ICS w/ a Wireless router and laptop from work

[Guest]

Hi, here is what I am trying to accomplish.

PC 1 - has a nic connected to wireless router and dialup access to the
internet (XP Pro)
PC 2 - has a wireless connection to the router and is joined to 2003 AD
domain at work

Question 1 - I'm pretty sure I've read that all machines must be joined to
the same workgroup before ICS will work in this configuration...true? If
this is the case then the laptop would need to be disjoined from the AD work
domain, joined to the local workgroup and vice versa when switching between
the home network and the network at work...right? (not really feasible)
Question 2 - With ICS configured and working as it should would it allow
file sharing between PCs or does it simply share the Internet connction?

Question 3 - Since the laptop is joined to the work domain and it really
isn't feasable to switching between workgroups and domains (assuming this
true) then does anyone have any other suggestions on how I can give the
laptop wireless access to the internet via the dialup connection?

Thanks

 

[Chuck]

Hi, here is what I am trying to accomplish.

PC 1 - has a nic connected to wireless router and dialup access to the
internet (XP Pro)
PC 2 - has a wireless connection to the router and is joined to 2003 AD
domain at work

Question 1 - I'm pretty sure I've read that all machines must be joined to
the same workgroup before ICS will work in this configuration...true? If
this is the case then the laptop would need to be disjoined from the AD work
domain, joined to the local workgroup and vice versa when switching between
the home network and the network at work...right? (not really feasible)
Question 2 - With ICS configured and working as it should would it allow
file sharing between PCs or does it simply share the Internet connction?

Question 3 - Since the laptop is joined to the work domain and it really
isn't feasable to switching between workgroups and domains (assuming this
true) then does anyone have any other suggestions on how I can give the
laptop wireless access to the internet via the dialup connection?

Thanks

ICS includes a DHCP server, which provides IP settings to an ICS client when the
client is setup for DHCP. This affects network connectivity between the ICS
server and client.

Other than affecting network connectivity, ICS is not related to file sharing.

Workgroups aren't related to file sharing either. Workgroup membership simply
determines what computers are initially displayed in Network Neighborhood / My
Network Places. You can share files between computers in different workgroups,
or domains.

1) False.

2) False. ICS does not allow file sharing. ICS provides settings that may
affect file sharing (network connectivity is required for file sharing to work).
True. ICS simply shares the internet connection.

3) This is not an issue. Your laptop can remain a member of a domain, and
access resources on your home LAN. If the work environment uses DHCP also,
moving between the work and home LANs should provide transparent internet
connectivity.

--
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
My email is AT DOT
actual address pchuck sonic net.

 

[Guest]

Excellent, thank you for your reply Chuck.
So then in theory the configuration I mentioned above "should" work. What
about VPN, I'm reading that if VPN is used on the host machine then ICS will
be disabled, what about if the user uses VPN on the laptop to connect through
the wireless router to the gateway PC and finally through the modem to the
internet...this should all work in theory? What about latency do you think
this will be a big issue since it is a 56k connection being passed through a
PC and wireless router?

Thanks again for the insight you provided.

SC

 

[Chuck]

Excellent, thank you for your reply Chuck.
So then in theory the configuration I mentioned above "should" work. What
about VPN, I'm reading that if VPN is used on the host machine then ICS will
be disabled, what about if the user uses VPN on the laptop to connect through
the wireless router to the gateway PC and finally through the modem to the
internet...this should all work in theory? What about latency do you think
this will be a big issue since it is a 56k connection being passed through a
PC and wireless router?

Thanks again for the insight you provided.

SC

Glad to help. ICS is simple (relatively anyway). VPN, OTOH, is another story.
Are you talking about VPN thru dialup?

I'v never heard about dialup VPN. I know VPN is router sensitive, that is, only
NAT routers specifically designed for VPN Passthru will work with it. ICS being
a software based NAT router, you may be right and ICS may have to be disabled
for VPN to work, and then only on the ICS server.

Then you have to get a VPN Endpoint working on the ICS server.

I'd normally recommend a PPP compatible NAT router (ICS sucks IMHO), but I don't
know of any such that provide VPN Passthru.

Dialup being slow enough, I'd think adding VPN on top of it would make it
excruciatingly so. I would ask for RAS access to your work network, if they
still use RAS. If you have to dialup, see if you can dialup directly to your
work network, instead of dialing to the internet.

This sounds like a lot of fun (well fun for me, but you have to do all the
work). Email me if you like, I'll help you however I can on this.

--
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
My email is AT DOT
actual address pchuck sonic net.

 

[Guest]

Hi Chuck,

I'm sorry, you are correct the Dial-up is RAS not VPN. We generally use VPN
but obviously in this case it's Dial-up/RAS which does connect directly to
the network. I think I'm going to try and setup an environment to test this
today. I can pretty much duplicate the intended environment minus the
wireless router. If the concept works without the wireless router then I
think it should work with the wireless router although there might be added
latency right.
I'll let you know how it goes, thanks again for you insight.

SC

 

[Chuck]

Hi Chuck,

I'm sorry, you are correct the Dial-up is RAS not VPN. We generally use VPN
but obviously in this case it's Dial-up/RAS which does connect directly to
the network. I think I'm going to try and setup an environment to test this
today. I can pretty much duplicate the intended environment minus the
wireless router. If the concept works without the wireless router then I
think it should work with the wireless router although there might be added
latency right.
I'll let you know how it goes, thanks again for you insight.

SC

Kewl. RAS thru a NAT router. Should be doable - RAS (aka DUN - DialUp
Networking) clients are PPP compatible, that's what DUN / RAS is by definition.
If the entire login is part of RAS, and doesn't require any direct involvement
(external scripts), by you, anyway.

If you're looking to use a RAS server as your ISP, that might be doable,
assuming that it doesn't violate any Corporate Security Policies of your
employer.

With two computers sharing the dialup line (and that is where the bottleneck
will be), you'll IMHO not find it much worse than with just one computer dialed
in directly. I'm not betting it will be any fun though.

Please do let me know how this goes.

--
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
My email is AT DOT
actual address pchuck sonic net.

 

[Chuck]

Hi Chuck,

I'm sorry, you are correct the Dial-up is RAS not VPN. We generally use VPN
but obviously in this case it's Dial-up/RAS which does connect directly to
the network. I think I'm going to try and setup an environment to test this
today. I can pretty much duplicate the intended environment minus the
wireless router. If the concept works without the wireless router then I
think it should work with the wireless router although there might be added
latency right.
I'll let you know how it goes, thanks again for you insight.

I'll bet more than even odds that the latency introduced by a wireless router
will be negligible compared to the latency (slowness) of dialup.

You will need a dialup compatible wireless router, or a dialup compatible wired
router plus a WAP of your choice (I'd go for the latter IIWY). But you could
get rid of ICS.

Netgear FR328S (wired):
<http://www.netgear.com/products/details/FR328S.php>

Netgear FWG114P (wireless):
<http://www.netgear.com/products/details/FWG114P.php>

SMC SMC7004ABR (wired):
<http://www.smc.com/index.cfm?event=viewProduct&localeCode=EN_USA&pid=858>

SMC SMC7004AWBR (wireless):
<http://www.smc.com/index.cfm?event=viewProduct&localeCode=EN_USA&pid=881>

USR USR8000A (wired):
<http://www.usr.com/products/networking/router-product.asp?sku=USR8000A>

USR USR8022 (wireless):
<http://www.usr.com/products/networking/router-product.asp?sku=USR8022>

All products will require an external modem of your choice. As some previously
have discovered, a WinModem will not suffice.

And, BTW, several of the above do support VPN Passthru, for your future needs.

--
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
My email is AT DOT
actual address pchuck sonic net.

 

[Guest]

Hi Chuck,

So between a coworker of mine and I we were able to get this configuration
running with a few exceptions. VPN would not work through the ICS because of
an internally configured personal firewall, but we were able to provide
wireless web access and access to email. Thanks for all you help/suggestions.

SC

 

[Chuck]

Hi Chuck,

So between a coworker of mine and I we were able to get this configuration
running with a few exceptions. VPN would not work through the ICS because of
an internally configured personal firewall, but we were able to provide
wireless web access and access to email. Thanks for all you help/suggestions.

Is this VPN now, or are we talking about RAS again?

I'd have my doubt about ICS and VPN, too. That would be just more justification
to get a NAT router, and add a WAP.

Thanks for updating us. Stay safe.

--
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
My email is AT DOT
actual address pchuck sonic net

 

[Guest]

We were trying to implement VPN through an independent ISP DUN ICS connection
but the VPN aspect of it failed to work do to firewall integration
limitations on the client....does that make sense? Basically the VPN part of
it was not going to work do to implementation restrictions but we were able
to get general internet access up and running via the ICS/DUN connection.
This at least provides the ability to check webmail via the wireless
connection.

Thanks again.