The question reworded:
How can I make a pure TCP/IP network, where every PC has an outside "Internet" IP address from my ISP PLUS access to my fileserver while not leaving the fileserver's shares accessible from the Internet? I would like to run Gigabit Ethernet between all the local PCs and keep them on the same subnet (My ISP assigns IP addresses from different subnets randomly), so a "second network" with VPN access to the Internet IP addresses sounds like what I need to use. How can I configure Windows 2000 Server's VPN to provide second "outside" IP addresses to my Gigabit LAN? Can I somehow configure XP's built-in VPN server the same way (I doubt it)? Is there another option besides VPN which doesn't involve losing my outside IP addresses (Ala plane-Jane NAT)? If the domain/VPN server also shares the files (Logical), what would keep them from being accessible from the Internet (Other than NTFS securities and such)?
Originally posted by: Oaf357
A gigabit switch and multiple IP addresses from your ISP should work.
I get multiple IP addresses from my ISP, but they are not always on the same subnet so my router makes all traffic between PCs go at cable-modem speeds. (I'm not using the router's NAT functions in order to maintain real IP addresses) Would a switch (Hardware/MAC-address based as opposed to IP-based) work much differently? What would keep my fileserver inaccessible from the Internet?
I was thinking... Create a private network between all PCs and then provide outside IP addresses through VPN (My friend's cable co provides his outside/Internet IP address through VPN for a monthly charge). Still, it would make sense for the Gigabit Fileserver to also share the Internet connection as the VPN server, but wouldn't that open the files up to the Internet just the same? How does anyone share files on a PC without a router or firewall to block external access? I keep getting the same answer: "Use a different networking protocol" but when using two independant networks I see no reason why TCP/IP wouldn't have some option. Also, how would I limit a share to ONE protocol? Wouldn't the share be available through all installed protocols that support file-sharing? I've never seen the option to make a network share only available through TCP/IP or NETBIOS. If the fileserver was completely offline I can see how that would work by simply not having TCP/IP on the other computers, but no thanks. There's got to be another way with purely TCP/IP. There's got to be another way without VPN.