Talofa, from Pago Pago

I am a new to the PICED.ORG family and I love what I am doing, or trying to do. 

I have been working in the IT field for many years and have a lot of background experience.  By no means am I an expert or even close by todays standards, but, I am close to being an expert on our small island.

I have been in Pago the better part of the last 10 years, (originally a Buckeye), have not been on top of technology like I used to be, and need some solid advise. 

I am hoping that this is the place to ask for help and guidance from seasoned professionals in my quest to create something worthwhile and reliable for PICED which will in turn help the younger generation of the Pacific Islands.

I am trying to put a network together that is reliable, low cost, and low maintenance.  We just obtained Server 2008 Standard, with 35 cals.  We have a lab of 18 PC's for public use when we are not teaching a class.  We also have 12 full time staff workstations and 2 DSL connections.  I am the IT department, and they are depending on me to pull this off.  I will have a few Client Server Applications running, and need to set up some public storage, not only for the staff, but the students as well.  I want to build an Internal Web Site, Intranet for internal use.  I have a public IP address and want our own presence on the web with our own mail server.

Active Directory is new to me, as Server 2008 is.  Both seem a long ways from Novel Intranet Ware I have experience in.

I have a lot of details to pass on, and questions to ask, but I just first wanted to make sure, this is the right place to do it.

Thanks and looking forward to hearing from you,

Checker

:Hi, Checker,

Welcome to TechSoup. Yes, you have come to the right place for help with your question on setting up a network. I am moving this message to the network question area so that the people who have the most experience in that area are sure to see it.

Sounds like a very worthwhile project and great that you are being able to use your IT skills to help the next generation of the Pacific Islands.

Please feel free to ask if you have any more questions about getting around.

Best wishes,

Sasha

Hi Sasha,

Thanks for the warm welcome and quick response.

You are right, I have actually never participated in a forum,  just browsed around and obtained a lot of great info.

Hope I did not break protocol by posting here, I will be more careful in the future.

Thanks Again,

Checker

Hi Checker and also welcome to TechSoup.

You were fine with your introduction post, we will move a post like that because of the technical information in to so you get more visibility with our participants.

I would suggest to try to break your project down into more manageable chunks, so that your large project isn't so over whelming.

What do you currently use for email and web hosting for the public?

My first take is to continue to use the outside providers for those things that are providing services to the Public Internet.  Since you are a one person IT department, don't over burden yourself with Internet responsibilities until things are running smoothly on some of your other initiatives.

Dave

Hi Dave and thanks for the welcome.

Your are right, I need to take one step at a time.

The email is two fold, most of the staff are using Gmail.  The web site, piced.org, located in LA somewhere just got their email set up and added a few of the staff.  I want to get on Outlook.

My main concern about the email, was to get the staff off the internet.  There is a lot of unnecessary communication and chat going on that eats away at one of our internet links.  Although we are paying for 1024/384, at the tune of $300 per month, i checked it on several occasions and the most we ever got down was 486, and that is when I was the only one on.  Our grant writers need the band width a lot more than some of the staff, and I intend in the future, to limit some of the staff, if I can.

We have another DSL line with with the government controlled telcom.  It is also extremely slow too, but the cost is 1/2 of the other.  this dsl, is where I got the public IP @ $25 per month, which i think, is wrong as the subnet mask, sets all of the network address to 0.  still can't get a response from them.  this line is used for the LAB only at present, 18 PC's + instructor.

If your up on IP's, this is what they gave me:    [Edit by moderator removed IP address  Class A address] AA.AAA.AAA.197  - 255.255.255.192  -Gateway of AA.AAA.AAA.190.  isn't it supposed to be 16 bits for the network and 16 for the host?  When ever I try to put it in "Bertha", our HP ProLiant 310 (just out of moth balls) she don't like the IP.

Is it a good Public IP, or is the subnet- mask wrong?

Thanks Dave,

Checker

The 2nd DSL

Hi Checker,

I removed your live IP address for your privacy and protection.

http://en.wikipedia.org/wiki/IP_address is one source for information about IP addresses

With a Class A address like you have with the normal Class A subnet mask of 255.0.0.0 there would be 8 bits for the network and 24 bits for the host.  But since you have a custom subnet mask your subnet mask is really telling you the number of bits for the network and the host.  Your subnet mask is 255.255.255.192

11111111.11111111.11111111.11000000

So the Network is 26 bits and your hosts is 6 bits or a total of 61 hosts possible on your network (removing the host address of 000000 and 111111) You have been assigned one address

which means you will need to use NAT (network address translation) to allow your internal network with the 19 PC's to share the one public IP address among all the internal PC addresses.  This is usually accomplished with your router / firewall which is either in your DSL modem or the first device attached to the DSL modem.

For limiting the staff I would consider some form of web surfing control, like using an Untangle box between the Internet and your users This would allow you to lock out web sites and protocols, plus possibly limiting web surf times to lunch and breaks.  Another option is to use http://www.opendns.com/ to give you some control where the users go.

With your outside ISP providing email , I bet they will allow you to POP3 or IMAP access to the email accounts (Gmail allows either), so you can use Outlook with out exchange to manage your email.  What you don't get without exchange is the share calendars and contacts, and the centralized management of the users.

Your limit of 486 down could be the distance you are from the phone company, or the connection the phone company has to the Internet backbone, but it is what it is, so you need to get the best out of your connection.

What do you use for your DSL modem and then Firewall / Router?

Hope this helps to answer some of your questions.

Dave

Thanks Dave, it helped a lot on the IP, and saved me hours of research. 

The LAB, a DSL modem furnished by TELCO, ZPHONE, i can't get to the embedded web as they lock the customer out.  Using a little Linksys BEFSR41 DSL router.  Using the router to furnish ips for the lab.  From the router, straight to a Netgear24 unmanaged switch.  Firewall in Router.

Staff DSL is from a wireless ISP, using a Netgear WPN824 wireless with 4 rj45 ports on back.  This is running to another netgear 24 port unmanaged switch.  Some of the staff are also accessing the wireless, but I made a strong case against this and only one uses the wireless now.  Netgear router is also setup for DHCP.  This is the line I want to limit. 

There is no server being logged into on either LAN.  The only control I have over the LAB or Staff is limited access accounts through XP, and they don't like that.

Prior to Sept., I have to get this server up and running and somehow, combine the two DSL, tie them into the server, and furnish a few client server apps, and tie in the 3 HP 2600n, 1 hp 1320N, and the HP 4730 MFP, which is also our FAX.  I did locate the SW for the client FAX, and the staff can fax from their workstations.  The printers, ??? can't see all them with Jetdirect, but can reach the embedded web.  I set Static IP's for all the printers.

Ok, now that you see most of the picture, do you think the solution is to get the server on line as a domain controller, DHCP Server, Print server, and leave the mail where it is now??

Sorry Dave, I know this is a mess, I'm just trying to clean it up.  Don't even want to mention the switches that were put in-line to supplement and create a new segment just to add a printer.  I spent the whole day, running more cable to exterminate the switches.

Thanks,

Checker

I do have VP on all the machines, as they purchased Norton 360, and it is a pain and constantly eating bandwidth for updates.