Using switch before router

[jamboy]

Hi,
I have a DSL modem to a sonic wall router then out to several computers. I want to be able to run one computer in front of the firewall to avoid a user from accessing RDC to a company server. My question is: Can I come from the modem to a multi port switch which will then go to the lone terminal and also the router? Will I be able to access the web from all terminals by doing this? If not how can I get web access to a terminal then put all the other terminals behind the firewall router?

 

[xco]

to answer your first question, yes i think you can do that since from what i gather the switch will basically route the traffic from your modem directly to that terminal while your router will receive the packets untouched, since it only past through a switch, and allows the other things on that network to get internet. Your router will pick up your lone terminal as well i think.

 

[riser]

No. You will not be able to run your router behind the switch.

Ideally what you want to do is set a static IP address on the computer you want in front of the firewall. Within your Router set the DMZ to point to that IP address. That will bypass the firewall portion of the router, thus putting it 'in front.' The switch should plug into the router and the computers connected to the switch. Have the DMZ configured computer connect directly to the router if you have a switch on it.

You can't use a switch in front of the router because your modem will supply you with a public IP address. Unless you purchase more that the typical 1 public IP address, only one computer will function - either your router (which uses a public IP address) or your computer. Purchasing 2 public IP addresses is the only way you will be able to put your switch in front of the router.

 

[xco]

No. You will not be able to run your router behind the switch.

Ideally what you want to do is set a static IP address on the computer you want in front of the firewall. Within your Router set the DMZ to point to that IP address. That will bypass the firewall portion of the router, thus putting it 'in front.' The switch should plug into the router and the computers connected to the switch. Have the DMZ configured computer connect directly to the router if you have a switch on it.

You can't use a switch in front of the router because your modem will supply you with a public IP address. Unless you purchase more that the typical 1 public IP address, only one computer will function - either your router (which uses a public IP address) or your computer. Purchasing 2 public IP addresses is the only way you will be able to put your switch in front of the router.

ahhh i stand corrected i thought the router will automatically configure an ip for the pc and the router will handle the rest of the clients. guess not!

 

[riser]

The modem has to connect into the WAN port on the router. If you have the switch in place and then connect the switch to the router's WAN port, none of the switch ports will work since the switch on the router (wan port plus 4 port switch generally) is where DHCP is handed out. It doesn't go back out through the switch. Looping it back from the router switch into the standalone switch causes issues. The router is the key piece as it connects two networks, the public network and creates the private network. Without a router, you only have a public IP address and no private network.