Placing a switch before a router. Will this make sense?

[WoundedWallet]

Ok, here is the scenario. I have 5 fixed IPs. Three computers. And one of them is a webserver which I run for family and friends.

I would like to surf the net and not leave my server IP trail behind me. I also would like to increase my server security by adding a router(or something else not too expensive) to my software firewall.

So I just thought about this arrangement.

ADSL Modem -->Switch
Switch -->PC1
Switch -->PC2
Switch -->Router -->Webserver

This way I could have the extra security for my server, while at the same time having the individual PCs with their own IP shown to the net.

Is this dumb?

Could I accomplish my wishes with a different setup?
Can a switch provide the same security as a router, in which case I wouldn't need the router.
Should I add more servers to justify a router? Just kidding

Thanks,
WW

 

[obenton]

With 5 IP addresses you don't need a router. Use a software firewall (in fact, all machines should use a firewall).

 

[WoundedWallet]

Yes I understand that about the 5 IPs. My only use for the router is to increase my already existing software firewall security.

Is there a better way to increase security without spending over $200?

Thanks.

 

[cavingjan]

If you want added security, a router is not the best approach. Look for a hardware firewall box like a SonicWall.

 

[ChicagoMaroon]

Why don't you go DSL -> Router -> Switch -> PCs & webserver. Then just let the PCs' IPs pass through and set up whatever filter/blocking/etc... you need for the webserver in the router config. An alternative to a hardware router is running routing software on one of the PCs and have it act as a router.

 

[WoundedWallet]

SonicWall is a good idea, but it costs $500. I don't know if my information is worth $500

Are there any other firewall boxes on the $200 range?

 

[WoundedWallet]

ChicagoMoron, if I understand how routers work, the outside world will still see all my computers as one single IP. And I want to avoid that. Am I wrong on my understanding?

 

[ChicagoMaroon]

Just let the IPs you want to show to the net pass transparently through the router (as if there was no router there). You can do this in any router's config. Essentially, it would look to the outside world exactly like your proposed setup, except you have control over what data passes to and from all your computers.

 

[jmcoreymv]

Almost all nat-based home routers (as in $300 or under) wont let you have any transparent IPs, so thats the problem.

 

[WoundedWallet]

Thanks guys... I just short circuited right now

Life is too full of emotions, and I can't handle its ups and downs...

Seriously though, if I understood you guys, there are different kinds of routers. The cheap ones probably won't allow IP transparency, while the more expensive ones could.

The other alternative, a firewall box, also seems to hang above $400.

So back to my original proposal. It seems to make some financial sense, since I'm seeing deals for a switch and a router for just over $100 total price...

Anybody knows of anything wrong with my approach?

Thanks.