Announcement

Collapse
No announcement yet.

Removing rights from a stand alone computer on a domain

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Removing rights from a stand alone computer on a domain

    Hello all,

    The company in mention is a printing company. There are 2 large digital copiers in 1 room. Each of the copiers has a print server attached to it. Therefore, 4 ethernet cable are required to run these, as they all require an IP address to talk to each other.

    From our Switch beside our Domain controller, we have run 2 cables to the wall. They are ports 3 and 4 on my switch.

    Coming out of port 3 on the wall, we have the dumb switch. The company we rent the copiers from have setup this with a small 5-port dumb switch. In this switch are 2 copiers, 2 copier servers, and 1 to the wall. Out of the 4 connected devices, only 1 of the servers is part of a computer, which runs windows XP. This computer is not on our network. We have gotten a Virus that wiped out our computer and we lost an entire day to get back up. We want to remove the public internet access for this computer.

    Coming out of port 4 on the wall, we have a single ethernet cable running to a computer set up so our Operator can access our network files and use the internet when needed.

    Problem: How can I limit everything on port 3 to prevent it from passing our firewall to the public internet. All at the same time, still being able to communicate with the multiple computers around my network, in order to print.

    Please, any ideas and input is appreciated.

    Thank you,
    Standard

  • #2
    Re: Removing rights from a stand alone computer on a domain

    Hi,
    If you set the computer with a static ip and don't include a default gateway then it can't get out of its local network.
    If that's not good for your situation then create a firewall rule that will deny internet access for what ever IP the computer has.
    Please remember to award reputation points if you have received good advice.
    I do tend to think 'outside the box' so others may not always share the same views.

    MCITP -W7,
    MCSA+Messaging, CCENT, ICND2 slowly getting around to.

    Comment


    • #3
      Re: Removing rights from a stand alone computer on a domain

      Originally posted by uk_network View Post
      If you set the computer with a static ip and don't include a default gateway then it can't get out of its local network
      Good idea that, before I read your reply was just going to say firewall rule, but this is easier for the OP.
      * Shamelessly mentioning "Don't forget to add reputation!"

      Comment


      • #4
        Re: Removing rights from a stand alone computer on a domain

        Thank you so much to the both of you, UK_Network & Topper.

        I thought about leaving the gateway blank, but i thought it was too easy to be true. I am going to go that route. Thank you topper for confirming. I was on the same page and it helps tremendously to get more opinions. I am relatively new and I am very hesitant to do anything without another brain.

        THANK YOU!!
        Standard

        Comment


        • #5
          Re: Removing rights from a stand alone computer on a domain

          Both answers are correct BUT if you have more than 1 subnet that the system needs to communicate with then you may have issues.

          Comment


          • #6
            Re: Removing rights from a stand alone computer on a domain

            Thank you very much Wullieb1,

            This shouldn't be an issue because we only have one subnet, but i appreciate you pointing it out. That is def something to keep in mind.

            If we had multi Subnets, do you think the firewall blocking would be the way to go?

            Thanks for the help guys
            Standard

            Comment


            • #7
              Re: Removing rights from a stand alone computer on a domain

              Originally posted by Standard_IT View Post
              Thank you very much Wullieb1,

              This shouldn't be an issue because we only have one subnet, but i appreciate you pointing it out. That is def something to keep in mind.

              If we had multi Subnets, do you think the firewall blocking would be the way to go?

              Thanks for the help guys
              Standard
              Its the only option that you have really.

              You need the gateway so the devices can communicate with other devices on other subnets.

              Comment


              • #8
                Re: Removing rights from a stand alone computer on a domain

                Thanks Wullieb1,

                Much Appreciation,
                Standard

                Comment

                Working...
                X