1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Creating subnet while keeping main network safe

Discussion in 'Networking' started by Rflook, Nov 13, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. Rflook

    Rflook Thread Starter

    Joined:
    Nov 13, 2011
    Messages:
    2
    Hi,

    I'm after some advice and was hoping someone might be able to help me out. I'm a head of computing at a senior school and currently have the following predicament. All of the computers we have are quite rightly networked with certain restrictions on them. Now I have just purchased seven machines for my departments use alone. All other computers in classrooms are for general use and have to be usable by any teacher for any subject. The machines I have purchased are so we can install whatever hardware / software I need with no restrictions. These machines don't need network file shares or printer access,the only shared service they need is the schools internet connection.

    Originally I had a router plugged into a printer port and created wireless network in my room which gave us this functionality - full unrestricted internet access, could download exes and visit any site. However the network admin (and I understand why) didn't like this and asked me to remove it. So now I have some nice machines with no internet access. When I asked the network admin what we could do about this while keeping his networked machines safe, he said it would be a long process as we would have to buy in an entirely new internet connection.

    Unfortuntely i dont fully trust this opinion as in the past the network admin has told me things couldnt be done or would take ages which I then proved to him were easily possible. However on this matter I have little experience and he could be on the money, but like I said based on previous experience I don't trust him.

    So is there any cheap and relatively quick way without compromising the security of the networked machines that my open machines can make use of the schools internet connection?

    Many thanks in advance
     
  2. cwwozniak

    cwwozniak Trusted Advisor Spam Fighter

    Joined:
    Nov 28, 2005
    Messages:
    64,675
    First Name:
    Chuck
    Hi Rflook, and welcome to TSG.

    Can you please provide a bit more information on how the Internet access restrictions were implemented on the other computers? Was it individual software and settings on each computer or was there some type of central router or hardware firewall to control access for all computers?

    If access was controlled by some type of central router or hardware firewall, exactly how was your computer able to bypass it? The only routers I have seen with printer ports are some models that allow sharing a printer by connecting it directly to the router, either via USB or the older parallel port interface. What is the brand and model number of the router you were using that gave you full Internet access?
     
  3. Rflook

    Rflook Thread Starter

    Joined:
    Nov 13, 2011
    Messages:
    2
    Hi,

    The networked desktop machines have a proxy address put in their system settings. This proxy filters the web requests (we are using a product called smoothwall), local restrictions, again in system settings/user rights also prohibit the running of executable files.

    In my room there was a spare Ethernet socket in the wall which I plugged a wireless router into, this socket was previously used to plug a networked printer into. I didn't have to do anything special to it, it just instantly provided open access to the Internet, I'm guessing because that port wasnt being forced through the filtering software.

    The router was a linkers one which I got free when I bought a mini video camera, so as you can imagine its nothing special, only a simple home router job. Not sure what the model is as am at home at the moment, but will check when I get in tomorrow
     
  4. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    79,904
    First Name:
    Terry
    There is nothing you can do by yourself other than get your own internet access.

    I'll assume that the current situation is the school's entire network connected to a broadband modem. What would be needed, in simple terms, is to connect a router between the school's network and the modem. Your computers could then also connect to the new router. In this way the school's network would be protected from your computers in the same way it is protected from the internet.
     
  5. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    6,300
    You'll have to work with your network admin to get a solution that will work for both of you. Since I don't know what type of network equipment we are talking about here, it's hard to recommend or state a solution. If the network contains a decent business class router/firewall device, then it's very easy to accommodate your request. I have configured tiered access like this for both work and on my home network on a single firewall device.
     
  6. dpl

    dpl

    Joined:
    Nov 15, 2011
    Messages:
    21
    if you are the network admin, creating subnet is the solution but he should implement ip restrictions to other subnetworks and provide you only port 80 access
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1026734

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice