When our school was just connected to the Internet, it really excited the teachers for a while. At that time, the ISP took the line to the computer room and it went away. How can users on the LAN experience the infinite charm of the Internet? As a network manager, I only have to study it myself. I used it all from ICS to NAT and SyGate. These methods of Internet sharing have their own merits. I will summarize these methods and share them with you.
ICS and NAT
Using the shared Internet access feature provided by Windows is a very cheap option. In Windows, two Internet sharing methods are available: ICS and NAT.
In fact, ICS is a simplified version of NAT. ICS does not need to understand IP addresses and routing knowledge. ICS has a single function and does not have the protection function for the Intranet, this poses a great threat to network security and is only applicable to users with low network size and low security requirements. However, NAT network address translation is more suitable for Windows2003 Server LAN with complicated configurations.
ICS and NAT services cannot coexist in a LAN. We can only choose one of them.
ICS configuration process is quite simple. First, the computer that enables ICS must have two network interfaces: one connected to the internal LAN, usually the NIC, And the other connected to the Internet. Create a connection to the ISP in the "Network and dial-up connections" folder on the control panel, and then select the "share" tag from the "properties" of the connection, select the check box "Enable Internet Connection Sharing for this connection" and click "OK" to complete the settings of the ICS server as prompted by the system. The client only needs to set the NIC to "automatically obtain the IP address", and the "Default Gateway" does not need to enter the address. After restarting, you can use the ICS service.
NAT configurations are relatively complex. First, you must set the IP address of the NIC connected to the server and the LAN to 192.168.0.1, And the IP address of the NIC connected to the Internet to the valid fixed IP Address Provided by the ISP. Set the DNS and gateway of the server. The NAT Function is mainly implemented through the "Routing and Remote Access" configuration in "Management Tools. When defining TCP/IP protocol properties, the client needs to set DNS and specify the default gateway as 192.168.0.1 to use the NAT service to share the Internet.
Choose ICS or NAT. We can draw a conclusion from the comparison between the two and their implementation methods:
ICS is suitable for the home network environment: it has simple functions and easy settings. It can be set without too much professional knowledge, which is very necessary for the home network; it can only use a single public IP address and does not need to register multiple public IP addresses, so it costs less, and usually the home network is very cost-sensitive; it does not have any security measures, security measures such as firewalls must be added, but you only need to install firewalls on the ICS host, and other machines in the LAN will be effectively protected, generally, the home network environment does not have high security requirements. ICS does not have special requirements on the system platform, computers installed with Windows 98 SE and later versions can be configured as ICS hosts, which is more suitable for the networking requirements of mainstream operating platforms in the current family.
NAT is suitable for office network environments: it is more complex than ICS and requires professional knowledge from the installer. It can use multiple public IP addresses (set address pools ), in this way, LAN users can use multiple valid IP addresses to access the Internet. To apply for multiple IP addresses, of course, this is only required for a large network. Because IP routing is used, it has certain security measures, which are more secure than ICS. Of course, it is also necessary to install a firewall for a LAN that uses NAT shared Internet access. It is logical to configure the Windows 2003 Server that provides other services in the office network as a NAT Server at the same time; unlike ICS that require clients in the network to be dynamically assigned IP addresses by DHCP servers, clients in the NAT network can set static internal IP addresses. Therefore, their settings are more flexible and their network applications can be more diverse, it can also better adapt to large-scale networks.
Agent software
Internet access through third-party software is much simpler than NAT.
Common third-party software, such as WinGate and SyGate, has many functions. In particular, the firewall function can separate internal information from external information and filter through the firewall, it protects computer data within the LAN. Therefore, it is suitable for LAN shared Internet access with high traffic requirements and high requirements on intranet data security.
Access the Internet through a hardware Router
The WAN port of the router is connected to the Internet, and the lanport is connected to the LAN. The manufacturer is responsible for writing Internet parameters. It is easy to manage and maintain the LAN. If you are troubled by Internet access problems all day long, apply for a router from your boss.