Connection from provider via PPoE. We have a Zyxel Keneetic Extra router. Also, the internal network range is not a standard 220.100.0.0 - 220.100.255.255. Active Directory based on Windows Server was also raised on the network. Zyxel shows the range for the local network 192.168.0.0 - 192.168.255.255

How best to distribute the local Internet network to users so that they have access to local servers on their workstations and at the same time access to the Internet without any restrictions on ports and protocols.

    2 answers 2

    Fix a bad localhost range for a decent and generally accepted 192.168.0.0 Otherwise, you will not have access to Japan in particular.

    In the router cut down DHCP. On the domain controller, organize DNS forwarding, configure DHCP correctly, so that the default gateway will give the address kinetics.

    • I will add a little explanation. In IPv4 networks, there is a clear separation between local and external addresses. Therefore, if you have more than one machine on the network, you should use ranges designed for local networks. This is partly due to security issues, as well as the non-illusory limited number of IPv4 addresses. More detail can be enlightened for example on Wikipedia: ru.wikipedia.org/wiki/… - ComBin
    • You can not change the range of the local network, because the network is large, more than 1000 workstations and a dozen servers. Your solution is more suitable for a small home network or office. - Antony
    • @antony 1. Network by mask / 16, this is 65534 computers. Are you a little? - gbg
    • I repeat once again, it’s not the number of computers, the fact is that you cannot change the range. - Antony
    • @Antony well then enjoy the rake. Do you have a static on a thousand cars? Get out of the profession! - gbg

    So, a day has passed and no one could answer how to solve this problem.

    As I wrote earlier that the network is large, nothing can be changed. And the problem is solved simply:

    1. We put an ordinary switch
    2. We start on it the Internet from a router
    3. To the switch we catch the router and one more computer for organizing an ISA proxy server (both are computers with two network players, one looks at the 192.168.0.1 network and the second one on the local network 220.100.0.0 - 220.100.255.255)
    4. We put an ISA client on clients and they are in the domain and in the Internet
    5. If someone from the local network needs direct access to the Internet, then we use a static IP with an indication of the router.

    Here is a cheap solution, at no additional cost and no shopping. And the most important thing is saving my time, for which the employer does not pay me extra.

    • one
      Of course it's easier to put 1000 clients than once to change the address range on the DHCP server :) - Sergey
    • Yes, and there are 1000 customers? In the Internet go through the terminal. Once I set up the terminal and that's it. - Antony
    • Normal switch, two computers and four network card to them in the garbage they found, if without additional costs and purchases? - Sergey
    • You will not believe it, but you can still find 2 computers and a network card in the dustbin, almost. ;) At least a little internet routing is enough. In any case, the enterprise scale is free. And all the more so much cheaper than transferring all of this to the correct addresses. - ComBin
    • For interfacing with the Internet of a single terminal, only 4 devices? Not enough to be! - Sergey