Solved

Sharing internet connection while preventing inter-network access

Posted on 2008-10-07
8
290 Views
Last Modified: 2013-12-23
I want to create a network to allow multiple PC clients to share an internet connection without being able to access each other.

Currently we have an adsl modem connected to a standard basic swtich. Multiple computers are plugged into the swtich each being able to access the net. The problem lies that as they are all on the same network range they can see each other.

What do i need to do to provide access to the internet but without access to any other devices on the network?
0
Comment
Question by:matt_cowdell
8 Comments
 
LVL 3

Expert Comment

by:rlsm_tech
ID: 22663408
Based on the description of you network I am going to assume that the DSL modem is acting as your router and probably DHCP server.  Each computer is getting its network IP information from the modem and is being dynamically updated.

I will assume that you do not have any printers on the workstations that you need to share. The simplest solution would be to disable print and file sharing on the individual desktop computers.  The individual machines would show up in the network neighborhood but would not be accessible.

To disable file and print sharing in Vista:

Click the Windows (Start) button in the lower left corner of the desktop.
Click on the Control Panel.
Click on Network and Sharing Center
Under the sharing and discovery section click the arrow button at the end of each section to expand the section.
Click the radio button next to the option you want to disable "Turn off file sharing"
Complete this task for each section; File sharing, Public Folder Sharing, Printer Sharing, and Media sharing.
Close the Control Panel window.


To disable file and print sharing in Windows XP:

Click the Start button in the lower left corner of the desktop.
Click Settings, then click Control Panel.
In the Control Panel, click Network Connections.
In the Network Connections window, right-click on the appropriate connection, then select Properties.
Uncheck the File and Printer Sharing for Microsoft Networks check box.
Click OK, then close the Control Panel window.

To disable file and print sharing in Windows 2000:

Click the Start button in the lower left corner of the desktop.
Click Settings, then click Control Panel.
In the Control Panel, click Network and Dial-up Connections.
In the Network and Dial-up Connections window, righ-click on the appropriate connection, then select Properties.
In the Connection Properties window, click the Networking tab.
Uncheck the File and Printer Sharing for Microsoft Networks check box.
Click OK, then close the Control Panel window.

0
 
LVL 3

Expert Comment

by:tismetoo
ID: 22663515
You can do this with Windows Firewall on XP or Vista, but I don't know of a way to implement this with the sort of networking hardware you have access to. Basic switches are designed to allow devices to talk to each other, not to restrict access. No point considering the ADSL modem as the packets between the devices will not get to it.
0
 
LVL 13

Expert Comment

by:kdearing
ID: 22666048
Without additional hardware and setting up VLANs, you're left with disabling sharing as rlsm_tech suggests.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 

Author Comment

by:matt_cowdell
ID: 22666565
I'm looking for  solution that is independent of the client computers - what hardware would do the job?
0
 
LVL 13

Accepted Solution

by:
kdearing earned 250 total points
ID: 22668540
The best way to do it would be to put the client groups in separate VLANs.
You will need a switch and a router/firewall that have VLAN capabilities.

What type of switch are you using now?
Do you have a preferred mfr?
What is your budget for this?
0
 
LVL 3

Assisted Solution

by:rlsm_tech
rlsm_tech earned 250 total points
ID: 22671172
VLAN's are your simplest hardware solution.  Depending on the number of clients you have, and the level of VLAN managment, the price can get fairly expensive.  You need to look at a layer 2 managed switch.  These types of switches are capable of isolating computers by MAC or by port.  The lower end devices such as this D - LINK (http://www.newegg.com/Product/Product.aspx?Item=N82E16833122203) are cheap and isolate by port.  If you want to isolate by MAC the price will go up.  

Hope this helps.


0
 
LVL 3

Expert Comment

by:rlsm_tech
ID: 22672711
Just checked back on this thread and realized that the model of switch I posted was in fact a Netgear and not D-Link.  Just wanted to make sure that I did not confuse you.


0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now