PC Review


Reply
Thread Tools Rate Thread

Isolating my own addresses on a multi-server lan

 
 
Fran
Guest
Posts: n/a
 
      14th Jun 2004
I have a small network with a Windows 2000 server running Active
Directory sharing the same address subnet as another company. I need
to isolate us from that network but still have access to some of those
resources on that other network.

e.g. Subbet is now 192.168.002.001 through 192.168.002.250

We take up 11 of those addresses. I want to have our own subbet (e.g.
192.168.008.xxx)

What do I need in the way of equipment? What's involved in sharing
resources from one network to another? Do I need to route from one to
another? We also share a common internet connection and we have two
remote users that will need access (via RealVNC) to their desktop
machines.

Any advice is appreciated.

Fran
 
Reply With Quote
 
 
 
 
Phillip Windell
Guest
Posts: n/a
 
      14th Jun 2004
"Fran" <isdfedman@@hotmail.com> wrote in message
news:(E-Mail Removed)...
> e.g. Subbet is now 192.168.002.001 through 192.168.002.250


Don't put leading 0's in an IP#.

> What do I need in the way of equipment?


Router(s)

> What's involved in sharing resources from one network to another?


Same as now. It is not related to subnets. Sharing is part of Windows
Networking. Subnetting is part of the "network infastructure",....the two
are not related.

> Do I need to route from one to another?


Do you want to? Do you need to? Only you will know that.

>We also share a common internet connection and we have two
> remote users that will need access (via RealVNC) to their desktop
> machines.


Who owns the Internet Connection? The truth is, you can't go off and do
this on your own in this situation. You need to work together with the other
company you are involved with because this effects the design of both sides
of this. Also, even subnetting this network won't change how anything works
and will not protect either of you from the other unless you plan to write
ACLs to put on the Router,...and if you knew how to do this with a router,
then you would already know enough about all this that you wouldn't have had
to ask.

So,..it comes down to this,...you need to get together with this other
company you are involved with and work it out with them. This involves both
of you equally.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com




 
Reply With Quote
 
 
 
 
Fran
Guest
Posts: n/a
 
      15th Jun 2004


>> Do I need to route from one to another?

>
>Do you want to? Do you need to? Only you will know that.


Since there are shared resources on their network that we need access
to, yes.

>
>>We also share a common internet connection and we have two
>> remote users that will need access (via RealVNC) to their desktop
>> machines.

>
>Who owns the Internet Connection?


They own the internet connection.

It was always my intent to get them involved in this. I just want to
be sure I know what things we will need to cover and initiate. My goal
is to take our Active Directory network off of theirs, add DHCP to our
server (instead of using theirs) and properly configure our DNS.
 
Reply With Quote
 
Phillip Windell
Guest
Posts: n/a
 
      15th Jun 2004
<Fran> wrote in message news:(E-Mail Removed)...
> It was always my intent to get them involved in this. I just want to
> be sure I know what things we will need to cover and initiate. My goal
> is to take our Active Directory network off of theirs, add DHCP to our
> server (instead of using theirs) and properly configure our DNS.


You can do all that and never touch the addressing scheme, except for DHCP.
The two Domains will need a trust relationship between them if you want to
access resources at the File System level (NTFS Permissions). Other services
(Web, SQL, etc) can be done with or without a Trust.

If you want to run DHCP then you do need a separate subnet and be sure to
*not* config the router to forward the DHCP request packets.

The main purpose of subnetting is to make the network more effiecient by
reducing broadcasts when it gets up to a few hundred machines on the system.
Subnets can also help with security by using ACLs on the Routers between
them, but that only happens at the Layer3 & 4 levels and should never be
look upon as the primary means of security. Most of your security comes
from either Active Directory (permissions given to or not given to) or the
security elements built into the individual "services" made available (SQL
Server, IIS [Web], ect).

I'm afraid that security is more of a science and an art and not simply a
matter of splitting something into subnets and tossing a firewall between
the segments.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com


 
Reply With Quote
 
 
 
Reply

Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Isolating computers on a LAN from each other - A special kind of switch R.Wieser Windows XP Networking 4 15th Jul 2009 09:39 PM
Isolating Email addresses H00tenanny Microsoft Excel Worksheet Functions 4 24th Oct 2005 04:46 AM
Isolating bad cylinders??? =?Utf-8?B?aV96dWx5?= Windows XP Hardware 3 12th Apr 2005 05:58 PM
Isolating embedded pictures in emails Jack Schitt Microsoft Outlook Discussion 5 15th Aug 2004 09:51 PM
Isolating/separating DV sound Brooko Windows XP MovieMaker 1 8th Nov 2003 06:23 PM


Features
 

Advertising
 

Newsgroups
 


All times are GMT +1. The time now is 06:02 AM.