Networking
1839249 Members
1913 Online
110137 Solutions
New Discussion

Re: isolate a computer in the same subnet from other computers

 
Phil Parvin
New Member

isolate a computer in the same subnet from other computers

One request we have frequently is to add a computer to a network that would have access to internet but not other computers or servers on the network. This is private class c and all some subnet. If router is between pc to be isolated and rest of network shoud I put hte isolated in a diff subnet and route because if I do I have linked the diff subnets.
Possible access list... Any suggestions would be appreciated
2 REPLIES 2
Ron Kinner
Honored Contributor

Re: isolate a computer in the same subnet from other computers

That's what access lists are for. What kind of router are you using? If you are assigning IP addresses with DHCP it helps to make the ones with internet priv. use static addresses in a certain range. Example: We use 172.16.0.0 subnet. PCs in the permitted group are manually assigned an IP of 172.16.1.x, Everyone else uses DHCP and gets an IP address in the 172.16.2 and higher range. The filter is written to allow any packets with a 172.16.4.x source address to get through. You can, of course, have the filter accept only a few specific IP addresses and block the rest but if you have a lot of these then it gets to be somewhat costly in terms of router cpu time. Some of the newer routers will let you write the access list in terms of the MAC address of the PC then you can use DHCP for everyone assuming your router has enough horsepower to handle the access list that you need.

Ron
Jon Finley
Honored Contributor

Re: isolate a computer in the same subnet from other computers

Another possible work-around is to use a different sub-net mask.

Jon
"Do or do not. There is no try!" - Yoda