ePlace
Home
Problems
Solutions
- Sample Setup
- Wingate Security
- Local Security
- Applications
- Line Tests
- Security Tests
- Wingate 3.0 FAQ
- Wingate 4 FAQ
Links
Forums
Add Your URL
Disclaimer

Other Languages

email

Problems

The information provided at "Solutions" on this site deals with the various problems described below. 

  • 1.   The Beginning.  The cable modem ISP nstalled their cable modem service at our site.  Installers spliced the TV cable, connected it to a Com21 cable modem and attached the modem to a hub used by an in-house LAN.  An uninstalled NIC was also provided.  The browser connection properties were set to values specified in the ISP's Quick Start Sheet.  Internet access worked fine and it was thought that all installation problems were solved. 
  • 2.   Surprise 1:  LAN inoperable.  It didn't take long to discover that the LAN was no longer operating properly.  When queried, ISP support indicated a proxy server was required and that they didn't support that.  A proxy server was obtained and installed, but the LAN and cable modem would still not operate correctly.
  • 3.   Surprise 2.  LAN hub cannot be used for cable modem.  After searching internet information it was discovered that connecting the cable modem to the hub was the cause of network failure.  2 NIC cards were required in the machine that accessed the cable modem and used the proxy server -- one connected to the modem, the other to the in-house network hub.  A second NIC was installed and proper operability of internet access via the cable modem as well as in-house LAN access was available to all network clients. (Note:  A 2-PC LAN does not require a hub; 2 NICs for the PC with the cable modem are still required..)
  • 4.   Surprise 3.  LAN Client Security problem.  While testing the 2-NIC system configuration, the screen for  Neighborhood Network > Entire Network > Microsoft Windows Network  was checked.   This dialog contained unexpected entries for several dozen unknown domains/workgroups.  On checking out some of these, it was found some of these strange computer systems had accessible LANs.  Some used password access but others were wide open with full file read/write access to everything. This led to the conclusion that the in-housel LAN was also unprotected.  The ISP had no support or advice for this issue.  Solutions that prevented external access to the in-house LAN were eventually found, but these did not protect the PC connected to the cable modem. 
  • 5.  Surprise 4.  LAN Server Security Problem. 
    • It was determined that the ISP network security problem, namely, visibility and ability to access other unprotected users on the ISP network, can occur
      • with or without an in-house LAN and
      • with or without a Proxy Server unless special precautions are taken.
    • It was concluded that the local server connected to the cable modem was vulnerable although in-house LAN clients were protected by the proxy server.
    • Some cable modem users of other ISP cable modem services report that the ISP suppresses the visibility of user domains on the Neighborhood Network, but this suppression is not provided by many cable modem ISPs.
    • Suppressed visibility is not the case with our cable ISP.

Solution of these problems required

  • Installing a second network interface card.
  • Installing a proxy server which
    • Enables correct operation of the in-house LAN and cable modem.
    • Enables Internet access via the cable modem for all in-house LAN clients.
    • Provides a security firewall for client PCs but not for the PC connected to the cable modem.
  • An overhaul of network default properties to secure the PC connected to the cable modem. 
  • Problems and solutions will vary depending on user and ISP hardware and software configurations.  No solution is universal.

Last Updated July 29, 2002 10:21:53 PM