Page 1 of 1

Isolating Computers on a network

Posted: Wed May 30, 2007 4:32 am
by shiznatix
Ok I have 5 personal computers at work and 2 server computers. What I am trying to do is isolate the 2 server computers from the rest of the network while still giving them internet access. I do this because we are allowing the 2 server computers to be used by some other people and we don't want them to be able to access our personal files on our work computers.

So, here is my setup right now:

Code: Select all

internet -> modem/router (hub?) -> router -> 2 servers
                           |
                           |
                 5 work computers
All 5 work computers are in the IP range 192.168.1.X with subnet mask 255.255.255.0
Both servers are in the IP range 192.168.2.X with subnet mask 255.255.255.128

I thought that would do the trick but negative 9000 style. Since they are on a different subnet mask the windows server does not show the other computers in 'my network neighborhood' but you can still ping them and mount them as a shared drive and whatnot if you know their IP. How can I stop that from happening while keeping all computers connected to the same network? Maybe add another router between the modem/router and the 5 computers? I am looking for more of a hardware solution rather than software.

Posted: Wed May 30, 2007 5:00 am
by Jenk
Gateway between the 5 machines and the hub would make it easier, but you'll need some form of routing rule to prevent them doing so.

Tbh, just create a policy on the servers to disallow mounting.

Posted: Wed May 30, 2007 9:13 am
by shiznatix
well what I ended up doing was putting the 5 computers behind the extra router then putting the 2 servers to the router/hub thing. With a different IP range and subnet mask everything works as hoped.

I really wish I had paid more attention in cisco classes.