Subj : Re: Network setup To : ALL From : Frank Reid Date : Mon Nov 04 2002 12:10 pm =========================================================================== RE: Network setup BY: Ben Carpenter (1:106/2000) =========================================================================== BC> Could some one give me some pointers and setting up or rearranging a BC> network. BC> BC> I have several computers on a network and a router connected to a DSL BC> connection. Every thing is working fine, but I want to divide the BC> computers in to 3 different work groups that all can connect to the DSL BC> internet connection but can not see or communicate with computers in an BC> other work group. BC> BC> Does this require special hardware or is it a software function or BC> both? Please give some details if you can. How "rigid" are the security constraints among the three networks? If you truly do not want to allow any traffic shared among different networks, the only solution is to add a router (or firewall) with multiple interfaces, so you can block traffic. If it's purely esthetic, e.g. so the kids can't see your Network Neighborhood resources from their computers, you might be able to subnet the IP network used by your router. Typical DSL/cable routers use the non-routable (private) IP address space 192.168.0.0/24 (192.168.0.0 - 192.168.0.255, with a netmask 255.255.255.0 or standard Class "C" subnetting). Without modifying the router configuration, you can "chunk" that network up into four 64 host blocks on the workstations, each using a subnet mask of 255.255.255.192, as follows: Workgroup1 192.168.0.2 - 192.168.0.62 Workgroup2 192.168.0.66 - 192.168.0.126 Workgroup3 192.168.0.130 - 192.168.0.190 Workgroup4 192.168.0.194 - 192.168.0.254 I've omitted the network and broadcast addresses in each range, so these should be the usable addresses for the workstations. This is untested, and there are two questions I have in advance. First, because you can only populate a single address on the router (192.168.0.1), will the workstations be able to find the default gateway at 192.168.0.1 from the three higher subnets? Second, because Windows network is pretty pervasive unless RPC activity is blocked, will the workstations still be able to "see" each other across the subnet boundaries. The real solution is a multiple interface hardware router or firewall, but I'd be curious of your results if you give this a try. Frank --- WWIVGate 2.00c * Origin: * Eagle's Dare * Laurel, MD * 301-498-1984 (1:109/500) .