On Sun, 2 May 2010, Bobby Heid wrote:
Hey,
Every now and then I need to bring people's PCs to my house. I use sneaker
net to copy over any files and all that I might need to fix their machine.
After I am pretty sure I have it all cleaned up, I then will connect it to
my LAN to make sure all the Windows updates are applied and anything else
that needs updating.
What I'd like to do is to have two networks that can both access the same
internet connection but cannot see each other (unless I wanted them to).
ZyXEL ZyWALL 2 Plus has this capability:
Secure Zones Technology
With the enhanced *DMZ zone, SOHO can easily deploy their access server or
WIFI appliance separate from the trusted local network (LAN). The *DMZ
zone has its own DHCP service and all zones are securely separated by
firewall rules.
http://us.zyxel.com/Products/details.aspx?PC1IndexFlag=20040908175941&CategoryGroupNo=FF94F854-B6F1-47B7-BFB7-4660CF8649C8
http://www.newegg.com/Product/Product.aspx?Item=N82E16833181021
Essentially, it's a soho router that supports a DMZ, any router/firewall
that has DMZ capability will do what you want.
It can be very nice on the DMZ side, you can configure it so it can only
access the sites you want it to access and everything else is blocked.
For example, setup your DMZ to allow access only to Trend Micro's house
call and the microsoft update site.
What type of setup would I need to have to do this? Any links that will
demonstrate it?
The above router with the DMZ is your best bet. No need for double NAT
any more and you can really limit each private subnet as much as you like
and do direct non-nat routing between the 2.
Also remote access in with the VPN software when you're on the road.
Christopher Fisk
--
I WILL NOT INSTIGATE REVOLUTION
I WILL NOT INSTIGATE REVOLUTION
Bart Simpson on chalkboard in episode 7G06