On Thu, May 29, 2014 at 11:48 AM, Michael Hennebry hennebry@web.cs.ndsu.nodak.edu wrote:
My modem/router is a PK5001Z from CenturyLink. IIRC a tech support person told me that it uses ppp internally.
The thing looks like a typical NAT router to me. Are you sure you are getting public IP numbers on the LAN side?
With regard to security, I would prefer to trust Windows or the modem/router as little as possible, hence the desire to connect the Windows box to the main box.
I would like to be able to manipulate the main box so that the Windows box is invisible to bad guys, i.e. has no global IP address. I would like to be able to manipulae the main box so that the Windows box cannot connect to the outside world, even through the main box. On exceptional occasions, e.g. updates, I would like to be able to manipulate the main box so that the Windows box can connect to the outside world.
If that is all you want, you should be able to use a private-range subnet to connect the boxes, and run squid as an http proxy when you want the pass-through.