Instead of having direct access to the Internet, you can have indirect access via
the computers on your LAN by setting up a proxy server. With a proxy server,
you do not have to configure and secure every computer on the LAN for Internet access.
When, for example, a client computer tries to access the Internet via its web browser,
the request goes first to the proxy server. The proxy server then makes that request to
the Internet website on behalf of the client computer. The proxy server can thus control access to the Internet.
In reality each of your client computers talk only with the proxy server, and only the
proxy server converses with the various website locations. Each website "believes" that
it is talking only with the machine running the proxy server. It is the software mechanism
in the proxy that passes the requests and responses transparently between intranet computer
and Internet website.
Using a proxy server, Internet access is
somewhat easy to set up and quite secure to use.
Configuration Steps
Before starting and using PServer you must perform a few easy configuration steps.
We will explain below each step in detail:
1) Ensure that each of your computers has a unique, internal TCP/IP
address associated with it. These are not IP addresses that are
assigned by your provider, but rather you make them up and distribute
them to your computers using the well-known non-routeable internal IP
addresses available to all LANs.
Example: 192.168.100.12
Example: 10.0.0.6
2) Modify the supplied PServer parameter file.
3) Configure the email clients and browsers of your LAN networked machines
to "point" towards the machine running PServer.
Step 1 (Part 1 of 2)-- Client TCP/IP Configuration
This step is not necessary if your computers are already in a LAN, you are using a DHCP server, or you have been successfully using other products that require TCP/IP connectivity between your machines. Go to Step 2 if the preceding applies.
Each PC must be connected to your LAN via a Network Interface Card.
This is also known as an Ethernet or NIC card.
Each NIC card must be connected via cables (Category type 5) or via wireless connection to a hub, switch or router.
Next, decide on an addressing scheme for your LAN networked computers. These are simply a set of intranet IP addresses that you choose for your LAN. We suggest using non-routeable addresses for privacy protection and so that you avoid a conflict with any "real" IP address on the World Wide Web.
Some non-routeable addresses fall into the range of:
10.0.0.1 to 10.255.255.255
90.0.0.1 to 90.255.255.0.255
172.16.0.1 to 172.31.255.255
192.168.0.1 to 192.168.255.255
Configure the Network Properties on each client computer.
For illustration purposes we will use 4 intranet IP addresses of:
90.0.0.1 through 90.0.0.4
In Windows, use NETWORK to change or set the IP address in each machine.
Start-->Settings-->Control Panel-->Network
1) Double-click Network icon in Control Panel
2) Click Configuration Tab, select the network interface adapter
(TCP/IP Ethernet Adapter NIC) for the LAN. (Do not choose the
Dial-Up Adapter).
If you don't see a TCP/IP binding for your network adapter,
then do:
Add button -> Add Protocol -> Select Microsoft -> Select TCP/IP -> OK.
3) Click the Property button to open the TCP/IP Properties window.
4) Click IP Address Tab, enter the IP address you selected for this computer
(ie 90.0.0.2) and 255.255.255.0 for the Subnet Mask.
5) Click DNS Configuration Tab,
then select Enable DNS,
enter the IP address of the "gateway" running PServer (ie. 90.0.0.1)
6) Click Gateway Tab, enter your PServer gateway IP here also.
7) Close all the windows by clicking the OK button.
It may be required to RESTART your computer.
You can easily check each machine's assigned IP address after rebooting
Windows machines by issuing:
On Windows 98 use WINIPCFG from a "black" Command Window.
On Windows XP go to:
START --> PROGRAMS --> ACCESSORIES --> SYSTEM TOOLS --> SYSTEM INFORMATION
Under SYSTEM INFORMATION go to:
Components --> Network --> Adapter --> IP Address
Or on any Windows machine you can view the network routing table by typing
netstat -r from a "black" Command Window.
For Linux clients you can check each machine's assigned IP address with the IPCONFIG command
/sbin/ifconfig ethX ,where X is the NIC adapter number {0, 1, 2, etc.}
or
netstat -r ,this shows you the network routing table in effect
from any terminal Command Line.
Step 1 (Part 2 of 2)-- Server TCP/IP Configuration
On the "gateway" server computer:
This is the computer running PServer application,
please repeat the above instructions: 1,2,3,4,7.
The IP address of THIS machine (based on the example) should be 90.0.0.1.
Do NOT configure the DNS and Gateway Tab on THIS computer. These functions will be performed by your Internet Provider Service.
DO NOT CHANGE THE DNS AND GATEWAY SETTINGS FOR THE INTERNET NETWORK ADAPTER OF YOUR GATEWAY COMPUTER!
Your gateway machine running PServer will have assigned to it two (2) IP addresses.
For Dial-Up
One will be seen by the World Wide Web via your Internet Provider service.
The other is seen by the computers in your local network.
For DSL or Cable
There is one IP address that is seen by the DSL or Cable modem and one
that is seen by the other computers in your local network.
The "modem" is in fact a router that has 2 IP addresses.
Your Internet Provider sets the outbound IP address. The router itself
is configured with a conventional
nonroutable IP address (usually 192.168.1.1).
The staticly assigned intranet IP address will be bound to the
gateway machine's NIC card. This interface address will be "seen" by all of your client
computers.
The "real" Internet IP address assigned by your Internet Provider
will be bound to the gateway machine's DialUp Adapter or DSL/CABLE modem.
Example 1: Using Dial-Up through a controlling server. (Most secure setup for Dial-Up)
Clients must pass through proxy to access Internet.
|-------- Home Intranet ------------| |------------- Internet ---------------|
90.0.0.4 90.0.0.1 via Dial-Up Modem
+----------+ +----------------------------+ +----------+
| | | N A | | | | |
| Linux | | E d | | | | |
| or | | T a | | M | | |
| Windows | ------------> | W p | Proxy | O | ---------...----> | Internet |
| Client | | O t | Server | D | | website |
| | <------------ | R e | "gateway" | E | <--------...---- | |
| | | K r | | M | | |
| | | | | | | |
| | | NIC | | | | |
+----------+ +----------------------------+ +----------+
209.65.200.199 www.anysite.com
|-------- Home Intranet ------------| |------------- Internet ---------------|
Example 2: Using DSL or Cable through a controlling server. (Most secure setup for DSL/CABLE)
Clients must pass through proxy to DSL/CABLE (PPPoE router-mode) to access Internet.
|-------- Home Intranet ------------| |------------- Internet ---------------------------|
90.0.0.4 90.0.0.1 DSL (Cable) Modem Router
+---------+ +-----------------------------+ +-----+ +----------+
| | | A | | A | | | | |
| Linux | | d | | d | | D | | |
| or | | a | | a | | S | | |
| Windows | ------------> | p | Proxy | p | -----> | L | ----...------> | Internet |
| Client | | t | Server | t | | | | website |
| | <------------ | e | "gateway" | e | <----- | | <---...------ | |
| | | r | | r | | C | | |
| | | | | | | A | | |
| | | | | | | B | | |
| | | | | | | L | | |
| | | NIC | | NIC | | E | | |
+---------+ +-----------------------------+ +-----+ +----------+
192.168.x.x 209.65.200.199 www.anysite.com
|-------- Home Intranet ------------| |-------------- Internet ---------------------------|
Example 3: Using DSL or Cable through a controlling server. (Most secure setup for DSL/CABLE)
Clients must pass through proxy machine using software router to DSL/CABLE (bridge-mode)
to access Internet.
|-------- Home Intranet ------------| |------------- Internet ---------------------------|
90.0.0.4 90.0.0.1 DSL (Cable) Modem Bridge
+---------+ +------------------------------+ +-----+ +----------+
| | | A | | A | | | | |
| Linux | | d | | d | | D | | |
| or | | a | | a | | S | | |
| Windows | ------------> | p | Proxy | p | -----> | L | ----...------> | Internet |
| Client | | t | Server | t | | | | website |
| | <------------ | e | "gateway" | e | <----- | | <---...------ | |
| | | r | | r | | C | | |
| | | | | | | A | | |
| | | | | PPPoE | | B | | |
| | | | | client | | L | | |
| | | NIC | | NIC | | E | | |
+---------+ +------------------------------+ +-----+ +----------+
209.65.200.199 www.anysite.com
|-------- Home Intranet ------------| |-------------- Internet ----------------------------|
Example 43: Using DSL or Cable through a hardware router. (Less secure)
Clients must be re-directed to proxy to access Internet.
|-------- Home Intranet ------------| |------------- Internet -----------------------|
90.0.0.3
+---------+ +----------+
| | | |
| Linux | 192.168.1.2 | |
| or | +---------+ +-----+ | |
| Windows | --------------------> | | | | | |
| Client | | | | D | | |
| | <-------------------- | | | S | | |
| | | R | | L | | |
| | | O | | / | | Internet |
+---------+ | U | ----------> | C | -----------> | website |
90.0.0.4 | T | | A | | |
+---------+ | E | <--------- | B | <---------- | |
| | | R | | L | | |
| Linux | | | | E | | |
| or | | | | | | |
| Windows | --------------------> | | +-----+ | |
| Client | | | | |
| | <-------------------- | | 209.65.200.199 | |
| | +---------+ | |
| | | | | |
+---------+ | | +----------+
| | www.anysite.com
90.0.0.1 | |
+-----------------------+
| | A |
| | d |
| | a |
| Proxy | p |
| Server | t |
| "gateway" | e |
| | r |
| | |
| | |
| | NIC |
+-----------------------+
|-------- Home Intranet ----------------------| |------------- Internet ------------------------|
Example: You have 4 computers in your local area network.
You decide to choose IP addresses 90.0.0.1 through 90.0.0.4,
Assign the "gateway" IP address to 90.0.0.1,
Your Internet Service Provider assigns his interface into your gateway (or DSL/CABLE modem)
as IP address 209.65.200.199,
Therefore your "client" computers 90.0.0.2, 90.0.0.3 and 90.0.0.4 will talk to the Internet via address 90.0.0.1
Now traffic arriving at gateway at address 90.0.0.1 will pass through the proxy server and be rerouted to its final destination via the IP address of 209.65.200.199 of the Internet Provider.
Inbound traffic arriving at gateway (or router) address 209.65.200.199 will pass through the proxy server and be rerouted to its client destination via the intranet IP address of 90.0.0.1, the PServer machine.
Checking you LAN connectivity
After your LAN has been set up, try communicating with another computer on the LAN.
The "ping" command can be used to send a packet to another machine and to request that
machine to return a packet.
Example.
ping 90.0.0.2
The output should look something like this:
Pinging 90.0.0.2 with 32 bytes of data:
Reply from 90.0.0.2: bytes=32 time<10ms TTL=128
Reply from 90.0.0.2: bytes=32 time=10ms TTL=128
Reply from 90.0.0.2: bytes=32 time<10ms TTL=128
Reply from 90.0.0.2: bytes=32 time<10ms TTL=128
Ping statistics for 90.0.0.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms
A line of output is displayed each time a packet is sent and received in response. If you don't see output that shows packets have been received, then it means that you are not contacting the other computer.
Step 2 -- Modify the PServer Configuration Parameter file.
The parameter file contains the address parameters that the PServer proxy program
will need to "listen" for requests and return incoming data to each client computer.
After you have built the configuration file you must then "point" the internet
applications (such as browsers, email client, ftp client) on each of client PC
in your network to the gateway machine's assigned IP address. This is discussed
later on this page.
A sample file called "pserver.sampdata" has been provided with the product.
Create a new text file named "pserver.data" or rename the one provided and edit the
file with the settings that you require for Internet connection. The first item in
each category with multiple settings will become the default PORT assignment in each
"combination box" that will appear on the "Daemons" panel of PServer.
Note that any line starting with a "#" denotes a comment or a commented out line.
IP Addresses -- These are numbers that uniquely define each computer known to
the Internet (or Intranet). Any networked computer can communicate with another by knowing its
IP address.
PORT -- Port number provide access points to a particular service. The proxy server
will listen on the network for packets that are addressed to its IP address along with
its port number.
Contents of sample pserver.sampdata file supplied.
Lines that start with a # are comments.
---------- Start of PServer.sampdata file ----------
#
# Specify the HTTP listing port
# The first in the list will become the default port for the proxyserver.
# The following port specifications will appear in the combination box as options.
# Default is port 80
#
#httpport 80
httpport 2080
#
# Specify the FTP listing port
# The first in the list will become the default port for the proxyserver.
# The following port specifications will appear in the combination box as options.
# Default is port 21
#
#ftpport 21
ftpport 2021
#
# Specify the TELNET listing port
# The first in the list will become the default port for the proxyserver.
# The following port specifications will appear in the combination box as options.
# Default is port 23
#
#telnetport 23
telnetport 2023
#
# Specify the SMTP listing port
# The first in the list will become the default port for the proxyserver.
# The following port specifications will appear in the combination box as options.
# Default is port 25
#
#smtpport 25
smtpport 2025
#
# Specify the POP3 listing port
# The first in the list will become the default port for the proxyserver.
# The following port specifications will appear in the combination box as options.
# Default is port 110
#
#pop3port 110
pop3port 2110
#
# Specify the SOCKS5 listing port
# The first in the list will become the default port for the proxyserver.
# The following port specifications will appear in the combination box as options.
# Default is port 1080
#
#socks5port 1080
socks5port 3080
#
# Specify the RealAudio listing port (under development)
# The first in the list will become the default port for the proxyserver.
# The following port specifications will appear in the combination box as options.
#
#realaudioport 1090
realaudioport 3090
#
# Specify the Windows Dial-Up connectoid.
#
dialup Commtel
#
# Specify to attempt to automatically initiate Windows Dial-Up connectoid.
#
#autodial yes
#autodial no
#
# Specify the Outgoing Mail Data Name Server.
# This is supplied by your Internet Provider Service.
#
mailserver mail.netscape.com
#
# Specify the Incoming Mail Data Name Server.
# This is supplied by your Internet Provider Service.
#
pop3server pop.netscape.com
#
# Specify the administrator's email address that will receive copies of user email.
# Enter NONE or comment out if no designation.
#
adminemail NONE
#
# Specify the administrator's email (SMTP) userid for authentication to forward captured email.
# Enter NONE or comment out if no designation.
#
adminuserid myadmin
#
# Specify the administrator's email (SMTP) password for authentication to forward captured email.
# Enter NONE or comment out if no designation.
#
adminpassword mypassword
#
# Specify the drive specification where the logfile will be written
# and archives kept.
# For Windows specify drive letter.
# For Linux or UNIX specify / (root).
#
logdrive C
#
# Specify the Windows or UNIX directory name where the logging, permission and
# website blocking files will reside.
# Default will be a sub-directory called "log" that is off the directory that this file resides.
#
#logdirectory pserver\log (if Windows)
#logdirectory /usr/local/pserver/log (if Linux or UNIX)
#
# Specify the minimum and maximum number of tasks per protocol (Default 2 and 16)
#
minimumtasks 2
maximumtasks 64
#
# Specify the protocol Server request backlog queue length (Default 16)
#
httpbacklog 32
ftpbacklog 16
telnetbacklog 16
smtpbacklog 16
pop3backlog 16
socks5backlog 16
#
# Specify the protocol IDLE Timeout seconds (Default 60)
#
httpidletimeout 60
ftpidletimeout 60
telnetidletimeout 60
smtpidletimeout 60
pop3idletimeout 60
socks5idletimeout 60
#
# Specify the protocol I/O Timeout in seconds (Default 60)
#
httpiotimeout 90
ftpiotimeout 60
telnetiotimeout 60
smtpiotimeout 60
pop3iotimeout 60
socks5iotimeout 600
#
# Specify the Internet Inbound and Outbound Buffer Size in bytes (Default 4096 and 1024)
#
internetinbound 8192
internetoutbound 1024
#
# Specify the Intranet Inbound and Outbound Buffer Size in bytes (Default 4096 and 1024)
#
intranetinbound 8192
intranetoutbound 1024
#
# Specify the Scheduled Quiesce (Down) Time of Day and Resume (Up) Time of Day (Default current time for both)
# format HH:MM Military time in hours and minutes
quiescetod 22:00
resumetod 07:30
#
# Specify the Customer product key supplied upon license purchase.
#
customerkey 00000000
---------- End of PServer.sampdata file ----------
Panels displayed after startup will show the configuration data.
General Panel--
During StartUp this panel shows the following:
-- The type of Operating System
-- The level of JAVA that has been detected on this machine.
-- The IP address that you have assigned to your machine.
-- The external IP address that has been assigned by your Internet Provider.
-- The proxy engine status, whether PServer is running or not.
-- The Internet connection status.
-- The time of initial program start.
-- Any critical messages.
All the computers on your LAN should be configured to "target" the proxy server machine.
The address that each client machine should target will appear in the box labelled
"Internal (Intranet) PROXY IP Address" on the General panel.
Below the sample General panel shows the proxy listening for internal traffic on the
LAN address of 90.0.0.3 (user assigned) while communicating with the Internet on the
Internet Provider Server (ISP) supplied external (real) Internet address.
Daemons Panel--
These fields will show you the listening ports that you have chosen based upon the
configuration file supplied in the startup parameters.
If not selections was made in the config file then the default ports are used.
HTTP port that PServer will listen to for HTTP (Browser requests)
FTP port that PServer will listen to for FTP (file transfer)
TELNET port that PServer will listen to for Telnet (3270) session traffic
SMTP port that PServer will listen to for Simple Mail Transport (outbound email)
POP3 port that PServer will listen to for Post Office (inbound email)
SOCKS5 port that PServer will listen to for SOCKS (such as AOL Instant Messenger)
Requests from your networked client machines targetting the above ports will be intercepted
by PServer and translated to an outbound request for the Internet. PServer will maintain
a unique conversation path between each of your computers and websites on the Internet.
For your information the following are the conventional Protocol Port Setting Defaults that
are shipped with your browser for connecting directly with the Internet:
HTTP 80
FTP 21
SSH 22
TELNET 23
SMTP 110
POP3 25
SOCKS5 1080
You may use these or any other numbers as long as the numbering scheme is consistent across all the computers in your LAN. For example, if you choose 2080 to be the HTTP port for browsing then all PCs must have their browsers configured to look for traffic on that port.
Step 3 -- Configure browsers and email to go through the gateway machine.
For the proxy server to provide Web access to the Windows and Linux client computers on
your network, each client needs to do a bit of set up within their Web applications.
These include the Web-browser, the FTP-client, the Email client, etc. The beauty of using a
proxy server is in what your client machines do not need to know, such as:
-- Addresses of DNS servers
-- Telephone numbers and passwords to Internet Providers
-- Connection scripts
In Internet Explorer this can be found under:
Tools-->Internet Options-->Connections
Select LAN Settings.
Check Use a proxy server.
Select Advanced.
Place the address of the proxy server in the Address: box
Place the port that the proxy server will "listen" for HTTP traffic.
Place the IP address of your computer running PServer in each of the categories.
Place the port numbers associated with each Server type.
HTTP 90.0.0.1 2080
Security 90.0.0.1 2080
FTP 90.0.0.1 2021
Telnet 90.0.0.1 2023
SOCKS 90.0.0.1 3080
In Netscape Navigator/Communicator this can be found under:
Edit-->Preferences-->Advanced-->Proxy
Select Manual Proxy Configuration
Place the IP address of your computer running PServer in each of the categories.
Place the port numbers associated with each Server type.
HTTP 90.0.0.1 2080
Security 90.0.0.1 2080
FTP 90.0.0.1 2021
Telnet 90.0.0.1 2023
SOCKS 90.0.0.1 3080
HTTP Networking
If you can configure HTTP on your browser then note the following settings:
Use HTTP 1.1
Do not enable "Keep-Alive" for Proxy
Do not enable "Pipelining" for Proxy
You are now ready to start using all of your PCs for simultaneously browsing through a single transparent Internet Connection. Review the remaining User Guide documentation to configure your mail, ftp and instant messaging for each of your LAN connected computers.
[Return to User Guide Table of Contents]
[Return to Index]
[Return to Cullen Programming Home Page]
Copyright © Cullen Programming 1999, 2008