|
|
I think basic topography issues will determine what I can do here. But
here's what I have, and then what I need, what I think I can do, and
then my request for a severe beating...I mean, help with simply how to
get started. =)
We have a small business with about 10 WinXP (Home) PC's, a Mac, two
Fedora Core PC's and a FC fileserver.
These are all connected to one switch (without a sensing or span port).
And this is connected to the router/NAT/firewall provided by our
ISP/DSL providor for our business.
It's this NAT(?) that is giving the 192.168.1.* IP's and blocking ports
from the Internet side.
What I need to do, is insert a machine between the ISP's NAT and the
switch to
a) Be a VPN server to allow a remote employee access to file shares
internally
b) Be an IDS box with Snort to track and monitor traffic entering and
leaving the network.
What I first thought was that I could have this machine, RedHat 9 is
what it will have, to be a Primary Domain Controller, but since some
users are using WinXP Home, they can only workgroup.
So here's my question: Is it possible, for this RH 9 PC with two NICs
to be able to be between the ISP NAT and the switch? Allow the ISP NAT
to provide IP's (actually, I'm forcing the PC's to use static IP's, but
that's beside the point,) to itself and all other PC's, while still
monitoring traffic?
Maybe because it has to..."pass through"(?), it can't really be a
firewall, but monitoring? I gather the NIC on the NAT side will get an
IP from that NAT, but what about the NIC on the switch side? How does
that work?
CAN the PC be a NAT itself without having to be a PDC? Can the PC's on
the switch still get IP's from this new machine without it being a
domain?
Thanks for ANY advice, pointers...just looking for suggestions of where
to start looking and what to look for.
Thanks,
Liam
|
|