your LAN and replaces the source internal private IP’s with the router’s public IP. The router keeps track of which internal IP’s are talking to which external IP’s so that the inbound traffic gets sent to the correct internal IP. This allows multiple internal clients on private IP’s to communicate accross the internet using as little as a single public IP on the router’s external interface.

          This by itself offers a certain amount of protection as your LAN clients are not exposed on public IP’s and inbound traffic to the NAT external IP is generally only allowed based on a request from an internal client. For more protection, also install a firewall.

          So to make this work on your network, you would
          a) configure your LAN clients back on Private IP’s, properly configured with your router as their default gateway, and with working DNS resolvers;
          b) configure your router’s internal interface on the same network as your LAN of course, at least one Public IP on its external interface, and enable NAT

    • #2551183

      Previous Network Setup

      by grey hat geek ·

      In reply to Public/ Private IP addresses

      How did your network handle all this before your new ISP came in the picture? Are you guys using a static IP for your business? Why would your ISP give you a “cluster” of IP addresses? If you are not paying for a static IP with your ISP, then you are getting a dynamic IP assigned. Do you have a router? Are you using NAT? Need some more info bud….

      • #2659260

        Some info

        by al_alonzo ·

        In reply to Previous Network Setup

        We are a small shop. We use the LAN for internet access and file sharing only. Originally I set up the LAN using C class static IPs (no internet). Shortly we were provided with an ISP whom gave us a range of IPs to use along with other setup info for mask, gateway ..etc. These are now our LAN static IP address that provide us internet access. I use firewall software on the servers. No router yet on our end. I guess our ISP provided use with static IPs..these don’t change on our LAN.

    • #2551159

      Setup DHCP

      by alexander.x.schumann ·

      In reply to Public/ Private IP addresses


      This is a very big topic but try this for abit of guidance.

      1. Setup the public IP address’s for your servers..such as DNS Servers, web servers etc. I would not recommend a file server.
      2. Set your servers with static IP
      3. Setup on one server a DHCP scope…this will automaticly assign to computers a IP address. Hopefully you have also a firewall.

      If you have a small network…dozen people and dont plan to grow fast then try a Zyxel firewall / router UTM.

    • #2659245

      The IP range from your ISP

      by ugadata ·

      In reply to Public/ Private IP addresses

      As several other posts have stated, you should use a private IP address scheme for the internal network.

      The range of addresses your ISP gave you is for accessing your Internal network from the outside (or from the Internet).

      You would use some form of port forwarding so users could directly access there individual machines from home (or anywhere else outside the local network. Also for direct access to Servers for file sharing and or web servers.
      Although I think a VPN connection to the network would much safer than giving users direct access to machines on the internal network.

Viewing 5 reply threads