Networking question

Discussion in 'Mac Basics and Help' started by lovemacs, Oct 12, 2010.

  1. lovemacs macrumors member

    Joined:
    Feb 5, 2010
    #1
    My business uses a payment processor, and we have two iMacs hooked up to a router. Since both computers use the same gateway (same external IP address that the internet sees), the payment processor can only process payments from one iMac at a time. Both iMacs cannot run an order at the same time. My question is this: Is there a way to configure the router to give each iMac a separate IP address that the internet sees, so that they can both process orders with the payment processor at the same time?

    If this is a bit confusing, I will try to clarify more. Thanks for your help.
     
  2. Makosuke macrumors 603

    Joined:
    Aug 15, 2001
    Location:
    The Cool Part of CA, USA
    #2
    Yes, but only if your ISP supplies a modem that will give more than one external IP address. You would need to let the modem be the DHCP server for the internal network and bypass the firewall features of the router to expose the computers to the internet directly, each with its own IP address given by the ISP/modem. The exact way to set this up will depend on the brand/model of the router, modem, and your ISP

    You may have to pay for "Pro" internet to get this--I know my old ISP offered a package with 5 IP addresses for somewhat more than the base package.

    There may be another way to go about this--a proxy service, for example--but I'm not thinking of any easy/secure way to do it off the top of my head. Maybe someone else has a better idea.
     
  3. lovemacs thread starter macrumors member

    Joined:
    Feb 5, 2010
    #3
    Thanks for your insight. My thoughts were along the same line. I'll check with the ISP and see if we can get two external IPs.
     
  4. belvdr macrumors 603

    Joined:
    Aug 15, 2005
    #4
    Not necessarily. Invest in a better firewall and you can NAT those two machines to two separate IPs and protect them with the firewall. A Cisco ASA 5500 can do this, and I'm sure there are others. For a payment system, you don't want your systems on raw internet.

    The ISP then just routes that sepecific subnet down your line.
     
  5. Makosuke macrumors 603

    Joined:
    Aug 15, 2001
    Location:
    The Cool Part of CA, USA
    #5
    belvdr has a good point--what I said would work, and you'll need a couple of IP addresses from the ISP either way, but sticking a hardware firewall between the computers and the internet might be a good idea since they are payment processors. I tend to think cheap, and OSX does have a good built-in firewall, but in this case spending the extra on paranoia may be worth it.
     
  6. lovemacs thread starter macrumors member

    Joined:
    Feb 5, 2010
    #6
    The two iMacs themselves aren't payment processors, but we connect to our payment processor when placing orders. Does that make sense? So, they don't process payments themselves, but we use them basically as POS systems. The remote server won't let them connect at the same time since it sees them as having the same IP. Would the Cisco ASA 5500 solve that problem, by making it look like the two computers are using separate IPs to the remote server?
     
  7. Makosuke macrumors 603

    Joined:
    Aug 15, 2001
    Location:
    The Cool Part of CA, USA
    #7
    So far as I understand it never having configured a multi-IP firewall myself, yes. In the same way that a regular router's NAT will say "all traffic to port x goes to computer y on the internal network," it would say "external IP address x is mapped to computer y on the internal network."
     
  8. lovemacs thread starter macrumors member

    Joined:
    Feb 5, 2010

Share This Page