ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    how does this work? Modems/IPs/PCI Scans

    Scheduled Pinned Locked Moved IT Discussion
    networkingmodemsippci compliance
    40 Posts 8 Posters 4.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • WrCombsW
      WrCombs @WrCombs
      last edited by

      @WrCombs said in how does this work? Modems/IPs/PCI Scans:

      @pmoncho said in how does this work? Modems/IPs/PCI Scans:

      @WrCombs said in how does this work? Modems/IPs/PCI Scans:

      Forgive the newbness ; But the way I understand this is: the Modem gives off the public IP - right?
      then the devices behind the modem are under that public IP - right?
      and then the firewall (router) give the Devices Private IP's.

      For example; PCI scans scan the public IP ; not individual device IPs- Right?
      so if there are 2 computers in an office; one handles credit cards, is behind a hardware firewall (is as compliant as you can be for this example ) and the other is not behind the hardware firewall (that the other Device is behind) but behind it's own. They scan the Public Ip and get a response from That PC - Right?
      fail their test and then blame the other device (because thats the one they want to scan) and we have to some how magically fix it.

      If this is wrong, I apologize. this is the way I understand it, and this is the way it's been explained to me.

      Configuration of the FW means everything in this situation.

      Very simple setup with only a single IP assigned from ISP.

      Internet -> ISP modem -> Your Firewall (Your first assigned Public IP address they give you) -> Internal devices (LAN IP address).

      In this situation, typically you will have many devices behind a single FW/Router and they will use a NAT mode called 1-to-many. To the world all devices will have your FW Public IP if you google "Whats my IP"

      If this is your situation, without any other configuration, when PCI scans your Public IP it will hit your FW, not an internal device, computer one or two.

      The configuration can go a bunch of different ways from the above and without knowing that, it is hard to tell you when or if (in your question) computer 2 will be scanned by PCI.

      So the question is, does your FW/Router setup to do any other form of Network Address Translation (NAT) or Port Address Translation (PAT) or both?

      If they want to scan your computer 2, your FW (if there is one) in front of computer 2 needs to be configured properly.

      I have no way to check that;
      I will keep that in mind.

      in this situation, the 2nd PC (computer 2) is not behind any firewall, but a ISP provided modem and store bought router, not used for credit cards, but using the same modem.

      side note I know that this is bad practice ; absolutely ridiculous that both of them are on the same network and one is not using the firewall; I understand this. My boss said this is how we do things, Because we protect our PC (for credit cards) even though I know it's wrong, It is what my boss said..

      pmonchoP 1 Reply Last reply Reply Quote 0
      • pmonchoP
        pmoncho @WrCombs
        last edited by

        @WrCombs said in how does this work? Modems/IPs/PCI Scans:

        @WrCombs said in how does this work? Modems/IPs/PCI Scans:

        @pmoncho said in how does this work? Modems/IPs/PCI Scans:

        @WrCombs said in how does this work? Modems/IPs/PCI Scans:

        Forgive the newbness ; But the way I understand this is: the Modem gives off the public IP - right?
        then the devices behind the modem are under that public IP - right?
        and then the firewall (router) give the Devices Private IP's.

        For example; PCI scans scan the public IP ; not individual device IPs- Right?
        so if there are 2 computers in an office; one handles credit cards, is behind a hardware firewall (is as compliant as you can be for this example ) and the other is not behind the hardware firewall (that the other Device is behind) but behind it's own. They scan the Public Ip and get a response from That PC - Right?
        fail their test and then blame the other device (because thats the one they want to scan) and we have to some how magically fix it.

        If this is wrong, I apologize. this is the way I understand it, and this is the way it's been explained to me.

        Configuration of the FW means everything in this situation.

        Very simple setup with only a single IP assigned from ISP.

        Internet -> ISP modem -> Your Firewall (Your first assigned Public IP address they give you) -> Internal devices (LAN IP address).

        In this situation, typically you will have many devices behind a single FW/Router and they will use a NAT mode called 1-to-many. To the world all devices will have your FW Public IP if you google "Whats my IP"

        If this is your situation, without any other configuration, when PCI scans your Public IP it will hit your FW, not an internal device, computer one or two.

        The configuration can go a bunch of different ways from the above and without knowing that, it is hard to tell you when or if (in your question) computer 2 will be scanned by PCI.

        So the question is, does your FW/Router setup to do any other form of Network Address Translation (NAT) or Port Address Translation (PAT) or both?

        If they want to scan your computer 2, your FW (if there is one) in front of computer 2 needs to be configured properly.

        I have no way to check that;
        I will keep that in mind.

        in this situation, the 2nd PC (computer 2) is not behind any firewall, but a ISP provided modem and store bought router, not used for credit cards, but using the same modem.

        side note I know that this is bad practice ; absolutely ridiculous that both of them are on the same network and one is not using the firewall; I understand this. My boss said this is how we do things, Because we protect our PC (for credit cards) even though I know it's wrong, It is what my boss said..

        That's fine. They just have the networks separated (I was a little confused but understand a little more now).

        Are one of these Firewalls or Routers wireless?
        Is there wireless on the ISP modem?
        If neither of the above, does the ISP modem have two separate cables going from WAN to LAN?

        All of this is fine and will dictate how and external device (PCI scanner) gets correctly routed to the 1st and 2nd PC's as it seems like they are on separate networks.

        WrCombsW 1 Reply Last reply Reply Quote 0
        • WrCombsW
          WrCombs @pmoncho
          last edited by

          @pmoncho said in how does this work? Modems/IPs/PCI Scans:

          @WrCombs said in how does this work? Modems/IPs/PCI Scans:

          @WrCombs said in how does this work? Modems/IPs/PCI Scans:

          @pmoncho said in how does this work? Modems/IPs/PCI Scans:

          @WrCombs said in how does this work? Modems/IPs/PCI Scans:

          Forgive the newbness ; But the way I understand this is: the Modem gives off the public IP - right?
          then the devices behind the modem are under that public IP - right?
          and then the firewall (router) give the Devices Private IP's.

          For example; PCI scans scan the public IP ; not individual device IPs- Right?
          so if there are 2 computers in an office; one handles credit cards, is behind a hardware firewall (is as compliant as you can be for this example ) and the other is not behind the hardware firewall (that the other Device is behind) but behind it's own. They scan the Public Ip and get a response from That PC - Right?
          fail their test and then blame the other device (because thats the one they want to scan) and we have to some how magically fix it.

          If this is wrong, I apologize. this is the way I understand it, and this is the way it's been explained to me.

          Configuration of the FW means everything in this situation.

          Very simple setup with only a single IP assigned from ISP.

          Internet -> ISP modem -> Your Firewall (Your first assigned Public IP address they give you) -> Internal devices (LAN IP address).

          In this situation, typically you will have many devices behind a single FW/Router and they will use a NAT mode called 1-to-many. To the world all devices will have your FW Public IP if you google "Whats my IP"

          If this is your situation, without any other configuration, when PCI scans your Public IP it will hit your FW, not an internal device, computer one or two.

          The configuration can go a bunch of different ways from the above and without knowing that, it is hard to tell you when or if (in your question) computer 2 will be scanned by PCI.

          So the question is, does your FW/Router setup to do any other form of Network Address Translation (NAT) or Port Address Translation (PAT) or both?

          If they want to scan your computer 2, your FW (if there is one) in front of computer 2 needs to be configured properly.

          I have no way to check that;
          I will keep that in mind.

          in this situation, the 2nd PC (computer 2) is not behind any firewall, but a ISP provided modem and store bought router, not used for credit cards, but using the same modem.

          side note I know that this is bad practice ; absolutely ridiculous that both of them are on the same network and one is not using the firewall; I understand this. My boss said this is how we do things, Because we protect our PC (for credit cards) even though I know it's wrong, It is what my boss said..

          That's fine. They just have the networks separated (I was a little confused but understand a little more now).

          Are one of these Firewalls or Routers wireless?
          Is there wireless on the ISP modem?
          If neither of the above, does the ISP modem have two separate cables going from WAN to LAN?

          All of this is fine and will dictate how and external device (PCI scanner) gets correctly routed to the 1st and 2nd PC's as it seems like they are on separate networks.

          i think one of them in wireless, and from my understanding they're are 2 cables from ISP Modem.

          pmonchoP 1 Reply Last reply Reply Quote 0
          • pmonchoP
            pmoncho @WrCombs
            last edited by

            @WrCombs said in how does this work? Modems/IPs/PCI Scans:

            @pmoncho said in how does this work? Modems/IPs/PCI Scans:

            @WrCombs said in how does this work? Modems/IPs/PCI Scans:

            @WrCombs said in how does this work? Modems/IPs/PCI Scans:

            @pmoncho said in how does this work? Modems/IPs/PCI Scans:

            @WrCombs said in how does this work? Modems/IPs/PCI Scans:

            Forgive the newbness ; But the way I understand this is: the Modem gives off the public IP - right?
            then the devices behind the modem are under that public IP - right?
            and then the firewall (router) give the Devices Private IP's.

            For example; PCI scans scan the public IP ; not individual device IPs- Right?
            so if there are 2 computers in an office; one handles credit cards, is behind a hardware firewall (is as compliant as you can be for this example ) and the other is not behind the hardware firewall (that the other Device is behind) but behind it's own. They scan the Public Ip and get a response from That PC - Right?
            fail their test and then blame the other device (because thats the one they want to scan) and we have to some how magically fix it.

            If this is wrong, I apologize. this is the way I understand it, and this is the way it's been explained to me.

            Configuration of the FW means everything in this situation.

            Very simple setup with only a single IP assigned from ISP.

            Internet -> ISP modem -> Your Firewall (Your first assigned Public IP address they give you) -> Internal devices (LAN IP address).

            In this situation, typically you will have many devices behind a single FW/Router and they will use a NAT mode called 1-to-many. To the world all devices will have your FW Public IP if you google "Whats my IP"

            If this is your situation, without any other configuration, when PCI scans your Public IP it will hit your FW, not an internal device, computer one or two.

            The configuration can go a bunch of different ways from the above and without knowing that, it is hard to tell you when or if (in your question) computer 2 will be scanned by PCI.

            So the question is, does your FW/Router setup to do any other form of Network Address Translation (NAT) or Port Address Translation (PAT) or both?

            If they want to scan your computer 2, your FW (if there is one) in front of computer 2 needs to be configured properly.

            I have no way to check that;
            I will keep that in mind.

            in this situation, the 2nd PC (computer 2) is not behind any firewall, but a ISP provided modem and store bought router, not used for credit cards, but using the same modem.

            side note I know that this is bad practice ; absolutely ridiculous that both of them are on the same network and one is not using the firewall; I understand this. My boss said this is how we do things, Because we protect our PC (for credit cards) even though I know it's wrong, It is what my boss said..

            That's fine. They just have the networks separated (I was a little confused but understand a little more now).

            Are one of these Firewalls or Routers wireless?
            Is there wireless on the ISP modem?
            If neither of the above, does the ISP modem have two separate cables going from WAN to LAN?

            All of this is fine and will dictate how and external device (PCI scanner) gets correctly routed to the 1st and 2nd PC's as it seems like they are on separate networks.

            i think one of them in wireless, and from my understanding they're are 2 cables from ISP Modem.

            Wireless would explain it then (best guess here). The 2 cables may be one in and one out (WAN side and LAN side).

            Are both of the PC's on the same network (e.g. 192.168.1.x/24)? (should have asked this first)

            WrCombsW 1 Reply Last reply Reply Quote 0
            • WrCombsW
              WrCombs @pmoncho
              last edited by

              @pmoncho said in how does this work? Modems/IPs/PCI Scans:

              @WrCombs said in how does this work? Modems/IPs/PCI Scans:

              @pmoncho said in how does this work? Modems/IPs/PCI Scans:

              @WrCombs said in how does this work? Modems/IPs/PCI Scans:

              @WrCombs said in how does this work? Modems/IPs/PCI Scans:

              @pmoncho said in how does this work? Modems/IPs/PCI Scans:

              @WrCombs said in how does this work? Modems/IPs/PCI Scans:

              Forgive the newbness ; But the way I understand this is: the Modem gives off the public IP - right?
              then the devices behind the modem are under that public IP - right?
              and then the firewall (router) give the Devices Private IP's.

              For example; PCI scans scan the public IP ; not individual device IPs- Right?
              so if there are 2 computers in an office; one handles credit cards, is behind a hardware firewall (is as compliant as you can be for this example ) and the other is not behind the hardware firewall (that the other Device is behind) but behind it's own. They scan the Public Ip and get a response from That PC - Right?
              fail their test and then blame the other device (because thats the one they want to scan) and we have to some how magically fix it.

              If this is wrong, I apologize. this is the way I understand it, and this is the way it's been explained to me.

              Configuration of the FW means everything in this situation.

              Very simple setup with only a single IP assigned from ISP.

              Internet -> ISP modem -> Your Firewall (Your first assigned Public IP address they give you) -> Internal devices (LAN IP address).

              In this situation, typically you will have many devices behind a single FW/Router and they will use a NAT mode called 1-to-many. To the world all devices will have your FW Public IP if you google "Whats my IP"

              If this is your situation, without any other configuration, when PCI scans your Public IP it will hit your FW, not an internal device, computer one or two.

              The configuration can go a bunch of different ways from the above and without knowing that, it is hard to tell you when or if (in your question) computer 2 will be scanned by PCI.

              So the question is, does your FW/Router setup to do any other form of Network Address Translation (NAT) or Port Address Translation (PAT) or both?

              If they want to scan your computer 2, your FW (if there is one) in front of computer 2 needs to be configured properly.

              I have no way to check that;
              I will keep that in mind.

              in this situation, the 2nd PC (computer 2) is not behind any firewall, but a ISP provided modem and store bought router, not used for credit cards, but using the same modem.

              side note I know that this is bad practice ; absolutely ridiculous that both of them are on the same network and one is not using the firewall; I understand this. My boss said this is how we do things, Because we protect our PC (for credit cards) even though I know it's wrong, It is what my boss said..

              That's fine. They just have the networks separated (I was a little confused but understand a little more now).

              Are one of these Firewalls or Routers wireless?
              Is there wireless on the ISP modem?
              If neither of the above, does the ISP modem have two separate cables going from WAN to LAN?

              All of this is fine and will dictate how and external device (PCI scanner) gets correctly routed to the 1st and 2nd PC's as it seems like they are on separate networks.

              i think one of them in wireless, and from my understanding they're are 2 cables from ISP Modem.

              Wireless would explain it then (best guess here). The 2 cables may be one in and one out (WAN side and LAN side).

              Are both of the PC's on the same network (e.g. 192.168.1.x/24)? (should have asked this first)

              not to my knowledge.

              WrCombsW 1 Reply Last reply Reply Quote 0
              • WrCombsW
                WrCombs @WrCombs
                last edited by

                @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                @pmoncho said in how does this work? Modems/IPs/PCI Scans:

                @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                @pmoncho said in how does this work? Modems/IPs/PCI Scans:

                @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                @pmoncho said in how does this work? Modems/IPs/PCI Scans:

                @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                Forgive the newbness ; But the way I understand this is: the Modem gives off the public IP - right?
                then the devices behind the modem are under that public IP - right?
                and then the firewall (router) give the Devices Private IP's.

                For example; PCI scans scan the public IP ; not individual device IPs- Right?
                so if there are 2 computers in an office; one handles credit cards, is behind a hardware firewall (is as compliant as you can be for this example ) and the other is not behind the hardware firewall (that the other Device is behind) but behind it's own. They scan the Public Ip and get a response from That PC - Right?
                fail their test and then blame the other device (because thats the one they want to scan) and we have to some how magically fix it.

                If this is wrong, I apologize. this is the way I understand it, and this is the way it's been explained to me.

                Configuration of the FW means everything in this situation.

                Very simple setup with only a single IP assigned from ISP.

                Internet -> ISP modem -> Your Firewall (Your first assigned Public IP address they give you) -> Internal devices (LAN IP address).

                In this situation, typically you will have many devices behind a single FW/Router and they will use a NAT mode called 1-to-many. To the world all devices will have your FW Public IP if you google "Whats my IP"

                If this is your situation, without any other configuration, when PCI scans your Public IP it will hit your FW, not an internal device, computer one or two.

                The configuration can go a bunch of different ways from the above and without knowing that, it is hard to tell you when or if (in your question) computer 2 will be scanned by PCI.

                So the question is, does your FW/Router setup to do any other form of Network Address Translation (NAT) or Port Address Translation (PAT) or both?

                If they want to scan your computer 2, your FW (if there is one) in front of computer 2 needs to be configured properly.

                I have no way to check that;
                I will keep that in mind.

                in this situation, the 2nd PC (computer 2) is not behind any firewall, but a ISP provided modem and store bought router, not used for credit cards, but using the same modem.

                side note I know that this is bad practice ; absolutely ridiculous that both of them are on the same network and one is not using the firewall; I understand this. My boss said this is how we do things, Because we protect our PC (for credit cards) even though I know it's wrong, It is what my boss said..

                That's fine. They just have the networks separated (I was a little confused but understand a little more now).

                Are one of these Firewalls or Routers wireless?
                Is there wireless on the ISP modem?
                If neither of the above, does the ISP modem have two separate cables going from WAN to LAN?

                All of this is fine and will dictate how and external device (PCI scanner) gets correctly routed to the 1st and 2nd PC's as it seems like they are on separate networks.

                i think one of them in wireless, and from my understanding they're are 2 cables from ISP Modem.

                Wireless would explain it then (best guess here). The 2 cables may be one in and one out (WAN side and LAN side).

                Are both of the PC's on the same network (e.g. 192.168.1.x/24)? (should have asked this first)

                not to my knowledge.

                expanding:

                1. is on 192.168.168.x

                2. is on 10.1.100.x (i believe)

                IRJI 1 Reply Last reply Reply Quote 0
                • IRJI
                  IRJ @WrCombs
                  last edited by

                  @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                  @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                  @pmoncho said in how does this work? Modems/IPs/PCI Scans:

                  @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                  @pmoncho said in how does this work? Modems/IPs/PCI Scans:

                  @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                  @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                  @pmoncho said in how does this work? Modems/IPs/PCI Scans:

                  @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                  Forgive the newbness ; But the way I understand this is: the Modem gives off the public IP - right?
                  then the devices behind the modem are under that public IP - right?
                  and then the firewall (router) give the Devices Private IP's.

                  For example; PCI scans scan the public IP ; not individual device IPs- Right?
                  so if there are 2 computers in an office; one handles credit cards, is behind a hardware firewall (is as compliant as you can be for this example ) and the other is not behind the hardware firewall (that the other Device is behind) but behind it's own. They scan the Public Ip and get a response from That PC - Right?
                  fail their test and then blame the other device (because thats the one they want to scan) and we have to some how magically fix it.

                  If this is wrong, I apologize. this is the way I understand it, and this is the way it's been explained to me.

                  Configuration of the FW means everything in this situation.

                  Very simple setup with only a single IP assigned from ISP.

                  Internet -> ISP modem -> Your Firewall (Your first assigned Public IP address they give you) -> Internal devices (LAN IP address).

                  In this situation, typically you will have many devices behind a single FW/Router and they will use a NAT mode called 1-to-many. To the world all devices will have your FW Public IP if you google "Whats my IP"

                  If this is your situation, without any other configuration, when PCI scans your Public IP it will hit your FW, not an internal device, computer one or two.

                  The configuration can go a bunch of different ways from the above and without knowing that, it is hard to tell you when or if (in your question) computer 2 will be scanned by PCI.

                  So the question is, does your FW/Router setup to do any other form of Network Address Translation (NAT) or Port Address Translation (PAT) or both?

                  If they want to scan your computer 2, your FW (if there is one) in front of computer 2 needs to be configured properly.

                  I have no way to check that;
                  I will keep that in mind.

                  in this situation, the 2nd PC (computer 2) is not behind any firewall, but a ISP provided modem and store bought router, not used for credit cards, but using the same modem.

                  side note I know that this is bad practice ; absolutely ridiculous that both of them are on the same network and one is not using the firewall; I understand this. My boss said this is how we do things, Because we protect our PC (for credit cards) even though I know it's wrong, It is what my boss said..

                  That's fine. They just have the networks separated (I was a little confused but understand a little more now).

                  Are one of these Firewalls or Routers wireless?
                  Is there wireless on the ISP modem?
                  If neither of the above, does the ISP modem have two separate cables going from WAN to LAN?

                  All of this is fine and will dictate how and external device (PCI scanner) gets correctly routed to the 1st and 2nd PC's as it seems like they are on separate networks.

                  i think one of them in wireless, and from my understanding they're are 2 cables from ISP Modem.

                  Wireless would explain it then (best guess here). The 2 cables may be one in and one out (WAN side and LAN side).

                  Are both of the PC's on the same network (e.g. 192.168.1.x/24)? (should have asked this first)

                  not to my knowledge.

                  expanding:

                  1. is on 192.168.168.x

                  2. is on 10.1.100.x (i believe)

                  Separate networks or vlans is common for wireless and wired networks.

                  I think your actual question is about how a single public IP address can be used for many private IP addresses? Is this your question?

                  WrCombsW 1 Reply Last reply Reply Quote 0
                  • IRJI
                    IRJ
                    last edited by

                    Youtube Video

                    1 Reply Last reply Reply Quote 0
                    • WrCombsW
                      WrCombs @IRJ
                      last edited by

                      @IRJ said in how does this work? Modems/IPs/PCI Scans:

                      @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                      @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                      @pmoncho said in how does this work? Modems/IPs/PCI Scans:

                      @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                      @pmoncho said in how does this work? Modems/IPs/PCI Scans:

                      @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                      @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                      @pmoncho said in how does this work? Modems/IPs/PCI Scans:

                      @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                      Forgive the newbness ; But the way I understand this is: the Modem gives off the public IP - right?
                      then the devices behind the modem are under that public IP - right?
                      and then the firewall (router) give the Devices Private IP's.

                      For example; PCI scans scan the public IP ; not individual device IPs- Right?
                      so if there are 2 computers in an office; one handles credit cards, is behind a hardware firewall (is as compliant as you can be for this example ) and the other is not behind the hardware firewall (that the other Device is behind) but behind it's own. They scan the Public Ip and get a response from That PC - Right?
                      fail their test and then blame the other device (because thats the one they want to scan) and we have to some how magically fix it.

                      If this is wrong, I apologize. this is the way I understand it, and this is the way it's been explained to me.

                      Configuration of the FW means everything in this situation.

                      Very simple setup with only a single IP assigned from ISP.

                      Internet -> ISP modem -> Your Firewall (Your first assigned Public IP address they give you) -> Internal devices (LAN IP address).

                      In this situation, typically you will have many devices behind a single FW/Router and they will use a NAT mode called 1-to-many. To the world all devices will have your FW Public IP if you google "Whats my IP"

                      If this is your situation, without any other configuration, when PCI scans your Public IP it will hit your FW, not an internal device, computer one or two.

                      The configuration can go a bunch of different ways from the above and without knowing that, it is hard to tell you when or if (in your question) computer 2 will be scanned by PCI.

                      So the question is, does your FW/Router setup to do any other form of Network Address Translation (NAT) or Port Address Translation (PAT) or both?

                      If they want to scan your computer 2, your FW (if there is one) in front of computer 2 needs to be configured properly.

                      I have no way to check that;
                      I will keep that in mind.

                      in this situation, the 2nd PC (computer 2) is not behind any firewall, but a ISP provided modem and store bought router, not used for credit cards, but using the same modem.

                      side note I know that this is bad practice ; absolutely ridiculous that both of them are on the same network and one is not using the firewall; I understand this. My boss said this is how we do things, Because we protect our PC (for credit cards) even though I know it's wrong, It is what my boss said..

                      That's fine. They just have the networks separated (I was a little confused but understand a little more now).

                      Are one of these Firewalls or Routers wireless?
                      Is there wireless on the ISP modem?
                      If neither of the above, does the ISP modem have two separate cables going from WAN to LAN?

                      All of this is fine and will dictate how and external device (PCI scanner) gets correctly routed to the 1st and 2nd PC's as it seems like they are on separate networks.

                      i think one of them in wireless, and from my understanding they're are 2 cables from ISP Modem.

                      Wireless would explain it then (best guess here). The 2 cables may be one in and one out (WAN side and LAN side).

                      Are both of the PC's on the same network (e.g. 192.168.1.x/24)? (should have asked this first)

                      not to my knowledge.

                      expanding:

                      1. is on 192.168.168.x

                      2. is on 10.1.100.x (i believe)

                      Separate networks or vlans is common for wireless and wired networks.

                      I think your actual question is about how a single public IP address can be used for many private IP addresses? Is this your question?

                      The question Im thinking of is : Does a Modem give off a single IP , that when scanned could pick up other Devices that are not behind a dedicated firewall? (i.e. another device on the network that is not considered PCI compliant)

                      IRJI 1 Reply Last reply Reply Quote 0
                      • IRJI
                        IRJ @WrCombs
                        last edited by

                        @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                        @IRJ said in how does this work? Modems/IPs/PCI Scans:

                        @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                        @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                        @pmoncho said in how does this work? Modems/IPs/PCI Scans:

                        @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                        @pmoncho said in how does this work? Modems/IPs/PCI Scans:

                        @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                        @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                        @pmoncho said in how does this work? Modems/IPs/PCI Scans:

                        @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                        Forgive the newbness ; But the way I understand this is: the Modem gives off the public IP - right?
                        then the devices behind the modem are under that public IP - right?
                        and then the firewall (router) give the Devices Private IP's.

                        For example; PCI scans scan the public IP ; not individual device IPs- Right?
                        so if there are 2 computers in an office; one handles credit cards, is behind a hardware firewall (is as compliant as you can be for this example ) and the other is not behind the hardware firewall (that the other Device is behind) but behind it's own. They scan the Public Ip and get a response from That PC - Right?
                        fail their test and then blame the other device (because thats the one they want to scan) and we have to some how magically fix it.

                        If this is wrong, I apologize. this is the way I understand it, and this is the way it's been explained to me.

                        Configuration of the FW means everything in this situation.

                        Very simple setup with only a single IP assigned from ISP.

                        Internet -> ISP modem -> Your Firewall (Your first assigned Public IP address they give you) -> Internal devices (LAN IP address).

                        In this situation, typically you will have many devices behind a single FW/Router and they will use a NAT mode called 1-to-many. To the world all devices will have your FW Public IP if you google "Whats my IP"

                        If this is your situation, without any other configuration, when PCI scans your Public IP it will hit your FW, not an internal device, computer one or two.

                        The configuration can go a bunch of different ways from the above and without knowing that, it is hard to tell you when or if (in your question) computer 2 will be scanned by PCI.

                        So the question is, does your FW/Router setup to do any other form of Network Address Translation (NAT) or Port Address Translation (PAT) or both?

                        If they want to scan your computer 2, your FW (if there is one) in front of computer 2 needs to be configured properly.

                        I have no way to check that;
                        I will keep that in mind.

                        in this situation, the 2nd PC (computer 2) is not behind any firewall, but a ISP provided modem and store bought router, not used for credit cards, but using the same modem.

                        side note I know that this is bad practice ; absolutely ridiculous that both of them are on the same network and one is not using the firewall; I understand this. My boss said this is how we do things, Because we protect our PC (for credit cards) even though I know it's wrong, It is what my boss said..

                        That's fine. They just have the networks separated (I was a little confused but understand a little more now).

                        Are one of these Firewalls or Routers wireless?
                        Is there wireless on the ISP modem?
                        If neither of the above, does the ISP modem have two separate cables going from WAN to LAN?

                        All of this is fine and will dictate how and external device (PCI scanner) gets correctly routed to the 1st and 2nd PC's as it seems like they are on separate networks.

                        i think one of them in wireless, and from my understanding they're are 2 cables from ISP Modem.

                        Wireless would explain it then (best guess here). The 2 cables may be one in and one out (WAN side and LAN side).

                        Are both of the PC's on the same network (e.g. 192.168.1.x/24)? (should have asked this first)

                        not to my knowledge.

                        expanding:

                        1. is on 192.168.168.x

                        2. is on 10.1.100.x (i believe)

                        Separate networks or vlans is common for wireless and wired networks.

                        I think your actual question is about how a single public IP address can be used for many private IP addresses? Is this your question?

                        The question Im thinking of is : Does a Modem give off a single IP , that when scanned could pick up other Devices that are not behind a dedicated firewall? (i.e. another device on the network that is not considered PCI compliant)

                        When scanning from the internet, you will only be able to see public IPs

                        192.168.x.x and 10.x .x.x wil always be private IPs and not accessible through the internet. However, through NAT through are about communicate outbound through the public IP located at the modem. You can also expose them inbound by using port forwarding.

                        1 Reply Last reply Reply Quote 1
                        • IRJI
                          IRJ
                          last edited by

                          You should watch that video on NAT that I posted. That will expand further on what I said.

                          1 Reply Last reply Reply Quote 0
                          • 1
                            1337
                            last edited by

                            When you say "modem" what do you mean exactly? What is it connected to?

                            WrCombsW 1 Reply Last reply Reply Quote 0
                            • WrCombsW
                              WrCombs @1337
                              last edited by

                              @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                              When you say "modem" what do you mean exactly? What is it connected to?

                              This question confuses me.
                              A modem is a modem, right? connects to the Cable and becomes internet through FM

                              1 1 Reply Last reply Reply Quote 0
                              • 1
                                1337 @WrCombs
                                last edited by 1337

                                @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                When you say "modem" what do you mean exactly? What is it connected to?

                                This question confuses me.
                                A modem is a modem, right? connects to the Cable and becomes internet through FM

                                A modem is a modulator/demodulator. But there are many types of modems and some modems are not modems at all. People who don't know better just call them that. That's why I asked.

                                WrCombsW 1 Reply Last reply Reply Quote 1
                                • WrCombsW
                                  WrCombs @1337
                                  last edited by

                                  @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                  @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                  @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                  When you say "modem" what do you mean exactly? What is it connected to?

                                  This question confuses me.
                                  A modem is a modem, right? connects to the Cable and becomes internet through FM

                                  A modem is a modulator/demodulator. But there are many types of modems and some modems are not modems at all. People who don't know better just call them that. That's why I asked.

                                  in this case, a Cable Modem would be a modem or no?

                                  It's taking in the cable signal then changing it an internet connection or no?

                                  1 1 Reply Last reply Reply Quote 0
                                  • 1
                                    1337 @WrCombs
                                    last edited by 1337

                                    @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                    @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                    @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                    @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                    When you say "modem" what do you mean exactly? What is it connected to?

                                    This question confuses me.
                                    A modem is a modem, right? connects to the Cable and becomes internet through FM

                                    A modem is a modulator/demodulator. But there are many types of modems and some modems are not modems at all. People who don't know better just call them that. That's why I asked.

                                    in this case, a Cable Modem would be a modem or no?

                                    It's taking in the cable signal then changing it an internet connection or no?

                                    Yes. Cable mode is a modem.

                                    But there could be two types of very similar devices,

                                    • cable modem that will work as a network bridge. Meaning it is transparent on the network.
                                    • cable modem with built in router, works as a router. Will do things on the network.

                                    Some devices are multi-purpose and can be run in bridge mode or in router mode.

                                    WrCombsW 1 Reply Last reply Reply Quote 0
                                    • WrCombsW
                                      WrCombs @1337
                                      last edited by

                                      @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                      @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                      @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                      @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                      @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                      When you say "modem" what do you mean exactly? What is it connected to?

                                      This question confuses me.
                                      A modem is a modem, right? connects to the Cable and becomes internet through FM

                                      A modem is a modulator/demodulator. But there are many types of modems and some modems are not modems at all. People who don't know better just call them that. That's why I asked.

                                      in this case, a Cable Modem would be a modem or no?

                                      It's taking in the cable signal then changing it an internet connection or no?

                                      Yes. Cable mode is a modem.

                                      But there could be two types of very similar devices,

                                      • cable modem that will work as a network bridge. Meaning it is transparent on the network.
                                      • cable modem with built in router, works as a router. Will do things on the network.

                                      Some devices are multi-purpose and can be run in bridge mode or in router mode.

                                      I would have to look into the modem to see if it has built in router.
                                      most cable modems, at least these days, have built in routers though, so i'm going to go with yes, it has a built in router.

                                      1 1 Reply Last reply Reply Quote 0
                                      • 1
                                        1337 @WrCombs
                                        last edited by 1337

                                        @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                        @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                        @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                        @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                        @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                        @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                        When you say "modem" what do you mean exactly? What is it connected to?

                                        This question confuses me.
                                        A modem is a modem, right? connects to the Cable and becomes internet through FM

                                        A modem is a modulator/demodulator. But there are many types of modems and some modems are not modems at all. People who don't know better just call them that. That's why I asked.

                                        in this case, a Cable Modem would be a modem or no?

                                        It's taking in the cable signal then changing it an internet connection or no?

                                        Yes. Cable mode is a modem.

                                        But there could be two types of very similar devices,

                                        • cable modem that will work as a network bridge. Meaning it is transparent on the network.
                                        • cable modem with built in router, works as a router. Will do things on the network.

                                        Some devices are multi-purpose and can be run in bridge mode or in router mode.

                                        I would have to look into the modem to see if it has built in router.
                                        most cable modems, at least these days, have built in routers though, so i'm going to go with yes, it has a built in router.

                                        In router mode

                                        If it's in router mode you will likely have:
                                        IP given to you by ISP -> cable router -> IP handed out from cable router -> FW -> IP handed out from FW -> PC
                                        Also called double NAT. The original IP address get translated into another IP address two times.

                                        In bridge mode

                                        IP given to you by ISP -> cable modem -> IP given to you by ISP -> FW -> IP handed out from FW -> PC
                                        The original IP address get translated into another IP address one time (in the FW).

                                        I say "IP given to you by ISP" instead of public IP because in some cases it might not be a public IP at all. It depends on the ISP. It's probably most likely to encounter this on cellular networks or where it is unlikely that you host servers and have incoming traffic.

                                        WrCombsW 1 Reply Last reply Reply Quote 0
                                        • WrCombsW
                                          WrCombs @1337
                                          last edited by

                                          @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                          @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                          @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                          @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                          @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                          @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                          @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                          When you say "modem" what do you mean exactly? What is it connected to?

                                          This question confuses me.
                                          A modem is a modem, right? connects to the Cable and becomes internet through FM

                                          A modem is a modulator/demodulator. But there are many types of modems and some modems are not modems at all. People who don't know better just call them that. That's why I asked.

                                          in this case, a Cable Modem would be a modem or no?

                                          It's taking in the cable signal then changing it an internet connection or no?

                                          Yes. Cable mode is a modem.

                                          But there could be two types of very similar devices,

                                          • cable modem that will work as a network bridge. Meaning it is transparent on the network.
                                          • cable modem with built in router, works as a router. Will do things on the network.

                                          Some devices are multi-purpose and can be run in bridge mode or in router mode.

                                          I would have to look into the modem to see if it has built in router.
                                          most cable modems, at least these days, have built in routers though, so i'm going to go with yes, it has a built in router.

                                          In router mode

                                          If it's in router mode you will likely have:
                                          IP given to you by ISP -> cable router -> IP handed out from cable router -> FW -> IP handed out from FW -> PC
                                          Also called double NAT.

                                          In bridge mode

                                          IP given to you by ISP -> cable modem -> IP given to you by ISP -> FW -> IP handed out from FW -> PC

                                          I say "IP given to you by ISP" instead of public IP because in some cases it might not be a public IP at all. It depends on the ISP.

                                          so, what i'm taking from all of this is ; if a PCI scan was done on the site, with 2 pcs, one behind a fw
                                          (IP given to you by ISP -> cable router -> IP handed out from cable router -> FW -> IP handed out from FW -> PC)
                                          and one not
                                          (IP given to you by ISP -> cable router -> IP handed out from cable router ->PC)

                                          then chances are it's scanning the right PC and the fail is on the FW - right?

                                          1 1 Reply Last reply Reply Quote 0
                                          • 1
                                            1337 @WrCombs
                                            last edited by 1337

                                            @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                            @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                            @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                            @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                            @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                            @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                            @WrCombs said in how does this work? Modems/IPs/PCI Scans:

                                            @Pete-S said in how does this work? Modems/IPs/PCI Scans:

                                            When you say "modem" what do you mean exactly? What is it connected to?

                                            This question confuses me.
                                            A modem is a modem, right? connects to the Cable and becomes internet through FM

                                            A modem is a modulator/demodulator. But there are many types of modems and some modems are not modems at all. People who don't know better just call them that. That's why I asked.

                                            in this case, a Cable Modem would be a modem or no?

                                            It's taking in the cable signal then changing it an internet connection or no?

                                            Yes. Cable mode is a modem.

                                            But there could be two types of very similar devices,

                                            • cable modem that will work as a network bridge. Meaning it is transparent on the network.
                                            • cable modem with built in router, works as a router. Will do things on the network.

                                            Some devices are multi-purpose and can be run in bridge mode or in router mode.

                                            I would have to look into the modem to see if it has built in router.
                                            most cable modems, at least these days, have built in routers though, so i'm going to go with yes, it has a built in router.

                                            In router mode

                                            If it's in router mode you will likely have:
                                            IP given to you by ISP -> cable router -> IP handed out from cable router -> FW -> IP handed out from FW -> PC
                                            Also called double NAT.

                                            In bridge mode

                                            IP given to you by ISP -> cable modem -> IP given to you by ISP -> FW -> IP handed out from FW -> PC

                                            I say "IP given to you by ISP" instead of public IP because in some cases it might not be a public IP at all. It depends on the ISP.

                                            so, what i'm taking from all of this is ; if a PCI scan was done on the site, with 2 pcs, one behind a fw
                                            (IP given to you by ISP -> cable router -> IP handed out from cable router -> FW -> IP handed out from FW -> PC)
                                            and one not
                                            (IP given to you by ISP -> cable router -> IP handed out from cable router ->PC)

                                            then chances are it's scanning the right PC and the fail is on the FW - right?

                                            It can only scan the device that answers the IP it is scanning.

                                            So it will scan the cable router if it's in routing mode.
                                            It will scan the firewall if the cable modem is in bridge mode.

                                            If you have set up port forwarding in either one however, those scans will also be forwarded.

                                            WrCombsW 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 1 / 2
                                            • First post
                                              Last post