Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: How to configure Small office network ???  (Read 3217 times)

0 Members and 1 Guest are viewing this topic.

sailo

    Topic Starter


    Rookie

    • Experience: Beginner
    • OS: Windows 7
    How to configure Small office network ???
    « on: July 10, 2015, 04:33:35 AM »
    I have a little experience in networking  ;D ....

    I used Dynamic IP address for my network
    I used to configure a network containing 40 computers with D-Link Modem and Switch, if i want one of the computer to disable internet connection, I used to unplug the Network cable from Switch..  :)

    But now I setup Windows Server 2012 R2 for Server, and I want to control all the other computers that  use Windows 7 Ultimate.

    I am tired of managing network with SWITCH cantrol.......... (unplug cable and plug the cable again)..

    What i want to do is controlling all the computers by using the server (Win Server 2012 R2 - its my first time for using windows server)
    1). I want to control internet to restrict some website or disabling internet connection.
    2). I want to control file sharing ( does it need home group OR just sharing the folder/drive is enough?)


    Do I need LAN Card (that has two Rj45 port) for controlling internet connection??

    Please Help....
    And thanks in Advance


    DaveLembke



      Sage
    • Thanked: 662
    • Certifications: List
    • Computer: Specs
    • Experience: Expert
    • OS: Windows 10
    Re: How to configure Small office network ???
    « Reply #1 on: July 10, 2015, 06:57:06 AM »
    You will need the server to have 2 network connections. The first will connect to the internet through hopefully a hardware firewall before the modem such as a router which has a built in firewall. The second network connection will connect to your internal network that all systems are on.

    Next comes the more complicated part. In Server 2012 you will need to set up DHCP for dynamic IP addresses to be issued or chose to go with static IP addresses at each workstation. Next you will need to set up a gateway connection for all systems to get their internet access through this server acting as a gateway. Next you will need to set up likely a proxy service to have your content contol in which you can blacklist certain sites or go super content control with all but only specific sites white listed.

    As far as removing network access to a workstation, you would have to terminate its lease early in DHCP and then have its mac address flagged to not be granted an IP or if you still want it on the LAN, but no internet then issued an IP and subnet, but no gateway IP.

    At the workstation if you have any employees who know there way around and have access to the network properties at a system, if they are locked out and look at the info at another computer, they could hack a connection outbound by going static config and choosing an IP address that is say 192.168.100. 239 on a network that is 192.168.100.x and avoid an ip conflict with 40-50 devices all in the say 192.168.100.10 to 192.168.100.60 range. But if they are locked out of making changes to IP then you dont have to worrk about anyone setting up a manual config to server and getting outbound.

    The best content control would be a gateway config that has a blocker by mac address so that even if someone hacked with a static config to try to gain outbound access, it still would flag it as unapproved and not work.

    For content control in the past I have configured and used a SonicWall vs proxy config at a server acting as a gateway for commercial controls. http://www.sonicguard.com/ContentFilteringService.asp?gclid=CI_tqJ3O0MYCFQYQaQodvPYPxQ

    For personal content controls etc, I have used either built in content control in the work stations browsers for small work groups or if necessary set up a proxy using SQUID for all systems to connect to, although I havent used SQUID in a while and the biggest need for SQUID was years ago with small businesses on shared dial up or satellite connections with limited bandwidth and creating a Cache of the frequently visited websites so that some traffic was able to be resolved locally vs each request having to download all the pictures, audio, video files, in which the proxy would check the contents in the local Cache against the website and if the content was local it would pass back to the workstation a local result or only have to download the dynamic info that is changing frequently, yet ads with pictures that dont change often are loced locally from cache of the proxy. But ever since broadband expanded, the need for such a proxy disappeared for this benefit of local cached data. http://www.squid-cache.org/

    sailo

      Topic Starter


      Rookie

      • Experience: Beginner
      • OS: Windows 7
      Re: How to configure Small office network ???
      « Reply #2 on: July 10, 2015, 04:54:48 PM »
      Sory to say that i still don't get what you mean of two network connections...

      did you mean a broadband internet connection that has to be connect to myServer and office LAN that also connected to myServer? Or both on a router?