Want 2 pc to use 1 WAN and no LAN

doorblob

Distinguished
Jun 16, 2010
31
0
18,530
Is there any way at all to make it to where my router allows two PC's to connect to the internet but at the same time makes it to where it's impossible for either of these pc's to connect to one another?

the reason i ask is that the other PC is used by a person that really doesn't know what they're doing online, and because of this (and macafee) had multiple viruses on their PC. i do need for both of us to connect to the net at the same time, but i absolutely want every possibility of that computer connecting to mine in any way whatsoever to be eliminated/gone/destroyed/nonexistant... etc....

there is no way for that pc to have its hard drive wiped and reloaded as there is no xp disk for it and the manufacturer is kaput (they got the thing off a TV shopping show). it has been cleaned as well as it can be, and it may very well be virus free at this point, but i don't trust it. (the viruses on it were the type used to steal info).

the router is a d-link gamers lounge dgl-4100

and i have read the instructions, all 62 pages of them. maybe i skipped over something or didn't realize what something really allowed... but anyway, please display any wisdom you have on this issue.

and if there's not a way to do this with a router, is there a way to do this with any other device?
 
G

Guest

Guest
Perfectly possible, given that one user is hopeless with computers.

Just don't tell him the network name of the other computer, don't enable any shared folders, make sure the Windows firewall is on and use a login password on Windows.
 

seacliff

Distinguished
Jun 14, 2010
65
0
18,640
use 3 router, 1 will be the switch between WAN and LAN, the 2 other will redistribute DHCP to their client using different subnets.

Internet
|
Router1---Router3---Client2
|
Router2
|
client1

That way, you'll be sure nothing can communicate between PCs.
 

doorblob

Distinguished
Jun 16, 2010
31
0
18,530
Perfectly possible, given that one user is hopeless with computers.

Just don't tell him the network name of the other computer, don't enable any shared folders, make sure the Windows firewall is on and use a login password on Windows.


doing this would make it to where it was no more dangerous than just connecting to the net would normally be, right?

another thing i worried about was filter firewall on the router. would viruses already on the other person's pc be able to bypass that and put my pc in any extra danger?

(and buying three routers is too expensive).


and i just got done talking to my cable net provider. they said that LAN would have to be specifically set up for it to occur over the router and for any connection to be made between the pc's. is that the case?

d-link told me to change the workgroup name of the other computer so that they could not share files. how do i do this? and are they right that this would disable connection between the two pc's?
 

sturm

Splendid
Run a firewall like zonealarm (free version is fine) and block all connections coming from the other computers IP. Give it a static IP so it won't change. Change the workgroup name by right clicking on "My Computer" then properties, then computer name tab (if on xp). Win 7you would click on 'Change Settings" on the right side.
Turn off all sharing on both computers and don't share any folders.

 

panto

Distinguished
May 24, 2010
59
0
18,640


Correct me if I'm wrong, but aren't packets still able to get from client2 to client1?
Client2 sends packet destined for client1 - router3 forwards to router1, router1 knows client1's network is accessible through router2 because router2 has advertised it, router2 delivers to client1. Firewall on client1 will discard the packet, but it has reached client1 nonetheless.
 

seacliff

Distinguished
Jun 14, 2010
65
0
18,640



It won't if you use seperate subnet and don't route packets from router2 to router3
 

Kewlx25

Distinguished
I think a simple firewall would be the easier answer. Vista/7 both have very strong network security.

The downfall of Vista/7 are how they require elevated privs to change settings. But if you're talking about the OS refusing packets from another machine on the network, it should be solid.