Network cards set-up for a proxy PC

I'd like to set up a PC as a proxy between my cable modem and my router. Would someone please explain how the two NICs on the PC should be configured? My guess is as follows:

Ethernet NIC 1:
DHCP

Ethernet NIC 2:
192.168.1.1
255.255.255.0
gateway is public IP address given by ISP(?)
DNS is IP address of ISP DNS(?)

Thanks in advance

 

Not sure why you'd want to do that, but I'm thinking that it sounds about right. I may be totally wrong in that assumption. If you don't mind, and feel free to tell me it's none of my business, but why would you want to do that for? sounds like more trouble than it's worth, and if memory serves, depending on the router your using, you might be able to proxy through the router. Unless your trying to set up an internet free network, or an intranet I don't see the point

 

It's not for me, I'm asking for a friend. I would still like to know how this is done, if anyone can please answer my question, thanks. It's a good question for it's own sake.

 

That is the general idea.. funny I had to audit a Net+ class my company was giving to our techs and the instructor attempted to do something like this with 3 NICs, so the class would be 2 networks that used the one NIC for Internet... he failed..lol. I believe it was because he did set up routing correctly. Funnier, my boss told him I could fix it for him.. he gave up and put us all on a hub...

If your doing this just because, so be it... but if you want to actually route traffic through a PC look into smoothwall.org. A Linux based firewall/router you can boot from CD & runs on minimal requirements.
There was a windows based routing software, I cant recall the name but it is packaged with "4-Port 10/100 PCI Router Card RealTek RTL8139D" - google that.

What OS would you be trying this on anyways?????

 

Thanks for your reply and the link. It would be on an XP or 2K machine, although I've seen plenty of instructions on how to do this using Linux for example, http://www.grennan.com/Firewall-HOWTO.html#toc1 . There are plenty of reasons for setting up a proxy server like this. The last shop I worked in had one set up to monitor user web traffic, among other things.

 

May I ask why you want to do this? If it's for a firewall, that router does a pretty good job of hiding your computers totally behind it.

If for a firewall, then Smoothwall was a great suggestion. It is an OS fully by the way, not just a firewall you install on an os.

If for a firewall and you have a copy of server 2000 or 2003 and can get a copy of ISA (internet security and acceleration server) to load onto the main server OS, that will do.

You can also just use windows and internet connection sharing (ICS) for the proxy. All windows versions since 98SE have that. When you enable it and put in two nics, ICS turns on a mini dhcp server, nat translator, etc. and it becomes another router. It becomes a proxy server for a fact. You could put something like Zone Alarm on it, or a more complex firewall also if you want.

You hook one nic to the router and the other to a switch. Then all other computers hook to the switch.

On a proxy, the default gateway is the router's internal IP. That's easy to get - just look at the default gateway IP on any box that's attached to the router now and that's the router. The router is the gateway to the internet for the lan, thus "default gateway" in the same sense as "default printer."

Using that same IP for dns might work too by nat and forwarding, but I'd feel better with the isp's dns server's ip

The subnet mask will be the same as the default gateway and I'd give the proxy a static IP on its external (router) side, but within the same scope as the router leases. Post back the default gateway IP of a computer hooked to the router and I'll give you the numbers to assign. You listed some ips but didn't say for sure that they would match the router's scope.

 

NO!! I really blew it here. This is a major brain fade.

Yes you can use ICS, but not with a router. I'm embarassed... The ICS is the router and 2 routers will not share the same lan. Their job is to establish and protect the lan - they think it's "their" lan. Even if you turn off dhcp in the router, it will still get the IP from the isp and you need for the ICS box to get that. The ICS box will need to and will do the NAT translating. A router in the topology would block that.

You do, with ICS, have the option of installing a 3rd party software firewall of your choice and managing it which you can't do with a router.

ICS will still hide all of your other nodes behind it just as your router does. ICS is just a software router, and when a powered switch or a hub (please no hubs though, even though they "work") is connected to the interinal nic, you can share out the internet connection plus you can share files and printers. You hook the ICS's external nic to the broadband modem or if a dial-up modem, to the phone line.

The ICS box shouldn't contain any important data because it is the node that is visible to the internet. The other nodes behind it aren't visible. It should just be the firewall, as smoothwall or ISA would be....

Now I'll crawl back in my hole....