coupling two networks

[tomvdduin]

I want to create two networks. Let me explain:

One network is my home network. It has 3 machines on it and a router for internet access.

the second network is the network on the office (in the same building). There are four computers on it.

I want to couple these two networks, so that the office-network can use my internet connection. I don't want that the computers on the office network can see the computers on the home-network. On the other side, in the home-network I DO want to see the computers on the office.

I thought about doeing a second network card in a win2k machine on the office that brigdes the two networks. Does that work?

Is it possible and if it is, could someone plz tell me how to use the IP addresses and how to setup the win2k machine to act as a bridge?

greetz,

Tom

 

[bcastner]

First, run a cable between the office switch and the uplink port on the Home router. Allow the router to issue IPs for all clients; or set non-conflicting static IPs. In any case the network segment would be the same, say 182.168.1.x for all machines, subnet 255.255.255.0, with a gateway address the IP of the router. This provides internet access to all.

I assume that these are two Windows-based Networks. Use standard Windows network security to prevent office users from accessing the Home network clients. Converting the Home machines to the NTFS filestore would allow a great deal of granularity to the security settings on the Home machines.

 

[tomvdduin]

Bcaster, Tnx for your awnser, but that's not quite what I mean.

I don't want the office-pc's to be able to ping my home pc's. Why? Because I don't want the chef to be able to see that the networks are coupled.

What I thought about is this:

1. my home network. just the 3 pc's and the router.
2. the office network. One machine (the 'server' with win2kpro) with a second NIC connecting to my home network

the pc's in the office network have the win2kpro server as gateway. that pc sends the internet requests to the router via the second nic

Maybe I can install a VPN server on the win2k machine in the office, to be able to connect to the office network.

Am I on the right track?

 

[bcastner]

You can add a second adapter and create a bridge. Why you believe this would stop a ping request is beyond me. It most certainly would not.

If pings are what you want to stop, use any firewall product. You can disable ICMP responses from the clients. You can even be granular in these settings, blocking ICMP types 7, 8, and 9.

 

[Andyleates]

I would get yourself a dual port router off ebay and seperate your networks that way.

You can then set up all sorts of access lists to allow or deny traffic.

Andy Leates MCSE CCNA MCP+I

 

[bithead9]

Just pickup another router and hook that as UPLINK to the first router. Since it has NAT and firewall inside it will permit internet access but not pass any private network traffic. You will have shared internet access but isolated private internal networks.

 

[chieftan999]

I dont know what type of router you have but you should be able to apply access lists to block ICMP traffic.