M
Martin Robins
I currently use Win2k3 as a router providing shared access to an Internet
connection from my LAN. The configuration is simple enough: 2 NIC's, one
connected to the Internet with the firewall enabled and one connected to the
LAN; the LAN NIC is used as the default gateway for all LAN traffic and
routing is set up to forward everything to the Internet. Great.
I now need to change this. My two lads have recently upgraded to WinXP on
their PC's and these are sitting on the same physical LAN segment as my own
PC's and I do not want to risk them contracting a worm and passing it to me
(as obviously we are all inside the firewall). As such, I want to add
another NIC to my server which can be used as a seperate segment for the
kids away from my segment.
Now for the question; I know I can route easily from the new segment back to
the Internet, but I also want to firewall the new segment so that anything
that manages to infect the kids machines cannot get through to the server
and then onto my own machines. Can anybody suggest how I might acheive this?
As soon as I switch on the firewall, all traffic will be blocked; protecting
my server etc.; but nothing will route to the internet.
Suggestions?
connection from my LAN. The configuration is simple enough: 2 NIC's, one
connected to the Internet with the firewall enabled and one connected to the
LAN; the LAN NIC is used as the default gateway for all LAN traffic and
routing is set up to forward everything to the Internet. Great.
I now need to change this. My two lads have recently upgraded to WinXP on
their PC's and these are sitting on the same physical LAN segment as my own
PC's and I do not want to risk them contracting a worm and passing it to me
(as obviously we are all inside the firewall). As such, I want to add
another NIC to my server which can be used as a seperate segment for the
kids away from my segment.
Now for the question; I know I can route easily from the new segment back to
the Internet, but I also want to firewall the new segment so that anything
that manages to infect the kids machines cannot get through to the server
and then onto my own machines. Can anybody suggest how I might acheive this?
As soon as I switch on the firewall, all traffic will be blocked; protecting
my server etc.; but nothing will route to the internet.
Suggestions?