Solved

Sharing internet connection while preventing inter-network access

Posted on 2008-10-07
8
323 Views
Last Modified: 2013-12-23
I want to create a network to allow multiple PC clients to share an internet connection without being able to access each other.

Currently we have an adsl modem connected to a standard basic swtich. Multiple computers are plugged into the swtich each being able to access the net. The problem lies that as they are all on the same network range they can see each other.

What do i need to do to provide access to the internet but without access to any other devices on the network?
0
Comment
Question by:matt_cowdell
8 Comments
 
LVL 3

Expert Comment

by:rlsm_tech
ID: 22663408
Based on the description of you network I am going to assume that the DSL modem is acting as your router and probably DHCP server.  Each computer is getting its network IP information from the modem and is being dynamically updated.

I will assume that you do not have any printers on the workstations that you need to share. The simplest solution would be to disable print and file sharing on the individual desktop computers.  The individual machines would show up in the network neighborhood but would not be accessible.

To disable file and print sharing in Vista:

Click the Windows (Start) button in the lower left corner of the desktop.
Click on the Control Panel.
Click on Network and Sharing Center
Under the sharing and discovery section click the arrow button at the end of each section to expand the section.
Click the radio button next to the option you want to disable "Turn off file sharing"
Complete this task for each section; File sharing, Public Folder Sharing, Printer Sharing, and Media sharing.
Close the Control Panel window.


To disable file and print sharing in Windows XP:

Click the Start button in the lower left corner of the desktop.
Click Settings, then click Control Panel.
In the Control Panel, click Network Connections.
In the Network Connections window, right-click on the appropriate connection, then select Properties.
Uncheck the File and Printer Sharing for Microsoft Networks check box.
Click OK, then close the Control Panel window.

To disable file and print sharing in Windows 2000:

Click the Start button in the lower left corner of the desktop.
Click Settings, then click Control Panel.
In the Control Panel, click Network and Dial-up Connections.
In the Network and Dial-up Connections window, righ-click on the appropriate connection, then select Properties.
In the Connection Properties window, click the Networking tab.
Uncheck the File and Printer Sharing for Microsoft Networks check box.
Click OK, then close the Control Panel window.

0
 
LVL 3

Expert Comment

by:tismetoo
ID: 22663515
You can do this with Windows Firewall on XP or Vista, but I don't know of a way to implement this with the sort of networking hardware you have access to. Basic switches are designed to allow devices to talk to each other, not to restrict access. No point considering the ADSL modem as the packets between the devices will not get to it.
0
 
LVL 13

Expert Comment

by:kdearing
ID: 22666048
Without additional hardware and setting up VLANs, you're left with disabling sharing as rlsm_tech suggests.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:matt_cowdell
ID: 22666565
I'm looking for  solution that is independent of the client computers - what hardware would do the job?
0
 
LVL 13

Accepted Solution

by:
kdearing earned 250 total points
ID: 22668540
The best way to do it would be to put the client groups in separate VLANs.
You will need a switch and a router/firewall that have VLAN capabilities.

What type of switch are you using now?
Do you have a preferred mfr?
What is your budget for this?
0
 
LVL 3

Assisted Solution

by:rlsm_tech
rlsm_tech earned 250 total points
ID: 22671172
VLAN's are your simplest hardware solution.  Depending on the number of clients you have, and the level of VLAN managment, the price can get fairly expensive.  You need to look at a layer 2 managed switch.  These types of switches are capable of isolating computers by MAC or by port.  The lower end devices such as this D - LINK (http://www.newegg.com/Product/Product.aspx?Item=N82E16833122203) are cheap and isolate by port.  If you want to isolate by MAC the price will go up.  

Hope this helps.


0
 
LVL 3

Expert Comment

by:rlsm_tech
ID: 22672711
Just checked back on this thread and realized that the model of switch I posted was in fact a Netgear and not D-Link.  Just wanted to make sure that I did not confuse you.


0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question