HPE Community
Networking
1753341 Members
5062 Online
108792 Solutions
New Discussion юеВ

isolate a computer in the same subnet from other computers

 
Phil Parvin
New Member

тАО10-15-2003 05:47 AM

тАО10-15-2003 05:47 AM

isolate a computer in the same subnet from other computers

One request we have frequently is to add a computer to a network that would have access to internet but not other computers or servers on the network. This is private class c and all some subnet. If router is between pc to be isolated and rest of network shoud I put hte isolated in a diff subnet and route because if I do I have linked the diff subnets.
Possible access list... Any suggestions would be appreciated
0 Kudos
2 REPLIES 2
Ron Kinner
Honored Contributor

тАО10-15-2003 09:24 AM

тАО10-15-2003 09:24 AM

Re: isolate a computer in the same subnet from other computers

That's what access lists are for. What kind of router are you using? If you are assigning IP addresses with DHCP it helps to make the ones with internet priv. use static addresses in a certain range. Example: We use 172.16.0.0 subnet. PCs in the permitted group are manually assigned an IP of 172.16.1.x, Everyone else uses DHCP and gets an IP address in the 172.16.2 and higher range. The filter is written to allow any packets with a 172.16.4.x source address to get through. You can, of course, have the filter accept only a few specific IP addresses and block the rest but if you have a lot of these then it gets to be somewhat costly in terms of router cpu time. Some of the newer routers will let you write the access list in terms of the MAC address of the PC then you can use DHCP for everyone assuming your router has enough horsepower to handle the access list that you need.

Ron
0 Kudos
Jon Finley
Honored Contributor

тАО10-15-2003 04:42 PM

тАО10-15-2003 04:42 PM

Re: isolate a computer in the same subnet from other computers

Another possible work-around is to use a different sub-net mask.

Jon
"Do or do not. There is no try!" - Yoda
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.