How do I keep networks separate.

Posted on 2006-04-04
Last Modified: 2010-03-19
Hi all, I have a question concerning a network job. My customer is in a small office building with a cable internet connection. There are 4 different  companys in this building. They are all gonna share the cable internet connection via 4-port router and a 8 port switch. For a total of 7 pc's. Currently, only 4 of the PC's are gonna be networked. My question is: How is the best way to keep the other computers from accessing the 4 computers that are networked?

Desktop1-no network/Internet connection
Desktop4-no network/Internet connection

Networked w/file sharing:

Question by:mpcm
    LVL 42

    Expert Comment

    you will want to create a separate subnet for your client

    your client will need his own router (in addition to the shared router).  you will also want a hub.
    connect the hub to the cable modem.  your client's router will connect to the hub.  the other router will also connect to the hub.  both routers need to be running DHCP (most routers run this by default).  you will need to make sure the two routers are on different subnets (some routers run at 192.168.0.x by default, others on 192.168.1.x by default.. some on 10.1.0.x, etc) ... so if the two routers are running the same subnet by default, change one of them to something else.

    you can then set up the file sharing for your client on his own subnet.
    LVL 18

    Expert Comment

    by:Sam Panwar

    1.You need a router.  That is the only device that can seperate both networks.

    2.You can also use the firewall for it Like Zone alarm

    3. You can use the diffrenet classes subnet mask means subnetting and make two network like

    ip range for Network 1 = - 6
    subnet mask
    Network 2 -14
    Network:        11000000.10101000.00000000.00000 000 (Class C)
    Broadcast:           11000000.10101000.00000000.00000 111
    HostMin:           11000000.10101000.00000000.00000 001
    HostMax:           11000000.10101000.00000000.00000 110

    But you have to a server class pc betwwen these network and use the routing and remote access in the window server 2003 on the Router instument so didn't need router
    (a)Remote and routing access in from window server for both network;en-us;323415

    Through the Bridging


    How to :
    LVL 9

    Expert Comment

    hi, there

    I would do this through a router and using the VLAN technology.

    So like this:

    Internet 64.255.x.x

    You router outsite interface 192.10.X.X

    Your Router inside interface 10.0.X.X

    This is need configured on the router as well as the Switch
    VLAN 1 management VLAN 10.0.1.X
    VLAN 2 Company XX 10.0.2.X
    VLAN 3 Company XY 10.0.3.X
    VLAN 4 Company XZ 10.0.4.X
    VLAN 5 Company XQ 10.0.5.X
    VLAN 6 Internet Sharing 10.0.6.X

    Assign VLAN per port basis on the switch for each company + Internet Sharing VLAN.
    This will make it very simplified to add users to each company afterwords. If the switch you are having does not have layer 3 or is not managed there are cheap ones from Dell a 6024.

    LVL 18

    Expert Comment

    get four or more static IP addresses from provider, plug switch/hub into cable internet and each suite gets a ethernet cable with static IP address to be connected to (AT MINIMUM) cheap linksys router and then on to PC's

    the risk that suite one can see suite two's PC's and read thier files is about as likely as anyone on the internet hacking in.  NAT running on linksys router will prevent most inbound attacks.

    If I moved into a suite I would not want to connect to a ethernet cable with IP address 10.10.x.x and then plug that into a router, because now you are double-natting and much traffic will be blocked or messed with.  Simple web traffic will survive, but not anything more complicated.

    Author Comment

    Thanks Everyone for the input. I'm still working on the solution with no money to spare. carl legere can you be a little more exlicit? Are you saying I need a router for each suite?

    Author Comment

    Per carl legere. I was bored in server 2003 class. Is this what you are saying?

    Cable modem------rj45-----------8-Port switch
                                                     l   l  l  l
                                                     l   l  l  l
                                                     l   l  l  l------static IP 1----------------4-Port Router 1-----------Suite 1 w/1 PC
                                                     l   l  l--------static IP 2----------------4-Port Router 2-----------Suite 2 w/1 PC
                                                     l   l-----------static IP 3---------------4-Port Router 3-----------Suite 3 w/1 PC
                                                     l-------------static IP 4----------------4-Port Router 4-----------Suite 4 w/3 PC's (that will be networked)
                                                                                                            l  l  l
                                                                                                            l  l  l------- PC 3
                                                                                                            l  l----------PC 2
                                                                                                            l------------PC 1

    Author Comment

    Zephyr, will a DLink 8 port swith work in place of a hub?
    Thanks for your help.
    LVL 18

    Accepted Solution

    it is the cheapest easiest form of isolation, plus each office / suite can now have a bunch of PC's

    Last lowerend managed switch with vlan separation I bought, it was $83 per port, which is more money than each linksys befsr41

    i do like the picture.
    LVL 18

    Expert Comment

    by:Sam Panwar
    Hi jay_jay -

    can user didn't separate network through the subnetting
    LVL 48

    Expert Comment

    Hey mate, sorry, i dont understand what you mean?
    LVL 18

    Expert Comment

    by:Sam Panwar

    Have you read my comment on this so what is wrong with my suggestions
    LVL 18

    Expert Comment

    by:Sam Panwar
    IT is ok ....

    Don't mind if you think that carl_legere answer is better then accept it I didn't mind .....I just ask abt my suggestion And i think its chepeast way to separte any network.

    Featured Post

    What Is Threat Intelligence?

    Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

    Join & Write a Comment

    This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now