How to connect two networks with the use of a router switch

Thread Starter


Joined Oct 15, 2007
I’m a network engineer, we have two networks one is a global network and other is a private network there are lot of workstations in the private network, but we don’t want to make all the systems visible in the global network because to minimize the risk of worms and virus attacks. My goal is to make only one computer visible to both private and global network. We are trying to accomplish this by keeping files from a private network open to only one computer in the global network by this we are making a connection and also reducing the hassles. I want to use a router switch to connect these two networks how do I do it?


Joined Oct 20, 2007
Your question has a lot of variables (such as the types of operating systems you are using and the types of switches / routers that are available to you).

What you want to do is put your computers on a private subnet. If you are using an iptables based router (all linux-based routers) then you can set up the iptables entries to create a private subnet for your internal network (the ones you want invisible from the outside network) and set up a single entry point to the network (using the ip address of the computer that you want to have exclusive access).

Sorry to be so inspecific, but your question requires more clarification. Could you post back the types of routers and switches you would like to use?


Joined Nov 9, 2007
I would use a firewall solution for this situation. With this, you would be able to use access lists to allow/deny access in both directions down to the IP. With switches and a router you may be able to setup common VLANs and route between them. Without your specific hardware it would be hard to say.

Thread Starter


Joined Oct 15, 2007
Have you thought of using a proxy server and a firewall to isolate your local network?
Someone once told me that it's possible to develop a closed network of computers that would be able to communicate with one another WITHOUT having to hook them up to a server connected to the internet.

I'm new at this, so I'm not sure, but all the setups of LANs I've seen so far are connected to a hub or a switch, which in turn is connected to an internet server. Is this because internet connectivity is really necessary for LAN connectivity, or because it's less expensive or technically difficult to do it that way? If it's possible to set up an isolated network, what should i needto do?


Joined Apr 20, 2004
This is a link to a FAQ that addresses some of your questions - That is, the ones about the local network.

For the external connectivity to the internet, a proxy server is a good security measure. All traffic coming in communicates with only the one device. None of the computers on the intranet side are visible to the outside.


Joined Jan 16, 2008
The standard way of doing this is to use Network Address Translation (NAT) in the router. The router documentation should tell you how to set it up, but basically you set up the router to map one or more unused addresses from your external network to addresses of machines on your private network.