How do I build two seperate networks in my office?

Funny think but you can acctually run different IP networks over the same wire through the same switch and everything... not the most favorable way of doing things but it will work.

Thanks
Scott

Easiest way to accomplish what you want is a simple firewall actually.... or just put both networks into a different swich and never cross connect the 2... I would look into a linux based firewall though like IPcop or smoothwall both will do what you want.

Thanks
Scott

The Netopia router has a firewall in it and it is active, and it also has a 4-port switch on it. I've currently got a Linksys switch hanging off the Netopia's switch as my LAN. So do I need to hang another router/firewall off the Netopia's switch to form the other network? Also, how do I prevent access to this second network from the first network? Thanks.

the only way to protect and still give both segments Internet access would be to be able to have a secondary IP address on the netopia router and I am not aware if they can do that or not.  I have not had a lot of experiance with netopia devices.  Can you provide a model number on the netopia I will look it up and see what it is capable of?

Thanks
Scott Bertsch

I'd actually rather you just tell me the theory behind how this is done (the applying a second IP address to a router)  and I can handle finding out which device  I will need to accomplish it. Thanks!  :)

.... and in the access lists I simply say something like "do not allow any packets into this network from network 1." right?

pretty much... and vise versa that way in order to get there they must go through the gateway... not the prefered way but ecconomical and somewhat safer than running both subnets down the same switch.

Thanks
Scott

Now you confused me. You said "in order to get there they have to go through the gateway." What has to go through the gateway and where is it going?

Traffic;  if you want traffic to pass from one network to the other it would have to go through the gateway.

oh, sorry, totally misunderstood you there. thanks.

Hummm.. this should work: get a 2nd cheap router. have your 'test' network connected to it. assuming your IP address of your router is 10.1.1.1 give the wan port of the 2nd router 10.1.1.2 with a subnet of 255.255.255.252 so the 2nd route only 'sees' the 10.1.1.1 address (default gateway for 2nd router). the 255.255.255.252 will lock it onto only having 2 ip numbers. you can get to the internet but your 'normal' network will be in effect be unreachable due to the subnetting. if your router has an odd number then your wan port would be the number below it. i.e. 10.1.1.5 for your router, your wan port would be 10.1.1.6
ipnote: this subnet is in blocks of 4 with the low number being the network address and higher number being the broadcast address. so you would have to have your addresses end with 1-2 5-6 9-10 13-14 17-18 21-22 25-26 29-30 and so on.
you will need to put the dns numbers on your 2nd router for resolution to the internet. Hope this helps.