Network: Internet connection sharing
Shared Internet access solutions enable a single ISP account to be shared among many users, these offer a cost-effective method of connecting networked computers to the Internet.
Software solutions . W98se, Me, W2K and XP include Internet Connection Sharing (ICS), a Network Address Translation (NAT) utility that can translate for five simultaneous LAN clients. Networks that require more simultaneous connections and W95 or W98 users will need a third party NAT utility such as NAT32 to share a single Internet connection. The information below was derived from a static DSL
connection on W98se. Many new DSL
accounts are configured with a dynamic connection with the PPPoE
protocol. This site addresses some issues faced with sharing
over PPPoE. ICS
on Windows XP is easier to configure but lacks some of the flexibility
of the earlier versions. Practically Networked has more information
on Windows
XP Internet Connection Sharing. |
|
| |
|
ICS Gateway Configuration & Network Installation |
ICS installation begins by selecting one computer as the ICS gateway. This computer will be connected to both the local network and to the Internet, either through Dial-Up or a network adapter connected to a broadband modem. In the figure below Client1n is the Internet gateway for a small LAN. 
The ICS Gateway computer is connected to both the Internet and the LAN. Verify that both network adapters are installed and functioning properly in the candidate gateway. If you are using dial-up Internet access, make sure that the Dial-Up Adapter is installed, configured, and tested and that a DUN connectoid exists and is in working order before you install ICS. InstallationICS must be installed on the gateway computer. Open the Add/Remove Programs control panel and select the Windows Setup tab. Scroll down until you see the Internet Tools item and click Details ... Check the Internet Connection Sharing checkbox and click OK twice. You will be asked to insert the Win98SE CD and then click OK. If Windows asks if you want to keep newer versions of some files, click the Yes button. ICS WizardIf the Wizard doesn't start automatically during ICS installation, then start the ICS Wizard by opening the Control Panel > Internet Options applet to the Connections tab and pressing the Sharing.. button. The ICS Wizard asks you to select your exterior (Internet) adapter and whether you want to create a Client disk. The Client disk configures the clients to use DHCP, installs network printers for all printers found on the ICS gateway, and sets an important browser parameter. You may delete the shared printers later if you prefer. Some people prefer to configure clients manually instead of using the ICS client configuration disk. If you are using PPP over Ethernet (PPPoE), choose the Dial-Up option in ICS Setup. See Bob Carrick's web pages and Windows PPPoE FAQ for more information on PPPoE. After installation, you may switch selected adapters and enable/disable ICS from the Internet Options control panel Connections tab or from the System Tray icon. 
The Internet Connection Sharing dialog box. Gateway ConfigurationAfter installation, the resulting ICS gateway configuration is shown below. An ICS adapter has been added to the existing Kingston adapter for external data and the Netgear adapter for LAN data. The ICS protocol has been added and bound to the three adapters and TCP/IP has been bound to ICS. 
The Connection tab of the Network dialog box. Configuration utilitiesSeveral utility programs provide tools to modify ICS configuration parameters. They allow you to configure port access, create new port mappings and forward incoming connections to interior systems. One popular utility, ICS Configuration, is available at Practically Networked. |
| |
|
IP Address Assignment |
TCP/IP, the Internet protocol, uses IP addresses to identify network clients. The addresses can be assigned dynamically when clients sign on to the network or can be configured statically like the Computer Name used by NetBEUI. Dynamic assignment offers several advantages for large installations. For small networks, static IP addressing's advantages include faster bootup, improved network security, compatibility with network devices that require static addresses, and the ability to identify clients by their IP addresses. IP addresses consist of four octets. IP addresses 192.168.0.xxx are a block of 256 Class C addresses reserved for private Internets. The first three octets specify the NetID and the fourth is the ComputerID. The LAN adapter of the NAT gateway should be at 192.168.0.1 with subnet mask 255.255.255.0. The client HostID's are derived from their hub and port number with the same convention used for Computer Names. (Note: NAT 32 uses the subnet 192.168.1.0 with subnet mask 255.255.255.0. NAT 32 addresses the interior adapter of the NAT 32 gateway with IP address 192.168.1.100.) The figure at the top of the page shows the recommended relationship between IP addresses and the recommended Computer Names for ICS. In this instance Client1n is the ICS host. The first 15 ComputerID's, 1-15, are reserved for network devices. Thereafter each hub is allotted 16 ComputerID's starting at 16 for hub 1, 32 for hub 2, etc. where Clienthp'sComputerID is equal to 16*hub# + port#. By default ICS provides dynamic host configuration protocol (DHCP) services that support dynamic IP addresses. This must be disabled before static IP addresses can be assigned. To disable DHCP services on the ICS Host, install the Dhcp_off.inf file located in the Tools\Mtsutil\ICS folder on the Windows 98se CD-ROM. To do so, right-click the Dhcp_off.inf file and click Install. Restart the computer after installing this file. |
| |
|
Client Configuration |
Some people prefer to configure clients manually instead of using the ICS client configuration disk. The TCP/IP protocol must be installed on each client that will access the Internet, NetBEUI is used for LAN data. 
The Configuration tab of the Network dialog box. If DHCP is disabled the address of the computer running ICS must be set statically for all clients in TCP/IP properties using the Network tool in Control Panel. For the ICS subnet, Class C IP addresses are 192.168.0.computerid where computerid = 16*hub# + port#. In the screen capture below Client11 is assigned the IP Address 192.168.0.17. The subnet specify's which portion of the IP address is used for the network ID and which portion designates a computer on the network. 
The IP Address tab of the TCP/IP Properties dialog box. WINS Resolution is disabled with static addressing. 
The WINS Configuration tab of the TCP/IP Properties dialog box. The ICS host is at 192.168.0.1. 
The Gateway tab of the TCP/IP Properties dialog box. Clients resolve Internet domain names to IP addresses, e.g. familysearch.org -> 32.96.111.5, via a domain name server (DNS). DNS service is provided by your ISP, ours provides primary and secondary DNS hosts. 
The DNS Configuration tab of the TCP/IP Properties dialog box. NetBIOS over TCP/IP should be disabled. 
The NetBIOS tab of the TCP/IP Properties dialog box. In the Advanced tab, verify that TCP/IP is not the default protocol. 
The Advanced tab of the TCP/IP Properties dialog box. The Bindings tab shows which services use the TCP/IP protocol. File and printer sharing and the client for microsoft networks should not be bound to TCP/IP. 
The Bindings tab of the TCP/IP Properties dialog box. TCP/IP and NetBEUI should be bound to the LAN adapter. 
The Bindings tab of the Ethernet Adapter Properties dialog box. Binding Tree
Binding Tree showing TCP/IP bound to the Local Network Adapter but not to the Client for Microsoft Networks. The TCP receive window size (aka. DefaultRCVWindow)
can be optimized on each client for DSL
with the tcprw32k.reg registry update. More details on this modification
and other DSL
configuration options are at Navas
Cable Modem/ DSL Tuning Guide. |
| |
|
Winipcfg |
The Windows IP Configuration utility can be used to display TCP/IP configuration parameters. Enter Run > winipcfg and click the More Info» button to open the window in the capture below. The client is at 192.168.0.19 and is connected to the ICS gateway at 192.168.0.1. The blank DHCP Server entry indicates that DHCP services have been disabled on the ICS host. 
The IP Configuration window showing current TCP/IP adapter parameters. |
| |
|
Security |
Many people view the Internet as a "one-way street", overlooking the fact that while their computer is connected to the Internet, the Internet is also connected to their computer. That means that anybody with Net access can potentially access resources on their computers. Firewalls can be placed between the user and the Internet to verify all traffic before allowing it to pass through. NAT automatically provides a degree of firewall-style protection because it only allows connections that originate on the inside network. For example, an internal client can connect to an outside FTP server, but an outside client will not be able to connect to an internal FTP server because it would have to originate the connection. It's always a good idea to perform a port scan to look for open ports after configuring an ICS host. Shields Up and Symantec Security Check are perhaps the most popular port scanning sites however more thorough port scans are provided by Hacker Wacker and Vulnerabilities.org. If open ports are detected you should attempt to close them on the Internet host. Additional information can be found in the protocol isolation section of the network security page. To add an additional level of security ZoneAlarm personal firewall can be installed on the ICS host. |
| |
|
Related Links |
There are a several helpful guides to installing and troubleshooting ICS online:
|
