Can I create a virtual sub net with no simple switch?

Hi,

In my company we have a single network. I now need that some computers (4 of them) will have some kind of a seperate network between them for some tests.

They MUST be disconnected from the main network. How can I perform that? I don't have a smart switch or router.
- Can the switch on/off this "other" network?
- What are my option? and/or where can I read/learn more.

Thanks

 

you can get a dumb switch/hub and connect the computers to it. just dont connect the switch to the main network and youd be ok. just give them all static ips so they can communicate.

 

I still need them to connect to the internet, as well as once they are done with their tests, to connect back to the main network.

- Is a dumb hub the only option?
- If they have a dumb hub, will that mean than everytime they need to test, they need to connect to that hub, and once they are in it - they will not have internet?
- Once they are done, do they need to reconnect to the regular switch?

Thanks for your prompt answer.

 

Thats not your only option. If you have a core switch and youre able to make vlans and acl's you can do that too. Just create a vlan for your test network, and deny all traffic to other vlans, except for port 80 to get to the internet.

But i noticed you dont have a managed switch. Are you on a domain? What are you going to be testing and what traffic cant get to the main network?

 

Thanks again,

So my options will be (In detail just to make sure I understand)

1. Dumb switch:
When test begins, all computers will need to manually connect to the dumb switch.
Q: My current AD is DHCP based, will there need to be any changes for the computers to see/connect to each other?

2. Smart/VLAN switch
Create a VLAN from the specific computers with access to Internet only (through the gateway I guess).
- Once testing is done I will need to enable the INTRANET access back.

I prefer the simpler solution if there are no special settings changes to be don. Can you confirm that please?

 

What exactly are you trying to block these computers from accessing on the network? If youre on a domain, you can take the test computers off the domain and they wont be able to access domain resources or other computers. like if you have a shared network drive that has permissions based on AD, the computers that arent connected to the domain wont be able to access that drive.

 

They need to test some network protocols during development, and not to interfere with the production enviroment which is working on the domain.

It's not a shared resource, so I can't block it to them (I tried playing with OU's but couldnt' figure it out).

I will try the simple hub solution.

 

That might be your best bet unless you want to mess with vlans and access lists.

OU's in active directory wouldnt really help you in this case. OU's are for segregating user accounts for managing group policy and whatnot.