Jump to content
|Topic||Stats||Last action by|
|Threw my back out?||
|Increase in 'One-Day Wonder' websites help disguise malware||
|PS4 and Xbox One resolution / frame rate discussion||
|Windows 9 and Windows 365 expected to See The Light Of Day||
Posted 11 March 2013 - 21:35
Posted 13 March 2013 - 08:22
Ok this http://www.tp-link.c...odel=TD-W8951ND is a ADSL2+ modem/router, ie gateway type device. I would doublecheck that its in bridge mode. If I had to guess its doing nat, is the wireless of this device being used?
I can confirm you just using this:
So can we verify the full model number on your zyxel? I can not seem to find any manuals for it, a quick google shows some reviews and such - but they are from 2002? Is that right? If your device is from 2002.. I would put it first on the list as needing a refresh!! If it is from 2002, even if fully functional - what would happen on failure, what is the backup plan. Does it have a support contract on it? Response time? I would also be concerned with even being able to handle your internet connection? There has been some real increases in performance since 2002 and internet speeds
Yes, anyone can access this camera. This is not a problem and/or limitation.
As to the dir-600, AP tied plugged into what, one of your switches, w8951nd? If your not isolating your networks via nat, segment/vlan then anyone on your network could access this camera.. So not clear on why wpa2 for that and just wep for your other wireless? How your wireless ties into your network should be of major concern!! Really it should because if its not isolated from your wired network, anyone accessing the wireless has full access into your network. I would really move this up your list of concerns. If not of required use, then SHUT it down until you can correctly secure it or isolated it from your other systems.
Yes they are in the same rack. I dont know if its the main or not but I can confirm that it is as is "out-of-the-box"; eg, no configuration was made to this switch. Simply plugged in and thats it. If so, it would act as a normal switch, correct?
So your 1016D is just dumb gig switch, but your 1100-24 is a smart switch, so it does have some features like bandwidth control, vlans, qos, etc. So I would hope this is core switch and then your 1016d is just access switch - maybe in a closet somewhere - but sounds like in the same rack? So do you have any other switches anywhere else in the building, or just these 2 that everything is connected to?
Analog only. No VoIP/SIP.
As to the KX-NCP500XNE yeah that is phone system, are you only analog phones or are you doing voip/sip? If doing voip is that traffic isolated from your other network traffic? That could be an issue - need to see the drawing to how this ties into the network. As to Panasonic KX-NCP0158CE, show that as a 8 Channel IP DECT Cell Station (VOIP) - again how is this tied into the network, is this traffic isolated?
Upon further inspection, I can confirm that this is the AP for our main wireless network: We connect to this AP to navigate internet thru our phones/tablets/etc. It is with WEP and MAC filtered. Its the same network: Our network is 192.168.100.x/24
As to the SL3054CB3, yeah that could be a AP, a bridge or repeater - so really need to understand how that is configured and connected into your network as well.
Ill have until Friday to do true inventory sorry
This a start, we got some model numbers now. And know some of the technology we are working with. Now need to just get some details of how everything is connected, ip space, vlans? double nat on that w8951nd to your zyxel??
There is something that has caught my eye which I dont really understand why this decision. Maybe you can clear it up: I believe the DHCP server is the ZyXel BUT the PCS on the domain, are assigned their IP via MAC address by the DC. Why wouldnt the DC the DHCP server?
Info wold be looking for is IPs, Number of computers, Servers - where these devices connect to, for example the phone stuff - really worried about running this bandwidth over your current switches. What is the dhcp server? Dns? Is that handled by the zyxel? What its IP? What is the network in use?
Posted 13 March 2013 - 12:08
Posted 13 March 2013 - 21:03
Edited by AOXOMOXOA, 13 March 2013 - 21:05.
Posted 13 March 2013 - 21:56
Posted 13 March 2013 - 23:02
On the WAN side, its my public IP.
"The reason is that I cannot access it directly thru a IP AFAIK."
What??? That does not tell you its in bridge mode -- what IP do you have on the wan of your zyxel
Which is the zyxel...
Normally a DC would be the dhcp server - just look on any dhcp client and do a ipconfig /all and it will tell you the IP address its dhcp server.
Yes, the IP is indeed the gateway....
And CHECK the IP address on your zyxel - I doubt that gateway is in bridge mode to be honest.
Posted 13 March 2013 - 23:13
Posted 14 March 2013 - 01:08
Posted 14 March 2013 - 03:24
Posted 14 March 2013 - 09:31
Even if it is incorrect, is it possible?
"Why wouldnt the DC the DHCP server?"
"BUT the PCS on the domain, are assigned their IP via MAC address by the DC"
So your saying the dhcp server is the zyxel - but then you say the IPs are assigned vis mac by the DC -- so your mistaken there somewhere.
Then another step would be that: Make the DC the DHCP server. Ive played around with it but have never done it in a production system but I imagine it wouldnt be hard....
I agree in AD, there would be NO reason for the DC not to be the dhcp server. And actually should be since it helps in identification of members being registered in dns, etc.
Posted 14 March 2013 - 09:37
Posted 14 March 2013 - 11:42
Posted 14 March 2013 - 12:41
you don't need a firewall class router. your router with nat firewall will be fine.
I want to repeat that part about small office Someone suggested a Dell SonicWALL TZ 205 and at 1000€s that is WAY over the top.
Posted 14 March 2013 - 13:57
Posted 14 March 2013 - 21:47
Please remember BudMan I did NOT build this network nor from scratch nor from anything; This is the first time they have asked me to look at it. My primary DNS address is the AD
Well how does that make sense - if you show the dhcp disaabled. Then no its not your dhcp server.
Post an ipconfig /all of your one of your dhcp clients. Also you should NOT be handing out 220.127.116.11 as dns if your boxes are members of AD.. In AD - YOU ONLY point to the AD DNS - PERIOD! This dns then forwards for unknowns.
OK, Ill get you that information tommorow. Like I said, I think (I have a big plate of TODO on my list) I can get you equipment inventory. Do you need EXACT things or for standard PCs will a "desktop PC" be enough?
So lets see ipconfig /all
Then I ping the dhcp server listed there, and I want to see the arp table
arp -a to see the mac of that IP your showing as dhcp server.
We are about 10 in the office (at days, less than 5), no outbound connections coming in.
If you only have like 20-30 users, I would prob say the
ZyWALL USG 200/100/50/20W/20
line is good, if you want vpn access for your users prob go with the 50 or 100 model, if not then 20 prob work. Think that only runs about $150 so more in your ballpark? And then prob replace your wireless stuff with zyxel AP as well.
Lets get some numbers of devices and how everything is connected. I don't buy your zyxel is the dhcp server even when it shows disabled. And you put that wireless gateway in front of your firewall in bridge mode -- so the wireless is disabled? You posted up screen shot of your zyxel lan and dhcp server - could you post the wan side of that, you can black out the last couple of octets.
Why would you be using a adsl wireless gateway just to put it into bridge mode?
Also in sizing your firewall uplift, how much is your current bandwidth from your isp?