Creating subnet while keeping main network safe

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Rflook

Thread Starter
Joined
Nov 13, 2011
Messages
2
Hi,

I'm after some advice and was hoping someone might be able to help me out. I'm a head of computing at a senior school and currently have the following predicament. All of the computers we have are quite rightly networked with certain restrictions on them. Now I have just purchased seven machines for my departments use alone. All other computers in classrooms are for general use and have to be usable by any teacher for any subject. The machines I have purchased are so we can install whatever hardware / software I need with no restrictions. These machines don't need network file shares or printer access,the only shared service they need is the schools internet connection.

Originally I had a router plugged into a printer port and created wireless network in my room which gave us this functionality - full unrestricted internet access, could download exes and visit any site. However the network admin (and I understand why) didn't like this and asked me to remove it. So now I have some nice machines with no internet access. When I asked the network admin what we could do about this while keeping his networked machines safe, he said it would be a long process as we would have to buy in an entirely new internet connection.

Unfortuntely i dont fully trust this opinion as in the past the network admin has told me things couldnt be done or would take ages which I then proved to him were easily possible. However on this matter I have little experience and he could be on the money, but like I said based on previous experience I don't trust him.

So is there any cheap and relatively quick way without compromising the security of the networked machines that my open machines can make use of the schools internet connection?

Many thanks in advance
 

cwwozniak

Chuck
Moderator
Joined
Nov 28, 2005
Messages
68,876
Hi Rflook, and welcome to TSG.

Can you please provide a bit more information on how the Internet access restrictions were implemented on the other computers? Was it individual software and settings on each computer or was there some type of central router or hardware firewall to control access for all computers?

If access was controlled by some type of central router or hardware firewall, exactly how was your computer able to bypass it? The only routers I have seen with printer ports are some models that allow sharing a printer by connecting it directly to the router, either via USB or the older parallel port interface. What is the brand and model number of the router you were using that gave you full Internet access?
 

Rflook

Thread Starter
Joined
Nov 13, 2011
Messages
2
Hi,

The networked desktop machines have a proxy address put in their system settings. This proxy filters the web requests (we are using a product called smoothwall), local restrictions, again in system settings/user rights also prohibit the running of executable files.

In my room there was a spare Ethernet socket in the wall which I plugged a wireless router into, this socket was previously used to plug a networked printer into. I didn't have to do anything special to it, it just instantly provided open access to the Internet, I'm guessing because that port wasnt being forced through the filtering software.

The router was a linkers one which I got free when I bought a mini video camera, so as you can imagine its nothing special, only a simple home router job. Not sure what the model is as am at home at the moment, but will check when I get in tomorrow
 

TerryNet

Terry
Moderator
Joined
Mar 23, 2005
Messages
81,423
There is nothing you can do by yourself other than get your own internet access.

I'll assume that the current situation is the school's entire network connected to a broadband modem. What would be needed, in simple terms, is to connect a router between the school's network and the modem. Your computers could then also connect to the new router. In this way the school's network would be protected from your computers in the same way it is protected from the internet.
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,660
You'll have to work with your network admin to get a solution that will work for both of you. Since I don't know what type of network equipment we are talking about here, it's hard to recommend or state a solution. If the network contains a decent business class router/firewall device, then it's very easy to accommodate your request. I have configured tiered access like this for both work and on my home network on a single firewall device.
 

dpl

Joined
Nov 15, 2011
Messages
21
if you are the network admin, creating subnet is the solution but he should implement ip restrictions to other subnetworks and provide you only port 80 access
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top