Seperate 2 network segments (on a sheo string)

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

---

• From: "PMC1" <paulc05@xxxxxxxxx>
• Date: 28 Jul 2006 01:25:15 -0700

---

Hi,

I have 2 network segments connected hub to hub and both in the same
subnet (192.168.1.0 255.255.255.0). All PC's are Win2k/XP. A PC
(192.168.1.1) in segment 1 provides internet access to all other
systems via ICS. There are 5 other machines in segment 1 (S1) and 5 in
segment 2 (S2)

I want to separate / protect S1 from S2 while still allowing internet
access to S2.

I have 2 ideas:

1. Add a second network adapter to a pc (call the pc PC5) in S1. Remove
the connection between the 2 segments (i.e. between the 2 hubs) and
instead connect the hub in S2 to the second adapter in PC5. Bridge the
network adapters in PC5 then using TCP/IP filtering only allow TCP/UDP
80 inbound on the bridge.

2. I understand there is a registry hack that will allow a WinXP
workstation act as a router. This way I could create 2 seperate subnets
and again restrict inbound connections to Subnet 1 to only allow
inbound connections to port 80.

I like the idea of option 1 but if somebody could tell any reason why
this would not work or if there is something else I might need to do in
this scenario I would appreciate it.

If option 1 is not a runner could somebody give me details or point me
to a site that could explain how option 2 could be done.


Thanks in advance


Paul

.

---

• Follow-Ups:
  • Re: Seperate 2 network segments (on a sheo string)
    • From: Kurt
  • Re: Seperate 2 network segments (on a sheo string)
    • From: Richard G. Harper

• Prev by Date: Re: Wierdness port monitoring after update KB914388
• Next by Date: Re: join problem win2k
• Previous by thread: Wierdness port montiroign after update KB914388
• Next by thread: Re: Seperate 2 network segments (on a sheo string)
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Numerous Replication Connections per DC/GC? ... I am currenlty documenting the subnets in relationship to the sites ... "Hub" sites which have multiple DC/GCs. ... Should those connections ONLY be to that HUB site and ... One other note on the "Disable ISTG" comment. ... (microsoft.public.win2000.active_directory) Re: Active Directory Site Design and Replication ... I would just make links for each spoke to hub site connection, ... it's MPLS so it's not your traditional point to point links wan. ... Hence, Home Office ... This network is setup with Connections ... (microsoft.public.windows.server.active_directory) Re: Win 2000 internet connection ... Unless your ISP allows you to use multiple connections you'll probably need ... to replace the hub with a router. ... I also have a WINXp ... But the laptop doesnt connect to the internet. ... (microsoft.public.win2000.networking) Re: AD Sites and Site links - Newbie ... intermediate sub-hub are down ... core hub not only has other hubs connected to it, ... office connections as well. ... None of the hub locations have any secondary ... (microsoft.public.windows.server.active_directory) Re: Seperate 2 network segments (on a sheo string) ... Separating the segments and then reconnecting them by bridging or routing is ... I have 2 network segments connected hub to hub and both in the same ... inbound connections to port 80. ... (microsoft.public.win2000.networking)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Win2000  > microsoft.public.win2000.networking  > 2006-08