1. Stuff to buy to set up your home network
2. Configuring your network
3. Testing your network connectivity
4. Public versus private IP address
5. Network Address Translation (NAT)
6. Using your home network
7. Establishing your ADSL connection
8. Virtual Private Networking (VPN)
9. Installing WinRoute Pro
10. The HTTP proxy of WinRoute
11. Using your new Internet connection
1. Stuff to buy to set up your home network
To build your home network you need at least two computers. In order to let the computers communicate you will need to place a network card in each computer. The cards need to be connected to a switch using network cables. Let me explain.
A network card is an expansion card, just like your internal modem or sound card. Try to buy a 10/100 Mbps card, rather then a 10 Mbps card. With a 10/100 Mbps card communication at 100 megabits per second is possible. Actually, a 10 Mbps card is just fine for a small home network, but 10 Mbps cards are being sold less and less. So you might as well start buying 10/100 Mbps from the start. The price difference is small. Prices for network cards start from 8 euro. I always buy cheap cards, they work fine!
You might want to know the difference between ISA and PCI expansion slots. Expansion slots are located on your motherboard and allow you to use expansion cards. A PCI card will not fit into a ISA slot and visa versa. You should buy a PCI type network card, unless you have a really old computer that does not have any free PCI slots. Almost always will you be offered a PCI card by a computer shop.
To install a network card, please follow the instructions in the documentation that comes with it.
You will also need a switch and network cables. A switch is little box in which you can plug UTP cables. If you want to run your home network at 100 Mbps you should buy a 100 Mbps switch. An eight-port 100 Mbps switch costs about 85 euro. An eight-port switch allows you to connect up to 8 computers to your network.
After you have installed your network cards, then connect each network card to the switch with a network cable. You need UTP cat-5 network cable. The cat-5 indicates a certain quality level. It is very common nowadays. A cat-5 cable allows you to run your network at 100 Mbps. You should never connect two computers directly without a switch in between, because the cable is wired incorrectly for this. You can actually do this using cross cable, this is a special UTP cable. If you use a cross cable, then you only connect two computers together, not more then two.
Since we want to connect the network to the Internet using ADSL and WinRoute, the setup will be a little more elaborate than just two computers with a switch. One of the computers will have two network cards. One card connects to the home network and the other card connects to the ADSL adapter and the Internet. The computer that has the two network cards I will call the ADSL computer. If you can, you might want to buy two different brands network cards for your ADSL computer, so you can distinguish the cards during configuration. A good trick is to label them on the back. On the ADSL computer you you will install WinRoute. WinRoute will make Internet available to all the computers on your home network.
I am assuming here that you have an ADSL adapter with a network port and not an USB port. WinRoute will also work if you connect via a USB cable.
I personally use a Pentium 75 MHz with 24 MB of internal memory as my ADSL computer (32 MB of internal memory is recommended for WinRoute). Don't waste a powerful computer for your Internet gateway. On the other hand: try to use something that is reasonably modern, so you won't run into too many configuration problems.
2. Configuring your network
We will be using IP for your home network. Internet Protocol is a set of rules that allow your computers to communicate. You can let your computers communicate in other ways then IP (for example NetBEUI), but everybody is using IP nowadays. You need to configure each computer with some IP information. You will need to enter three values: IP number, subnetmask and default gateway. An IP number is just a number that identifies a computer on the network. A subnetmask indicates which computers are on the local network and which computers are outside. The default gateway is the IP number of the computer that acts as the route to the outside. You will also need to provide a DNS server, so hostnames can be translated into IP addresses. The DNS server address can be added in the window "TCP/IP Properties" on the "DNS Configuration" tab.
I will make things simple for you. You give your ADSL computer the below values. Of course, your ADSL computer can have a second interface (on the side of the ADSL adaptor). Do not yet configure this interface. You will configure it later, as part of the ADSL installation.
IP number: 192.168.0.1
subnetmask: 255.255.255.0
default gateway: [leave this blank]
DNS server address: [leave this disabled]
The second computer you give the values:
IP number: 192.168.0.2
subnetmask: 255.255.255.0
default gateway: 192.168.0.1
DNS server address: 192.168.0.1
The third computer you give IP number 192.168.0.3 and the same subnetmask, default gateway and DNS server address as the second computer. Each new computer you give a new IP number. The subnetmask, default gateway and DNS server address remain the same for each new computer. Never should you give two computer on a network the same IP number. Okay? Never. Also, the subnetmask of the computers on a network should always be the same. With the information I have given you, you can add up to 254 computers to your network. I am sure you will not get that far. If you do, you won't be using this page anymore!!
You can kind of figure why all the computers use the ADSL computer as the default gateway: the ADSL computer will be able to route the network requests to the Internet, once we have everything set up.
3. Testing your network connectivity
Now your home network should work. Open a DOS box on your ADSL computer and try pinging the other computer. Pinging is just sending the other computer a little data packet and then see if the other computer responds. You type "ping 192.168.0.2". You should get the message "Reply from 192.168.0.2: bytes=32 time<10ms TTL=128". If you get the message "Request timed out." then things are not configured correctly yet.
If things are not working out, then ping the IP address of the computer itself. So sit behind 192.168.0.1 and do "ping 192.168.0.1". If it turns out you cannot even ping the local IP address, then the communication between the PC and the network card does not work yet. In this case you do not have a networking problem, but an incorrect driver installed or an IRQ of I/O address conflict. Or you did not stick the card deep enough into the expansion slot... Focus on that first. Do this test for every network card that you have. Below is an example of a successful ping, please don't mind the different IP address.
4. Public versus private IP address
I just adviced you to use IP addresses 192.168.0.1 and so forth. It is important to understand that you cannot give your computers just any odd IP address. This is because there should never be two computers with the same IP address on a network. Suppose there are two computers with the same IP address and one sends out a network request, to which computer should the answer be routed? Do you see how problems can arise there?
There are several ranges of IP addresses that have been reserved by IANA for private use. It was agreed that these IP addresses will not be used on Internet. The IP addresses are:
10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.0
The above IP addresses are called private addresses and can be used to build private networks. Addresses used on Internet are called public addresses. If you are using private IP addresses for your home network how can you communicate with computers on Internet? This is done by using Network Address Translation (NAT).
5. Network Address Translation (NAT)
Programs like WinRoute can do NAT for you. With your ADSL line you have received one public IP address from your Internet access provider. This public IP address is associated with your ADSL network card on your ADSL computer. Let's see what happens when you sit behind your ADSL computer and request a web page. The network request is sent onto Internet, the request is a data packet that also contains from which IP address the request has come (source IP address). This is necessary, because the answer from the web server needs to be returned to the source IP address.
Suppose the network request comes from a computer on your home network, then the source IP address is actually a private address. WinRoute will receive the network request (remember WinRoute will sit between your home network and Internet) and replace the source IP address by the IP address you received from your provider. Then the network request gets send onto Internet. When the answer comes back, WinRoute will send it to the computer on the home network. In short: WinRoute will translate private network addresses in a public network address so the requests can be fulfilled.
6. Using your home network
Now this is really cool, you've got your own network. But how do you use your network?? Well, you need network capable applications. Ping is actually one of them, but pinging other computers all day long is not much fun. It is outside the scope of this document to cover how you can use your home network. I will just mention some uses: if you use Windows you can enable Windows file and printer sharing. Then share folders or a printer. This allows you to access files or a printer over your network. Don't enable file and printer sharing on your ADSL computer, this is a security risk.
You can also install a little web server and place a web site. Suppose you have your web server on 192.168.0.3, then you would do http://192.168.0.3 to access the site. If you go to Tucows you can find all kinds of neat servers. You can also install Linux and stick your Linux server in your network. If you do this you can also use telnet and FTP. These server applications cannot be accessed from Internet. To give Internet users access, you need to do some extra configuration in WinRoute.
7. Establishing your ADSL connection
How you should set up your ADSL connection you will find in the documentation that you receive with your ADSL adapter. Go through the entire installation process as if there were no home network connected to your ADSL computer. Once you installed ADSL you should be able to use Internet from your ADSL computer. You cannot yet, at this point, use it from the other computer(s).
Here is some background information about what actually happens when you use ADSL (Asymmetric Digital Subscriber Line). When you use a dial-up connection to access the Internet then KPN sets up a connection between your modem and a modem from your Internet access provider. Your data will go over the phoneline like if it were sound. With ADSL data is transmitted digitally. Asymmetric means that you can download more than you can upload. This is not because your provider tries to keep you from setting up a web server. It is a design decision that was made when ADSL was developped. Most people just want to download more then they want to upload. A downstream ADSL connection can be up 8 Mbps and an upstream connection up to 1 Mbps, this depends on line length and other line conditions.
As with modems, ADSL adapters also come in pairs. The other adapter is at your local KPN telephone exchange. The ADSL adapter on the other end is connected to a network much like your own home network. KNP then connects you to the network of your Internet access provider, there you are routed to the Internet.
The DSL Forum has a lot more interesting information on ADSL: http://www.dslforum.org.
8. Virtual Private Networking (VPN)
You will have noticed that you needed to use "Virtual Private Network" during the ADSL installation. If you are interested, this paragraph provides you with an explanation of VPN. VPN means virtual private networking. Consider the following situation: you have an office in Almelo (The Netherlands) and one in Everett (USA). You could lease a line between Almelo and Everett and use that for your communication needs. However, this is really expensive. Okay, you could send it over the Internet, if both offices have Internet access. The problem here is that Internet is a public network and therefore not secure. The solution is to encrypt the data before it is send onto Internet and to decrypt it on the other side. The data will still flow over Internet, but it will be so mingled up that no hacker can decipher it. So, now you have a virtual private line. You should see VPN communication in terms of a tunnel: each office has a appliance that will do encryption/decryption and between the two appliances there is a tunnel.
In the case with Mxstream your ADSL computer works as one of the two encryption/decryption appliances. However, the encryprion/decryption is done using software and not with special hardware. This is why you had to enable the Windows component "Virtual Private Networking". The "appliance" on the other end is your ADSL adapter. So the communication over ethernet cable between your ADSL computer and the ADSL adapter is very secure... Is it so important to make the communication through that cable so secure? The answer is: no, not at all. KPN had another reason for enabling the VPN. The ADSL adapter that is used is the Speed Touch Home from Alcatel. This adapter can function in two modes: Bridging and PPP-to-PPTP Relay, the second one uses VPN. KPN is using PPP-to-PPTP Relay mainly because this allows user authentication. Then the can direct your connection to your own Internet access provider.
A consequence is that the ADSL network card has actually two IP addresses associated with it: one for IP communication and one for VPN communication. When you do "winipcfg" in a DOS box on your ADSL computer, you will see three IP addresses: your inside IP address (192.168.0.1), your ADSL IP address (10.0.0.150) and the VPN IP address. The last IP address is associated with a virtual network card called "PPP Adapter". This last IP address is actually the address you received from your Internet access provider. You may want to write down this address. If you would install a web server in the future, the web site would be available on this IP address.
9. Installing WinRoute Pro
This page assumes you are working with WinRoute Pro version 4.1. WinRoute can be obtained from Kerio Technologies, a five user licence costs about 150 US dollars. Install WinRoute only after you have installed working connections to your home network and Internet using your ADSL line. This because WinRoute will find out what connections you have and then configure itself.
After the installation, start the WinRoute Administration. Make sure you keep all the settings default, other then the settings listed below. Of course, if you know what you are doing then you can fine tune more.
This setup is without using DHCP (Dynamic Host Configuration Protocol). DHCP automatically allots an IP number and other essential information to a computer that joins a network. In order to use this service, the computer has to be configured as a "DHCP client". This is really easy to do. We do not use DHCP, because then your network can also function without WinRoute. Besides, a really simple network like this does not need DHCP. You can combine DHCP and fixed IP addresses, just make sure that the fixed IP addresses are outside the DHCP range and that all computers (those with fixed IP addresses and the DCHP clients) have the same subnetmask. If you use DHCP you will need to turn this on in WinRoute, by default it is turned off. If you use DHCP, then WinRoute must be running at the moment a computer on your home network boots.
10. The HTTP proxy of WinRoute
WinRoute also has a build-in HTTP proxy server. With NAT your web browser (or other Internet application) on the home network does not notice that NAT is being used. With a proxy server, you have to tell the browser to pass the network request to the proxy server. The proxy server will then retrieve the needed information from Internet and return it to the application. Thus, the proxy server is the endpoint for each HTTP connection.
When you use a proxy server all the URL's that are being requested from your home network are being logged. This can be useful when you have kids that need parental control. You should probably tell them that web surfing is being logged. Another reason for using the proxy server could be caching. Caching means that files that were retreived from Internet are re-used, provided they did not change. For example, take the Altavista logo, it hardly ever changes. So, why retrieve it from the Internet every time? Actually, your own browser does caching too, so proxy caching is only useful when you have more browsers that share the same ADSL connection.
When you use a proxy server, you have to provide your browser with the IP address and port number of the proxy server. In our situation this is 192.168.0.1, port 3128.
11. Using your new Internet connection
You can do fun stuff now. You can do web surfing as much as you want, you can do chatting. Online gaming. You can put up a webcam and do teleconferencing. You can also install Internet phone and make free (international) calls with other people who also have Internet access.
You can set up a web server and make your own web site available a web site. If you install your web server on a Unix operating system then you can see the accesses in real time with "tail -f webserver.log".
You can also share your Internet access with neighbours and share the costs. With Mxstream this is allowed, but keep an eye on the amount of data that is retrieved. If you share your network with neighbours you should be aware they can do packet sniffing and potentially look at all the data that goes over your home network. This is a big security issue. This is resolved by puttng another network card in your ADSL computer and putting your neighbours on their one network. Obviousy, this is a different topic all together.
2. Configuring your network
3. Testing your network connectivity
4. Public versus private IP address
5. Network Address Translation (NAT)
6. Using your home network
7. Establishing your ADSL connection
8. Virtual Private Networking (VPN)
9. Installing WinRoute Pro
10. The HTTP proxy of WinRoute
11. Using your new Internet connection
1. Stuff to buy to set up your home network
To build your home network you need at least two computers. In order to let the computers communicate you will need to place a network card in each computer. The cards need to be connected to a switch using network cables. Let me explain.
A network card is an expansion card, just like your internal modem or sound card. Try to buy a 10/100 Mbps card, rather then a 10 Mbps card. With a 10/100 Mbps card communication at 100 megabits per second is possible. Actually, a 10 Mbps card is just fine for a small home network, but 10 Mbps cards are being sold less and less. So you might as well start buying 10/100 Mbps from the start. The price difference is small. Prices for network cards start from 8 euro. I always buy cheap cards, they work fine!
You might want to know the difference between ISA and PCI expansion slots. Expansion slots are located on your motherboard and allow you to use expansion cards. A PCI card will not fit into a ISA slot and visa versa. You should buy a PCI type network card, unless you have a really old computer that does not have any free PCI slots. Almost always will you be offered a PCI card by a computer shop.
To install a network card, please follow the instructions in the documentation that comes with it.
You will also need a switch and network cables. A switch is little box in which you can plug UTP cables. If you want to run your home network at 100 Mbps you should buy a 100 Mbps switch. An eight-port 100 Mbps switch costs about 85 euro. An eight-port switch allows you to connect up to 8 computers to your network.
After you have installed your network cards, then connect each network card to the switch with a network cable. You need UTP cat-5 network cable. The cat-5 indicates a certain quality level. It is very common nowadays. A cat-5 cable allows you to run your network at 100 Mbps. You should never connect two computers directly without a switch in between, because the cable is wired incorrectly for this. You can actually do this using cross cable, this is a special UTP cable. If you use a cross cable, then you only connect two computers together, not more then two.
Since we want to connect the network to the Internet using ADSL and WinRoute, the setup will be a little more elaborate than just two computers with a switch. One of the computers will have two network cards. One card connects to the home network and the other card connects to the ADSL adapter and the Internet. The computer that has the two network cards I will call the ADSL computer. If you can, you might want to buy two different brands network cards for your ADSL computer, so you can distinguish the cards during configuration. A good trick is to label them on the back. On the ADSL computer you you will install WinRoute. WinRoute will make Internet available to all the computers on your home network.
I am assuming here that you have an ADSL adapter with a network port and not an USB port. WinRoute will also work if you connect via a USB cable.
I personally use a Pentium 75 MHz with 24 MB of internal memory as my ADSL computer (32 MB of internal memory is recommended for WinRoute). Don't waste a powerful computer for your Internet gateway. On the other hand: try to use something that is reasonably modern, so you won't run into too many configuration problems.
2. Configuring your network
We will be using IP for your home network. Internet Protocol is a set of rules that allow your computers to communicate. You can let your computers communicate in other ways then IP (for example NetBEUI), but everybody is using IP nowadays. You need to configure each computer with some IP information. You will need to enter three values: IP number, subnetmask and default gateway. An IP number is just a number that identifies a computer on the network. A subnetmask indicates which computers are on the local network and which computers are outside. The default gateway is the IP number of the computer that acts as the route to the outside. You will also need to provide a DNS server, so hostnames can be translated into IP addresses. The DNS server address can be added in the window "TCP/IP Properties" on the "DNS Configuration" tab.
I will make things simple for you. You give your ADSL computer the below values. Of course, your ADSL computer can have a second interface (on the side of the ADSL adaptor). Do not yet configure this interface. You will configure it later, as part of the ADSL installation.
IP number: 192.168.0.1
subnetmask: 255.255.255.0
default gateway: [leave this blank]
DNS server address: [leave this disabled]
The second computer you give the values:
IP number: 192.168.0.2
subnetmask: 255.255.255.0
default gateway: 192.168.0.1
DNS server address: 192.168.0.1
The third computer you give IP number 192.168.0.3 and the same subnetmask, default gateway and DNS server address as the second computer. Each new computer you give a new IP number. The subnetmask, default gateway and DNS server address remain the same for each new computer. Never should you give two computer on a network the same IP number. Okay? Never. Also, the subnetmask of the computers on a network should always be the same. With the information I have given you, you can add up to 254 computers to your network. I am sure you will not get that far. If you do, you won't be using this page anymore!!
You can kind of figure why all the computers use the ADSL computer as the default gateway: the ADSL computer will be able to route the network requests to the Internet, once we have everything set up.
3. Testing your network connectivity
Now your home network should work. Open a DOS box on your ADSL computer and try pinging the other computer. Pinging is just sending the other computer a little data packet and then see if the other computer responds. You type "ping 192.168.0.2". You should get the message "Reply from 192.168.0.2: bytes=32 time<10ms TTL=128". If you get the message "Request timed out." then things are not configured correctly yet.
If things are not working out, then ping the IP address of the computer itself. So sit behind 192.168.0.1 and do "ping 192.168.0.1". If it turns out you cannot even ping the local IP address, then the communication between the PC and the network card does not work yet. In this case you do not have a networking problem, but an incorrect driver installed or an IRQ of I/O address conflict. Or you did not stick the card deep enough into the expansion slot... Focus on that first. Do this test for every network card that you have. Below is an example of a successful ping, please don't mind the different IP address.
4. Public versus private IP address
I just adviced you to use IP addresses 192.168.0.1 and so forth. It is important to understand that you cannot give your computers just any odd IP address. This is because there should never be two computers with the same IP address on a network. Suppose there are two computers with the same IP address and one sends out a network request, to which computer should the answer be routed? Do you see how problems can arise there?
There are several ranges of IP addresses that have been reserved by IANA for private use. It was agreed that these IP addresses will not be used on Internet. The IP addresses are:
10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.0
The above IP addresses are called private addresses and can be used to build private networks. Addresses used on Internet are called public addresses. If you are using private IP addresses for your home network how can you communicate with computers on Internet? This is done by using Network Address Translation (NAT).
5. Network Address Translation (NAT)
Programs like WinRoute can do NAT for you. With your ADSL line you have received one public IP address from your Internet access provider. This public IP address is associated with your ADSL network card on your ADSL computer. Let's see what happens when you sit behind your ADSL computer and request a web page. The network request is sent onto Internet, the request is a data packet that also contains from which IP address the request has come (source IP address). This is necessary, because the answer from the web server needs to be returned to the source IP address.
Suppose the network request comes from a computer on your home network, then the source IP address is actually a private address. WinRoute will receive the network request (remember WinRoute will sit between your home network and Internet) and replace the source IP address by the IP address you received from your provider. Then the network request gets send onto Internet. When the answer comes back, WinRoute will send it to the computer on the home network. In short: WinRoute will translate private network addresses in a public network address so the requests can be fulfilled.
6. Using your home network
Now this is really cool, you've got your own network. But how do you use your network?? Well, you need network capable applications. Ping is actually one of them, but pinging other computers all day long is not much fun. It is outside the scope of this document to cover how you can use your home network. I will just mention some uses: if you use Windows you can enable Windows file and printer sharing. Then share folders or a printer. This allows you to access files or a printer over your network. Don't enable file and printer sharing on your ADSL computer, this is a security risk.
You can also install a little web server and place a web site. Suppose you have your web server on 192.168.0.3, then you would do http://192.168.0.3 to access the site. If you go to Tucows you can find all kinds of neat servers. You can also install Linux and stick your Linux server in your network. If you do this you can also use telnet and FTP. These server applications cannot be accessed from Internet. To give Internet users access, you need to do some extra configuration in WinRoute.
7. Establishing your ADSL connection
How you should set up your ADSL connection you will find in the documentation that you receive with your ADSL adapter. Go through the entire installation process as if there were no home network connected to your ADSL computer. Once you installed ADSL you should be able to use Internet from your ADSL computer. You cannot yet, at this point, use it from the other computer(s).
Here is some background information about what actually happens when you use ADSL (Asymmetric Digital Subscriber Line). When you use a dial-up connection to access the Internet then KPN sets up a connection between your modem and a modem from your Internet access provider. Your data will go over the phoneline like if it were sound. With ADSL data is transmitted digitally. Asymmetric means that you can download more than you can upload. This is not because your provider tries to keep you from setting up a web server. It is a design decision that was made when ADSL was developped. Most people just want to download more then they want to upload. A downstream ADSL connection can be up 8 Mbps and an upstream connection up to 1 Mbps, this depends on line length and other line conditions.
As with modems, ADSL adapters also come in pairs. The other adapter is at your local KPN telephone exchange. The ADSL adapter on the other end is connected to a network much like your own home network. KNP then connects you to the network of your Internet access provider, there you are routed to the Internet.
The DSL Forum has a lot more interesting information on ADSL: http://www.dslforum.org.
8. Virtual Private Networking (VPN)
You will have noticed that you needed to use "Virtual Private Network" during the ADSL installation. If you are interested, this paragraph provides you with an explanation of VPN. VPN means virtual private networking. Consider the following situation: you have an office in Almelo (The Netherlands) and one in Everett (USA). You could lease a line between Almelo and Everett and use that for your communication needs. However, this is really expensive. Okay, you could send it over the Internet, if both offices have Internet access. The problem here is that Internet is a public network and therefore not secure. The solution is to encrypt the data before it is send onto Internet and to decrypt it on the other side. The data will still flow over Internet, but it will be so mingled up that no hacker can decipher it. So, now you have a virtual private line. You should see VPN communication in terms of a tunnel: each office has a appliance that will do encryption/decryption and between the two appliances there is a tunnel.
In the case with Mxstream your ADSL computer works as one of the two encryption/decryption appliances. However, the encryprion/decryption is done using software and not with special hardware. This is why you had to enable the Windows component "Virtual Private Networking". The "appliance" on the other end is your ADSL adapter. So the communication over ethernet cable between your ADSL computer and the ADSL adapter is very secure... Is it so important to make the communication through that cable so secure? The answer is: no, not at all. KPN had another reason for enabling the VPN. The ADSL adapter that is used is the Speed Touch Home from Alcatel. This adapter can function in two modes: Bridging and PPP-to-PPTP Relay, the second one uses VPN. KPN is using PPP-to-PPTP Relay mainly because this allows user authentication. Then the can direct your connection to your own Internet access provider.
A consequence is that the ADSL network card has actually two IP addresses associated with it: one for IP communication and one for VPN communication. When you do "winipcfg" in a DOS box on your ADSL computer, you will see three IP addresses: your inside IP address (192.168.0.1), your ADSL IP address (10.0.0.150) and the VPN IP address. The last IP address is associated with a virtual network card called "PPP Adapter". This last IP address is actually the address you received from your Internet access provider. You may want to write down this address. If you would install a web server in the future, the web site would be available on this IP address.
9. Installing WinRoute Pro
This page assumes you are working with WinRoute Pro version 4.1. WinRoute can be obtained from Kerio Technologies, a five user licence costs about 150 US dollars. Install WinRoute only after you have installed working connections to your home network and Internet using your ADSL line. This because WinRoute will find out what connections you have and then configure itself.
After the installation, start the WinRoute Administration. Make sure you keep all the settings default, other then the settings listed below. Of course, if you know what you are doing then you can fine tune more.
This setup is without using DHCP (Dynamic Host Configuration Protocol). DHCP automatically allots an IP number and other essential information to a computer that joins a network. In order to use this service, the computer has to be configured as a "DHCP client". This is really easy to do. We do not use DHCP, because then your network can also function without WinRoute. Besides, a really simple network like this does not need DHCP. You can combine DHCP and fixed IP addresses, just make sure that the fixed IP addresses are outside the DHCP range and that all computers (those with fixed IP addresses and the DCHP clients) have the same subnetmask. If you use DHCP you will need to turn this on in WinRoute, by default it is turned off. If you use DHCP, then WinRoute must be running at the moment a computer on your home network boots.
- Enter an administrator password and write down the password. You can enter an admin password at "Settings", "Accounts...", "Edit...".
- NAT needs to be enabled. However, WinRoute is already turning on the
NAT by default. WinRoute will do NAT on a RAS (Remote Access Service)
connection. In the context of WinRoute RAS refers to an ADSL or dail-up
connection. This is exactly what we want. You will need to associate
your ADSL connection with the RAS connection (line 1). Select Setting
and then "Interface Table...". Select "line1", click "Properties..." and
go to the RAS tab. Select behind "RAS entry:" Mxstream, or however you
have called you ADSL connection. When you now close with OK, then
Mxstream (or your connection name) should appear behind "line1" in the
"Interfaces/NAT" window. See the picture.
- Stop WinRoute disconnecting and connecting the ADSL connection.
There is not need to disconnect the ADSL connection, because you pay a
flat monthly rate no matter how much connected you are. Make sure you
have "Reconnect on line failure" checked. Go to "Settings" and then
"Interface Table...", select the medium "RAS..." and click on
"Properties". Click on the tab "RAS" and set "Connection" to Manual and
turn off the options "Hang up if idle for" and "Redial when busy".
Enable "Reconnect on line failure".
- The default setting is that WinRoute will do DNS forwarding. This
means that the computers on the home network can ask WinRoute to
translate hostnames into IP addresses. If WinRoute does not know, it
will forward the query to other DNS servers. It is essential that you
leave this enabled.
- It is possible to install a modem or ISDN adapter in your ADSL computer, as a fallback in case your ADSL connection does not work. You do need to manually change the WinRoute configuration to activate the fallback, but the advantage is that you do not need the configuration of any of your client computers. Install your modem or ISDN adapter and your driver. Open WinRoute Administration and go to "Settings", "Advanced", "Interface Maintenance...". Click "add" to add another RAS interface and close the window. Now go the "Settings", "Interface Table..." and click on the new RAS interface and select "Properties...". On the tab "RAS" associate your dail-up connection with the RAS interface. Also, set "Connection" to Manual and turn off the options "Hang up if idle for" and "Redial when busy". If the ADSL connection fails, then disconnect your ADSL connection and connect your dail-up connection.
- You can remotely administer WinRoute by copying WrAdmin.exe to another computer and executing it there.
- WinRoute can also be turned off through a web interface. You should disable this feature, because otherwise anyone who connects to the web interface can turn off your WinRoute. Go to "Settings", "Advanced", "Remote Administration..." and disable "Enable Web-Admin interface on port".
- It is good policy to not run any other applications on your ADSL computer, this will minimize the possibility of problems. You will become more and more dependent on this gateway to Internet and you will be unhappy if it fails.
10. The HTTP proxy of WinRoute
WinRoute also has a build-in HTTP proxy server. With NAT your web browser (or other Internet application) on the home network does not notice that NAT is being used. With a proxy server, you have to tell the browser to pass the network request to the proxy server. The proxy server will then retrieve the needed information from Internet and return it to the application. Thus, the proxy server is the endpoint for each HTTP connection.
When you use a proxy server all the URL's that are being requested from your home network are being logged. This can be useful when you have kids that need parental control. You should probably tell them that web surfing is being logged. Another reason for using the proxy server could be caching. Caching means that files that were retreived from Internet are re-used, provided they did not change. For example, take the Altavista logo, it hardly ever changes. So, why retrieve it from the Internet every time? Actually, your own browser does caching too, so proxy caching is only useful when you have more browsers that share the same ADSL connection.
When you use a proxy server, you have to provide your browser with the IP address and port number of the proxy server. In our situation this is 192.168.0.1, port 3128.
11. Using your new Internet connection
You can do fun stuff now. You can do web surfing as much as you want, you can do chatting. Online gaming. You can put up a webcam and do teleconferencing. You can also install Internet phone and make free (international) calls with other people who also have Internet access.
You can set up a web server and make your own web site available a web site. If you install your web server on a Unix operating system then you can see the accesses in real time with "tail -f webserver.log".
You can also share your Internet access with neighbours and share the costs. With Mxstream this is allowed, but keep an eye on the amount of data that is retrieved. If you share your network with neighbours you should be aware they can do packet sniffing and potentially look at all the data that goes over your home network. This is a big security issue. This is resolved by puttng another network card in your ADSL computer and putting your neighbours on their one network. Obviousy, this is a different topic all together.
No comments:
Post a Comment