Re: Seperate 2 network segments (on a sheo string)

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Separating the segments and then reconnecting them by bridging or routing is
kind of self defeating. You can achieve pretty much the same result with
the existing configuration. Use static IP addresses; enable the XP2
firewall; and configure the scope of any exceptions as desired.

Doug Sherman
MCSE, MCSA, MCP+I, MVP

"PMC1" <paulc05@xxxxxxxxx> wrote in message
news:1154087413.467850.278060@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi Richard,

Thanks for the reply. I agree a router would be the best solution but
any thoughts on the options mentioned as these would not cost anything
at all?

Paul

Paul
Richard G. Harper wrote:
The easiest and cheapest way to do what you want is to add a second
router
to your network and then put all the PCs to be segregated on it. This
will
allow these PCs to access the Internet but not to access the other
network
segment.

--
Richard G. Harper [MVP Shell/User] rgharper@xxxxxxxxx
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


"PMC1" <paulc05@xxxxxxxxx> wrote in message
news:1154075115.563126.157260@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,

I have 2 network segments connected hub to hub and both in the same
subnet (192.168.1.0 255.255.255.0). All PC's are Win2k/XP. A PC
(192.168.1.1) in segment 1 provides internet access to all other
systems via ICS. There are 5 other machines in segment 1 (S1) and 5 in
segment 2 (S2)

I want to separate / protect S1 from S2 while still allowing internet
access to S2.

I have 2 ideas:

1. Add a second network adapter to a pc (call the pc PC5) in S1.
Remove
the connection between the 2 segments (i.e. between the 2 hubs) and
instead connect the hub in S2 to the second adapter in PC5. Bridge the
network adapters in PC5 then using TCP/IP filtering only allow TCP/UDP
80 inbound on the bridge.

2. I understand there is a registry hack that will allow a WinXP
workstation act as a router. This way I could create 2 seperate
subnets
and again restrict inbound connections to Subnet 1 to only allow
inbound connections to port 80.

I like the idea of option 1 but if somebody could tell any reason why
this would not work or if there is something else I might need to do
in
this scenario I would appreciate it.

If option 1 is not a runner could somebody give me details or point me
to a site that could explain how option 2 could be done.


Thanks in advance


Paul




.

Relevant Pages

  • Re: Speech Signal Separation for Voice/Unvoice parts
    ... > 1)The major significance of Eis that it provides a good measurefor separating voiced speech segments from unvoiced speech segments. ... I do know how to record a signal and how to check it for Average Energy and Average Zero cross. ...
    (comp.soft-sys.matlab)
  • Re: Speech Signal Separation for Voice/Unvoice parts
    ... > 1)The major significance of Eis that it provides a good measurefor separating voiced speech segments from unvoiced speech segments. ... I do know how to record a signal and how to check it for Average Energy and Average Zero cross. ...
    (comp.soft-sys.matlab)
  • Seperate 2 network segments (on a sheo string)
    ... I have 2 network segments connected hub to hub and both in the same ... and again restrict inbound connections to Subnet 1 to only allow ...
    (microsoft.public.win2000.networking)
  • Re: Use of Taps for IDS
    ... Stover wrote: ... I always thought that was just a 10/100 HUB. ... My understanding was ... that in most 10/100 HUBS the 10 and the 100 segments were bridged. ...
    (Focus-IDS)