Isolating Computers on a network

Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy.
This forum is not for asking programming related questions.

Moderator: General Moderators

Post Reply
User avatar
shiznatix
DevNet Master
Posts: 2745
Joined: Tue Dec 28, 2004 5:57 pm
Location: Tallinn, Estonia
Contact:

Isolating Computers on a network

Post by shiznatix »

Ok I have 5 personal computers at work and 2 server computers. What I am trying to do is isolate the 2 server computers from the rest of the network while still giving them internet access. I do this because we are allowing the 2 server computers to be used by some other people and we don't want them to be able to access our personal files on our work computers.

So, here is my setup right now:

Code: Select all

internet -> modem/router (hub?) -> router -> 2 servers
                           |
                           |
                 5 work computers
All 5 work computers are in the IP range 192.168.1.X with subnet mask 255.255.255.0
Both servers are in the IP range 192.168.2.X with subnet mask 255.255.255.128

I thought that would do the trick but negative 9000 style. Since they are on a different subnet mask the windows server does not show the other computers in 'my network neighborhood' but you can still ping them and mount them as a shared drive and whatnot if you know their IP. How can I stop that from happening while keeping all computers connected to the same network? Maybe add another router between the modem/router and the 5 computers? I am looking for more of a hardware solution rather than software.
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

Gateway between the 5 machines and the hub would make it easier, but you'll need some form of routing rule to prevent them doing so.

Tbh, just create a policy on the servers to disallow mounting.
User avatar
shiznatix
DevNet Master
Posts: 2745
Joined: Tue Dec 28, 2004 5:57 pm
Location: Tallinn, Estonia
Contact:

Post by shiznatix »

well what I ended up doing was putting the 5 computers behind the extra router then putting the 2 servers to the router/hub thing. With a different IP range and subnet mask everything works as hoped.

I really wish I had paid more attention in cisco classes.
Post Reply