New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Internet, Networking, and Wireless Discussion of networking, internet, and wireless including Apple's Airport products.

Office Network Problems


Post Reply New Thread Subscribe

 
Thread Tools
NateL

 
Member Since: Nov 06, 2007
Posts: 53
NateL is on a distinguished road

NateL is offline
We have a Mac network guru coming in on Friday to help us out a bit..but in the mean time, i'd like to try to figure some things out on my own..for my own personal knowledge.

Our cable modem plugs directly into a Netgear JGS525 Switch. From there, we have Ethernet wires running all over the office and connecting to some Macs. So far, so good. Internet for those that are hardwired is blazing fast..as well as file transfers from computer to computer.

Our ISP has given us a range of static IP addresses. We assign each mac with its own IP address. We have about 15 static IP's we can use.

Now for the problem area.
Wireless.

It's extremely spotty and works when it wants to. There is a conflict that we can't quite find. We reset everything 10 times yesterday and it worked for 30 minutes each time and then crashed. (wired computers, still working...it's not an ISP issue)

We go from our router to an Airport Extreme Base. We assign the airport extreme with a static IP. We have two more airport extremes and an airport express set up as repeaters, which to me is odd because we shouldn't need 4 airports to get wireless to work in our office...we don't have a very big office...3 at most should be sufficient...but never seems to be. Someone never has enough signal or their internet is slow as poo.

anyway, I hope this is making sense..but the wireless internet just seems to go on and off..and we need to basically reset everything in order to get it working again, for what seems like an hour at most and then the whole wireless network crashes again.

One other odd thing is about our network printer. It will only work whenever it's plugged into the Airport Express. If we're hard wired, then that means in order for us to print, we must connect to the wireless network and then print to the Bonjour Shared printer. Can i hook up the printer via ethernet to the Switch? then, would wireless be able to find it?
QUOTE Thanks
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,599
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
May I ask why the preference for static IP addressing? I have a feeling that's where your problems stem from. Your Airport Extreme is a perfectly capable DHCP server.

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
QUOTE Thanks
NateL

 
Member Since: Nov 06, 2007
Posts: 53
NateL is on a distinguished road

NateL is offline
Quote:
Originally Posted by cwa107 View Post
May I ask why the preference for static IP addressing? I have a feeling that's where your problems stem from. Your Airport Extreme is a perfectly capable DHCP server.
we have 3 computers set up as web servers. 2 Mac Pros and an iMac. We post project files to our local web server and our client views the web page to see the status of the projects we're working on.

for instance, they go to computer1.oursite.com and that gets forwarded to the IP address that we have setup. It's much easier and makes more sense than uploading gigs of files to our web host for our website.

One other thing is we often connect via Remote Desktop so we can work on our work computer from another location. We just punch in the IP address and connect. Is there an easier method?
QUOTE Thanks
pixelbaker

 
pixelbaker's Avatar
 
Member Since: Mar 03, 2008
Posts: 19
pixelbaker is on a distinguished road

pixelbaker is offline
i'm sure the help you've got coming on Friday will tell you much the same thing, only more in depth: that setup does not seem very good.

You need a router, some sort of firewall other than the systems themselves. That's asking for trouble. Modem-->Router-->switch--->workstations/servers.

With a router, you can keep your setup virtually the same, but it's much safer and cleaner. The router handles your DHCP and all that business and if you get one that has wifi, there's your wireless network also included. You can setup port forwarding for the web ports to forward directly to your web server, as well as assign a port per computer for remote desktop. This would mean that instead of a unique IP for each workstation on the network, you have one outside IP and differing ports for each system.

This would probably solve a lot of your connectivity issues as well if they're all connected to a central location in a smaller, sectioned off network.
QUOTE Thanks
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,599
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
Quote:
Originally Posted by NateL View Post
we have 3 computers set up as web servers. 2 Mac Pros and an iMac. We post project files to our local web server and our client views the web page to see the status of the projects we're working on.
Wow. Was this network built by an IT professional? I ask because although OS X is pretty stout, it's still quite risky to leave your machines wide open on the public Internet by assigning them static, public IP addresses. I'm not sure that solving these issues is really in the scope of this forum, although I'll do my best to help.

Quote:
for instance, they go to computer1.oursite.com and that gets forwarded to the IP address that we have setup. It's much easier and makes more sense than uploading gigs of files to our web host for our website.
Do you have your own DNS server or did you have your ISP set up that host record on theirs?

Quote:
One other thing is we often connect via Remote Desktop so we can work on our work computer from another location. We just punch in the IP address and connect. Is there an easier method?
I'm not sure where to start, there's quite a bit I would have done differently as a network engineer, but I'm sure I'm not getting the full picture either, so I don't want to speculate too much.

I know you said that you have a "Mac networking guru" stopping by to take a look at it, but is this person a network engineer or more of a hobbyist?

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
QUOTE Thanks
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,599
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
Quote:
Originally Posted by pixelbaker View Post
i'm sure the help you've got coming on Friday will tell you much the same thing, only more in depth: that setup does not seem very good.

You need a router, some sort of firewall other than the systems themselves. That's asking for trouble. Modem-->Router-->switch--->workstations/servers.

With a router, you can keep your setup virtually the same, but it's much safer and cleaner. The router handles your DHCP and all that business and if you get one that has wifi, there's your wireless network also included. You can setup port forwarding for the web ports to forward directly to your web server, as well as assign a port per computer for remote desktop. This would mean that instead of a unique IP for each workstation on the network, you have one outside IP and differing ports for each system.

This would probably solve a lot of your connectivity issues as well if they're all connected to a central location in a smaller, sectioned off network.
Well-put, and pretty much what I was trying to get at as well. I understand that in a SOHO setting, your budget is limited and you tend to rely on both your ISP and some of the higher-end, consumer grade networking gear to get you by. But when you start putting machines on the public Internet, it's time to have a serious evaluation done by a networking professional - and that person doesn't even need to be a Mac specialist, as much as they need to be familiar with network security and infrastructure.

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
QUOTE Thanks
NateL

 
Member Since: Nov 06, 2007
Posts: 53
NateL is on a distinguished road

NateL is offline
Quote:
Originally Posted by pixelbaker View Post
i'm sure the help you've got coming on Friday will tell you much the same thing, only more in depth: that setup does not seem very good.

You need a router, some sort of firewall other than the systems themselves. That's asking for trouble. Modem-->Router-->switch--->workstations/servers.

With a router, you can keep your setup virtually the same, but it's much safer and cleaner. The router handles your DHCP and all that business and if you get one that has wifi, there's your wireless network also included. You can setup port forwarding for the web ports to forward directly to your web server, as well as assign a port per computer for remote desktop. This would mean that instead of a unique IP for each workstation on the network, you have one outside IP and differing ports for each system.

This would probably solve a lot of your connectivity issues as well if they're all connected to a central location in a smaller, sectioned off network.
Thanks for that suggestion. I forgot all about using ports. This is why we're in a bit of a pickle...we're graphics people, not network people

Quote:
Originally Posted by cwa107 View Post
Wow. Was this network built by an IT professional? I ask because although OS X is pretty stout, it's still quite risky to leave your machines wide open on the public Internet by assigning them static, public IP addresses. I'm not sure that solving these issues is really in the scope of this forum, although I'll do my best to help.
Yes and no. The guy who wired up our building is a complete moron. We've done most of this ourselves, to the best of our abilities.
Quote:
Do you have your own DNS server or did you have your ISP set up that host record on theirs?
we had our Webhost set up CNAME..I believe...


Quote:
I'm not sure where to start, there's quite a bit I would have done differently as a network engineer, but I'm sure I'm not getting the full picture either, so I don't want to speculate too much.

I know you said that you have a "Mac networking guru" stopping by to take a look at it, but is this person a network engineer or more of a hobbyist?
Thanks, apparently this guy sets up networks (mac networks) for big companies...so i think it's beyond hobbyist.

again, I appreciate your advice...I will talk with the higher ups about a router in addition to the switch and then maybe we could dump the static IP's and go with ports.

Would using ports interfere with how people navigate the site?
QUOTE Thanks
pixelbaker

 
pixelbaker's Avatar
 
Member Since: Mar 03, 2008
Posts: 19
pixelbaker is on a distinguished road

pixelbaker is offline
Quote:
Would using ports interfere with how people navigate the site?
They would see the exact same thing and use it in the same way, it's just much more specific on what type of traffic you're allowing to that system. The main concern with your network setup here is security. Right now your machines are open to the internet and there is no buffer between them. Like cwa107 said, OS X is pretty secure, but basic security measures should always be in place - even in a home setting, but especially a business one.
QUOTE Thanks
GroovyLinuxGuy

 
GroovyLinuxGuy's Avatar
 
Member Since: Apr 03, 2006
Location: Edmonton, Canada
Posts: 125
GroovyLinuxGuy will become famous soon enough
Mac Specs: 15" MacBook Pro, 12" iBook G4, 14" iBook G4 running Ubuntu 7.10

GroovyLinuxGuy is offline
Quote:
Originally Posted by NateL View Post
We have a Mac network guru coming in on Friday to help us out a bit..but in the mean time, i'd like to try to figure some things out on my own..for my own personal knowledge.

Our cable modem plugs directly into a Netgear JGS525 Switch. From there, we have Ethernet wires running all over the office and connecting to some Macs. So far, so good. Internet for those that are hardwired is blazing fast..as well as file transfers from computer to computer.

Our ISP has given us a range of static IP addresses. We assign each mac with its own IP address. We have about 15 static IP's we can use.

Now for the problem area.
Wireless.

It's extremely spotty and works when it wants to. There is a conflict that we can't quite find. We reset everything 10 times yesterday and it worked for 30 minutes each time and then crashed. (wired computers, still working...it's not an ISP issue)

We go from our router to an Airport Extreme Base. We assign the airport extreme with a static IP. We have two more airport extremes and an airport express set up as repeaters, which to me is odd because we shouldn't need 4 airports to get wireless to work in our office...we don't have a very big office...3 at most should be sufficient...but never seems to be. Someone never has enough signal or their internet is slow as poo.

anyway, I hope this is making sense..but the wireless internet just seems to go on and off..and we need to basically reset everything in order to get it working again, for what seems like an hour at most and then the whole wireless network crashes again.

One other odd thing is about our network printer. It will only work whenever it's plugged into the Airport Express. If we're hard wired, then that means in order for us to print, we must connect to the wireless network and then print to the Bonjour Shared printer. Can i hook up the printer via ethernet to the Switch? then, would wireless be able to find it?
Okay..first things first. You don't need to assign each workstation an IP address from the 15 that your ISP gave you. Get rid of the switch and replace it with a router so you can do NAT. You do not need a routable address for each computer. And it will save you money in the long run since you won't be paying for each IP address that you are using.

When i posted my reply, I was unable to see anyone else's replies. I see that this route (no pun intended (well maybe just a little)) has already been covered. If I could figure out how to delete this post I would :-)
QUOTE Thanks
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,599
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
Quote:
Originally Posted by NateL View Post
Thanks for that suggestion. I forgot all about using ports. This is why we're in a bit of a pickle...we're graphics people, not network people
I don't think you give yourself enough credit, I'd say you have more than a little working knowledge just based on what I'm hearing from you here.

Quote:
Yes and no. The guy who wired up our building is a complete moron. We've done most of this ourselves, to the best of our abilities.
Yeah, wiring guys tend to be pretty specialized in pulling and terminating cable. They may know enough to patch the ports into a switch, but in my experience that's about where their knowledge ends.

Quote:
we had our Webhost set up CNAME..I believe...
Got it, so while you do host your own test boxes, your actual production servers belong to a webhost who does the favor of hosting a DNS record to point back to one of your public IPs. Do I have that right?

BTW, even if you do go NAT with port forwarding, your static machines can still coexist in that network, implemented properly.


Quote:
Thanks, apparently this guy sets up networks (mac networks) for big companies...so i think it's beyond hobbyist.

again, I appreciate your advice...I will talk with the higher ups about a router in addition to the switch and then maybe we could dump the static IP's and go with ports.
I think that would be a good idea for starters.

Quote:
Would using ports interfere with how people navigate the site?
Done properly, no.

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
QUOTE Thanks
PerryLynch

 
PerryLynch's Avatar
 
Member Since: Sep 24, 2007
Posts: 235
PerryLynch has a spectacular aura about
Mac Specs: 17" MacBook Pro 4GB

PerryLynch is offline
GroovyLinuxGuy, CWA107, and Pixelbaker all have the right ideas for you. Here's my $0.02 worth to go along with it:

1. Drop a firewall - ANY FIREWALL - in front of that network. Your professional network guy may deploy equipment for large networks, but he's forgotten the single most basic rule: Keep other people out. Your network performance is spotty because you're getting external users hammering the network looking for vulnerabilities. To prove this out, configure the Netgear to give you a span port (a port that can be used to monitor traffic on all the other ports) and then connect a machine using ethereal to it. You'll be amazed at how much garbage traffic you're going to see.

2. Keep the switch. That's an excellent piece of equipment that you'll need just to maintain the high file transfer rates inside the network. But you need to develop a plan of your network, and configure the switch to help you limit the traffic that your servers see. Internal servers should not be on the same subnet as external servers. Workstations should be able to see both internal and external servers. The Internet at large should only be able to see 3 or 4 services, protected by NAT, to prevent direct attachment to the internal servers.

3. The printer issue sounds like you're the victim of a botched internal network numbering issue.

This really isn't rocket science. If you'd like some additional advice, PM me with some contact data.

Perry

Perry M Lynch, CISSP CISA
Mac Newbie, Security not-so-newbie
QUOTE Thanks

Post Reply New Thread Subscribe


« Apple remote with powerpoint? | Wireless music player with Time Capsule :advice sought »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
Setting Up Time Capsule - Problems Jetheat Internet, Networking, and Wireless 52 01-01-2012 08:00 AM
Network Problems irvinefan OS X - Operating System 2 11-04-2007 03:40 PM
Network Problems Dalton29 OS X - Operating System 2 09-11-2007 05:23 PM
Network and internet problems mickster13 Internet, Networking, and Wireless 0 12-13-2006 03:43 PM
Open Office 2.0.4 problems Griffo OS X - Apps and Games 22 11-17-2006 03:15 PM

All times are GMT -4. The time now is 08:12 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?