hi guys..

I have to setup a lab with complete networking...
Is any there any way by which i can configure all the PCs to communicate each other via lan.. but block internet access on them... as the lan is connected to a proxy server of our university, that is accessible to the whole univ. network...??

Can this be done thru some tweaking.. or do we need some software..??

well you can configure the proxy to block their source addresses, or just don't give the pc's a default route out of the network.

can u explain wat u r trying to say...??

Hello,

if only the Labs-Pcs should be able to communicate with each other I would do it the following way.

Just configure a network that is different from the Universitys Proxy and leave the standard(default)-gateway blank or set a wrong standard(default)-gateway. With this "wrong" network configuration the Lab wouldn't be able to communicate with the Proxy.

This can be done manually, configure each PC or via DHCP.

This is a rough but in my pov the securest way to limit the network acces to the Lab (Provided the users don't have root privilegs)


HTH

no, YOU need to say what YOU mean better... not sure what you don't understand about my reply... should surely be self explanatory for anyone able to set up their own lab...

will this allow all the PCs in the Lab to communicate each other..??
No the PCs wont have root priviledges...!!

Hi,

yes the PCs would be able to communicate with each other, because they are in the same network.

If the Proxy has the IP 192.168.3.2 and netmask 255.255.255.0 your Lab is isolated if you use
192.168.y.x (y any value from 1 to 254 without 2).

If the users have root privilegs the would be able to change your configuration ;-).

HTH

the proxy has the IP: 172.x.y.z
Netmask: 255.255.0.0