Link to home
Create AccountLog in
Avatar of inflame24
inflame24

asked on

Wireless Network

Hi ,

first question :  case no internet at all

i wanted to do a wireless LAN for like 5 pc's in my office , i will get a WAP but i do not want any connection to the internet

i want the wireless LAN just to let 4 pc's to be able to connect to a Win XP machine that has IIS running to access a webpage on tha machine , or to connect to mysql database

how can i do that ?

Second question:

one of the pcs has sattelite internet connection , if i just want only another pc ( only 1 ) to connect to the internet thru that pc how can i do that ?
to make the picture clear for the second question , there are 5 pcs , pc no.1 is winxp pro running IIS ( webpage ) that i want it to be able to access the sattelite connection with pc number 2 , pc 3,4,5 just want them to able to type the ip address of the winxp to get the homepage and to be able to share only files with pc 1 and 2

thanx
Avatar of MyloPrecarious
MyloPrecarious

Hrm, i don't see a wireless router in the mix.  Is that the case or did you just fail to mention it?
Ok. I recommend you to get a better encription mechanism, WAP is insecure.

Get a wireless router with some options (I assume you already have one, I have a motorola wr850g, a dlink would be fine too). Connect one of the fixed ports (not the WAN port) to the server. If your server is another wireless laptop, you must open some ports on firewall for SQL Server and File & Print sharing on machines with shared folders or printers (assuming you are running SP2; if not, I recommend to get it...)

On the router, look the options you have... sometimes you can filter access, or better, manually edit the connection properties of the machines you don't want to access internet and set them manually, let's say, 192.168.10.2, 192.168.10.3, etc., and add a wrong gateway or not gateway at all. Connect the WAN port to the satellite connection.

For stronger security, I would recommend you to add MAC filtering on the router (almost all routers support that) so no one else can connect easily

That's suppoused to be all...
Avatar of inflame24

ASKER

Well , what exactly do i need to get for doing the first and second question ?



my server is a windows XP Pro  that will have the webpage on IIS and will have the MYSQL database

so what do i need to get to do the first question and what do i need to get to do the second one too


thanx
I'd do it like this.

PC's 1 and 3-5 connect wireless to WAP (wireless access point) and can share files with each other.  PC's 3-5 can access web page on PC1 via wireless.

3----------!
4----------!--------1
5----------!          !
                         !
                         !
                         2------------Internet

PC 1 also has a WIRED cross over direct connect over to PC 2.  PC 1 is in effect dual homed.
PC 2 has Internet Connection Sharing (ICS) running.
PC 2 is dual homed - one to the internal connection over to PC 2 and one to the Sattelite hardware.

To recap, pc's 1 and 3-5 could be IP Network 192.168.2.0/24 (mask 255.255.255.0)
Pc 1 and 2 could have a shared cross over connection and could be 192.168.3.0/24
PC 1 WOULD NOT HAVE ROUTING ENABLED
PC 2 would have the shared cross over on 192.168.3.0/24 and it's other Interface would be whatever public IP from the Sat.  It would have ICS enabled.
*** First Question: ***

Do you have a router or a switch? If you have a switch, buy a wireless router. If you have a router, an access point or a wireless router would be fine.
If none, buy a router. A DLink or Linksys is ok. I have a Motorola wr850 that works fine under normal loads. Having a router allows you to later add an Internet connection (like the satelite).

Do you have wireless adapters on the computers? If not, buy internal PCI for desktops and USB for laptops (get internal cards if you can).

Turn on the router and follow instructions. Probably, you will need a network cable for the setup. Select the higher encription schema you can (Do not use eap because it uses to require a radious server you don't have). Use a good wireless key and write itr down.

Turn on PC's and join them to the wireless network. Depending on security schema, you may have to do settings manunally, like selecting the encription protocol (security, security...)

On the Windows XP that holds iis and sql, you have to open some ports on the Firewall.
The port 80 (http), maybe 110 (https), and add SQL Server to the exeption lists (C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe)

On the computers sharing folders, enable "File & Print sharing".


*** Second Question: ***

If you just plug the WAN port into Internet connection, all your computers will have Internet Access, but as the router has a firewall, the cannot be accessed easily. But if you want to really block internet access, I can recommend you do the following (I'm assuming you are working on a trusted environment, ie, your users are not going to be messing up things):

- i'm using a dhcp network of 192.168.0.x, but some routers uses 192.168.10.x, and some others allows you to set your own.
- You are going to use an IP range for the computers without internet access
- On the DHCP administrator of the router, set the DHCP range to, let's say, 192.168.0.10 to 192.168.0.254
- On the computers that DO NOT not have to have internet access, set IP manually from 192.168.0.2 to 192.168.0.9, and leave DEFAULT GATEWAY EMPTY.
- On the machines that DO have to access internet, let's them use DHCP. You can also set IP manually and add the router ip as the default gateway and DNS server

On this configuration, no machine has to be turned on for accessing internet, and no machine has to be wired to the router/access point.

If you want stronger security, you can collect all the MAC addresses (they are like "00-75-2a-45-34-e2" and you can get them from TCP/IP properties details) and add them to the router's restricted connections (MAC filtering)

Good luck,
Well thanx for you both .

thanx soy , i will try ur method and let u know

thanx
Ok here is what had happened

When i connect 3 pcs , 2 wireless and 1 wired to the linksys wireless router , and after i made a workgroup , when i use WEP i cannot see any of the thre computer in my network place, but when i disable the WEP i can see all of them , why is that ? oi want WEP to be enabled !

Second thing , even when i disable WEP i still cannot access the webpage on one of them using IIS

i let the router assign ips automatically to the pcs


Would u tell me what's the problem here

Thanks
plus the above problem i just wanted to say that the desktop that is wired to the router has an ip 192.168.1.100 but the other 2 wirless ( 1 pc and 1 laptop) has different ip starting i guess with 165.

i dunno why ?!!

thanx
If a machine gets an IP of 169.254.x.x it means it's set up to obtain an IP address automatically, but it can't contact a DHCP server.  Microsoft then assigns them an address automatically from the OS itself, in the hopes of setting up an automatic network without a DHCP server.

So, in a nut shell it means they can't contact the DHCP server and it's having some kind of problem.
ASKER CERTIFIED SOLUTION
Avatar of SoyYop
SoyYop

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
I will check that and let u know

but the point is when i disable the WEP all the pcs are appearing in my network place , just only when i enable back the WEP it disappear


thanx
I guess my problem was the KEY thing , now 4 pcs are workin but i have a problem implementing the wireless on Windows xp laptop ( 2 of them )

i have another question plz

how can i limit access to some pc's in the network to only one person ,  i mean to hide some pcs from all users and show some and at the same time give the super admin the possibilty to see all the pcs and access them thru the network

i tried to choose sharing and i couldn't find a way to specify a user name or specific user to access that folder or that drive
it only says share this with all the user in network

HOW can i do that ?

thanx
What you want is not so easy... don't have a clue now.

But you can specify permissions to deny access to some users. This way you can hide directories inside the share and/or prohibit read access on them. Also, if the sharename includes "$" at the end (secret$), is not shown in the list of public shares.

Is that enough?

On a workgroup, you have to disable "Use Simple File Sharing" in Tools, Folder Options, View. This way you can spoecify users and permissions.

Good luck,