?
Solved

Sharing internet connection while preventing inter-network access

Posted on 2008-10-07
8
Medium Priority
?
348 Views
Last Modified: 2013-12-23
I want to create a network to allow multiple PC clients to share an internet connection without being able to access each other.

Currently we have an adsl modem connected to a standard basic swtich. Multiple computers are plugged into the swtich each being able to access the net. The problem lies that as they are all on the same network range they can see each other.

What do i need to do to provide access to the internet but without access to any other devices on the network?
0
Comment
Question by:matt_cowdell
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 3

Expert Comment

by:rlsm_tech
ID: 22663408
Based on the description of you network I am going to assume that the DSL modem is acting as your router and probably DHCP server.  Each computer is getting its network IP information from the modem and is being dynamically updated.

I will assume that you do not have any printers on the workstations that you need to share. The simplest solution would be to disable print and file sharing on the individual desktop computers.  The individual machines would show up in the network neighborhood but would not be accessible.

To disable file and print sharing in Vista:

Click the Windows (Start) button in the lower left corner of the desktop.
Click on the Control Panel.
Click on Network and Sharing Center
Under the sharing and discovery section click the arrow button at the end of each section to expand the section.
Click the radio button next to the option you want to disable "Turn off file sharing"
Complete this task for each section; File sharing, Public Folder Sharing, Printer Sharing, and Media sharing.
Close the Control Panel window.


To disable file and print sharing in Windows XP:

Click the Start button in the lower left corner of the desktop.
Click Settings, then click Control Panel.
In the Control Panel, click Network Connections.
In the Network Connections window, right-click on the appropriate connection, then select Properties.
Uncheck the File and Printer Sharing for Microsoft Networks check box.
Click OK, then close the Control Panel window.

To disable file and print sharing in Windows 2000:

Click the Start button in the lower left corner of the desktop.
Click Settings, then click Control Panel.
In the Control Panel, click Network and Dial-up Connections.
In the Network and Dial-up Connections window, righ-click on the appropriate connection, then select Properties.
In the Connection Properties window, click the Networking tab.
Uncheck the File and Printer Sharing for Microsoft Networks check box.
Click OK, then close the Control Panel window.

0
 
LVL 3

Expert Comment

by:tismetoo
ID: 22663515
You can do this with Windows Firewall on XP or Vista, but I don't know of a way to implement this with the sort of networking hardware you have access to. Basic switches are designed to allow devices to talk to each other, not to restrict access. No point considering the ADSL modem as the packets between the devices will not get to it.
0
 
LVL 13

Expert Comment

by:kdearing
ID: 22666048
Without additional hardware and setting up VLANs, you're left with disabling sharing as rlsm_tech suggests.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:matt_cowdell
ID: 22666565
I'm looking for  solution that is independent of the client computers - what hardware would do the job?
0
 
LVL 13

Accepted Solution

by:
kdearing earned 1000 total points
ID: 22668540
The best way to do it would be to put the client groups in separate VLANs.
You will need a switch and a router/firewall that have VLAN capabilities.

What type of switch are you using now?
Do you have a preferred mfr?
What is your budget for this?
0
 
LVL 3

Assisted Solution

by:rlsm_tech
rlsm_tech earned 1000 total points
ID: 22671172
VLAN's are your simplest hardware solution.  Depending on the number of clients you have, and the level of VLAN managment, the price can get fairly expensive.  You need to look at a layer 2 managed switch.  These types of switches are capable of isolating computers by MAC or by port.  The lower end devices such as this D - LINK (http://www.newegg.com/Product/Product.aspx?Item=N82E16833122203) are cheap and isolate by port.  If you want to isolate by MAC the price will go up.  

Hope this helps.


0
 
LVL 3

Expert Comment

by:rlsm_tech
ID: 22672711
Just checked back on this thread and realized that the model of switch I posted was in fact a Netgear and not D-Link.  Just wanted to make sure that I did not confuse you.


0

Featured Post

WordPress Tutorial 2: Terminology

An important part of learning any new piece of software is understanding the terminology it uses. Thankfully WordPress uses fairly simple names for everything that make it easy to start using the software.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question