Wireless network - access internet but not other computers?

  • Thread starter Thread starter Mitch
  • Start date Start date
M

Mitch

Hi all,

Have a LinkSys WIFI router with integradted DSL modem and 4 port ethernet.
Currently have two computers hardwired, and want to add one or two more via
WIFI.

Question - is there any way that I can give one of the wireless computers
internet access but no access at all to the other machines on the network?
In this case, it would be to allow a student who lives in a rented studio in
our house to have internet access via my connection without having to pay
for his own DSL line, but I would not want him accessing my files. For the
others, I need file exchange.

I can think of one way with my limited network knowledge - limit the areas
of shared resources and make all password protected - which is a bit of a
pain. Any way to set up firewalls so that I could, say, exclude the
student's computer from all other network access while leaving the other
computers relatively free to communicate and share?

TIA, --Mitch
 
Mitch said:
Hi all,

Have a LinkSys WIFI router with integradted DSL modem and 4 port ethernet.
Currently have two computers hardwired, and want to add one or two more via
WIFI.

Question - is there any way that I can give one of the wireless computers
internet access but no access at all to the other machines on the network?
In this case, it would be to allow a student who lives in a rented studio in
our house to have internet access via my connection without having to pay
for his own DSL line, but I would not want him accessing my files. For the
others, I need file exchange.

I can think of one way with my limited network knowledge - limit the areas
of shared resources and make all password protected - which is a bit of a
pain. Any way to set up firewalls so that I could, say, exclude the
student's computer from all other network access while leaving the other
computers relatively free to communicate and share?

TIA, --Mitch
Click to expand...
You could use MAC filtering and/or static IPAs to "prevent" the student from
accidentally stumbling into your shared resources, but it would still be
easy
for the student to override your settings on said student's PC by MAC and
IPA cloning.

For real protection, you need a second wireless router, with different
WPA keys
and a different IP subnet, such as:

DSL<==>Router1<==>Router2<AllOfYourPCsAttachHere>
\
+--<StudentPCsAttachHere>

All in all, you may find it easier to keep the single router you have and
migrate all of your PCs to XP PRO (if they aren't), disable simple
protection,
and use XP PRO's credential checking to bar the student.
 
Bob said:
You could use MAC filtering and/or static IPAs to "prevent" the
student from
accidentally stumbling into your shared resources, but it would still
be easy
for the student to override your settings on said student's PC by MAC and
IPA cloning.

For real protection, you need a second wireless router, with different
WPA keys
and a different IP subnet, such as:

DSL<==>Router1<==>Router2<AllOfYourPCsAttachHere>
\ +--<StudentPCsAttachHere>

All in all, you may find it easier to keep the single router you have and
migrate all of your PCs to XP PRO (if they aren't), disable simple
protection,
and use XP PRO's credential checking to bar the student.
Click to expand...
Oops - my mailer reformatted my message behind my back. As I drew the
picture (in ASCII art form), it showed the StudentPCs attached to
Router1, with all of YourPCs attached to Router2.

Sorry about that.
 
Hi

You can block out computers with software Firewall barring their IPs.
However if the person is computer savvy and want to violate the None Sharing
rule he can find ways around it.

A better way would be to segregate out the Computers that would not share
with the rest of the Network. You can dig the principle from this page,
http://www.ezlan.net/shield.html

Jack (MVP-Networking).
 
Back
Top