How do I keep networks separate.

Hi all, I have a question concerning a network job. My customer is in a small office building with a cable internet connection. There are 4 different  companys in this building. They are all gonna share the cable internet connection via 4-port router and a 8 port switch. For a total of 7 pc's. Currently, only 4 of the PC's are gonna be networked. My question is: How is the best way to keep the other computers from accessing the 4 computers that are networked?

Desktop1-no network/Internet connection
Desktop4-no network/Internet connection
etc.

Networked w/file sharing:
Desktop2
Desktop3
Laptop1
Laptop2

Thanks
mpcmAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

zephyr_hex (Megan)DeveloperCommented:
you will want to create a separate subnet for your client

your client will need his own router (in addition to the shared router).  you will also want a hub.
connect the hub to the cable modem.  your client's router will connect to the hub.  the other router will also connect to the hub.  both routers need to be running DHCP (most routers run this by default).  you will need to make sure the two routers are on different subnets (some routers run at 192.168.0.x by default, others on 192.168.1.x by default.. some on 10.1.0.x, etc) ... so if the two routers are running the same subnet by default, change one of them to something else.

you can then set up the file sharing for your client on his own subnet.
Sam PanwarSr. Server AdministratorCommented:
Hi,

1.You need a router.  That is the only device that can seperate both networks.

2.You can also use the firewall for it Like Zone alarm

3. You can use the diffrenet classes subnet mask means subnetting and make two network like

ip range for Network 1 = 192.168.0.1 - 6
subnet mask 255.255.255.248
Network 2  192.168.0.8 -14
subnet 255.255.255.248
OR
Network:   192.168.0.0/29        11000000.10101000.00000000.00000 000 (Class C)
Broadcast: 192.168.0.7           11000000.10101000.00000000.00000 111
HostMin:   192.168.0.1           11000000.10101000.00000000.00000 001
HostMax:   192.168.0.6           11000000.10101000.00000000.00000 110

But you have to a server class pc betwwen these network and use the routing and remote access in the window server 2003 on the Router instument so didn't need router
(a)Remote and routing access in from window server for both network

 http://support.microsoft.com/default.aspx?scid=kb;en-us;323415


Through the Bridging
http://www.freebsd.org/doc/handbook/network-bridging.html

Subnetting
http://www.windowsnetworking.com/articles_tutorials/Subnetting-Increase-Performance.html
http://www.cit.cornell.edu/computer/support/subsubnetting.html

How to :
http://www.practicallynetworked.com/sharing/separate_nets.htm
cooleditCommented:
hi, there

I would do this through a router and using the VLAN technology.

So like this:

Internet 64.255.x.x

You router outsite interface 192.10.X.X

Your Router inside interface 10.0.X.X

This is need configured on the router as well as the Switch
VLAN 1 management VLAN 10.0.1.X
VLAN 2 Company XX 10.0.2.X
VLAN 3 Company XY 10.0.3.X
VLAN 4 Company XZ 10.0.4.X
VLAN 5 Company XQ 10.0.5.X
VLAN 6 Internet Sharing 10.0.6.X

Assign VLAN per port basis on the switch for each company + Internet Sharing VLAN.
This will make it very simplified to add users to each company afterwords. If the switch you are having does not have layer 3 or is not managed there are cheap ones from Dell a 6024.

Cooledit
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

carl_legereCommented:
get four or more static IP addresses from provider, plug switch/hub into cable internet and each suite gets a ethernet cable with static IP address to be connected to (AT MINIMUM) cheap linksys router and then on to PC's

the risk that suite one can see suite two's PC's and read thier files is about as likely as anyone on the internet hacking in.  NAT running on linksys router will prevent most inbound attacks.

If I moved into a suite I would not want to connect to a ethernet cable with IP address 10.10.x.x and then plug that into a router, because now you are double-natting and much traffic will be blocked or messed with.  Simple web traffic will survive, but not anything more complicated.
mpcmAuthor Commented:
Thanks Everyone for the input. I'm still working on the solution with no money to spare. carl legere can you be a little more exlicit? Are you saying I need a router for each suite?
mpcmAuthor Commented:
Per carl legere. I was bored in server 2003 class. Is this what you are saying?




Cable modem------rj45-----------8-Port switch
                                                 l   l  l  l
                                                 l   l  l  l
                                                 l   l  l  l------static IP 1----------------4-Port Router 1-----------Suite 1 w/1 PC
                                                 l   l  l--------static IP 2----------------4-Port Router 2-----------Suite 2 w/1 PC
                                                 l   l-----------static IP 3---------------4-Port Router 3-----------Suite 3 w/1 PC
                                                 l-------------static IP 4----------------4-Port Router 4-----------Suite 4 w/3 PC's (that will be networked)
                                                                                                        l  l  l
                                                                                                        l  l  l------- PC 3
                                                                                                        l  l----------PC 2
                                                                                                        l------------PC 1
mpcmAuthor Commented:
Zephyr, will a DLink 8 port swith work in place of a hub?
Thanks for your help.
carl_legereCommented:
it is the cheapest easiest form of isolation, plus each office / suite can now have a bunch of PC's

Last lowerend managed switch with vlan separation I bought, it was $83 per port, which is more money than each linksys befsr41

i do like the picture.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Sam PanwarSr. Server AdministratorCommented:
Hi jay_jay -

can user didn't separate network through the subnetting
Jay_Jay70Commented:
Hey mate, sorry, i dont understand what you mean?
Sam PanwarSr. Server AdministratorCommented:
Hi,

Have you read my comment on this so what is wrong with my suggestions
Sam PanwarSr. Server AdministratorCommented:
IT is ok ....

Don't mind if you think that carl_legere answer is better then accept it I didn't mind .....I just ask abt my suggestion And i think its chepeast way to separte any network.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.