how do I network these computers ?

Discussion in 'The Garage' started by xcflyn, Feb 9, 2013.

  1. xcflyn

    xcflyn Long timer

    Joined:
    Mar 20, 2010
    Oddometer:
    1,153
    Location:
    Rocky Mountains
    Here is my deal. I have a few computers in my shop and there is wireless throughout the building. What I need to do is send files from the one that is online to the one that is not. What happened is we have one computer (PC) that is in the cabinet of a machine along with all its motion control. That computer has thousands upon thousands of dollars in software in it for running the motion control along with Cad and other drawing and conversion software. That tower has no wireless has had a ethernet cable hooked into it. What we used to do was have that computer go online and pull up mail to grab files we drew at home or someone would send us, basically emailing it to myself so to speak. Then I had a scare a month ago where that computer got something that wiped it out, the "Nerd" said if I were you I would not have this online at all. So I took it off line. But ,,,,,, it sucks, now I would have to put everything on a flash and it is a hassle to get to this computer to use that. Anyhow, How can I hook my computer that is online to this computer and just transfer information between them without the machines computer actually going online ? All my computers run XP and ideal would be that 3 of these could file share without the one going online. Funny I called the "nerd" and he says- "what you cant do it yourself", I say, "would I call you if I were clear on how to do it" - he says "well try and call my Monday if you dont get it"- I say, " dont worry I get it, you dont want to do this small job, its not worth your time, dont worry I wont be calling you". So here I sit asking you how to do this, hopefully in a few easy steps? I did have the GF look online, but its like a oil thread :eek1
    #1
  2. It'sNotTheBike

    It'sNotTheBike Banned

    Joined:
    Jul 20, 2011
    Oddometer:
    704
    1. Your nerd is correct that a mission-critical machine running XP should not be
    connected to the outside world via internet. Machines running XP are just too
    easy to exploit.


    2. Your best choice is to pay a pro to set things up correctly. You can create problems
    you probably don't need if you start messing with the network settings of the
    machines yourself. It comes under the heading of "a little knowledge is a dangerous
    thing". What you want is to set up a VPN. Just pay the pro his going rate and get it
    done right the first time. You are using the machine to make money, and it makes
    sense to use a pro to make sure the machine is set up properly.


    2.a. If the guy says to call him Monday, and he has done good work for you before, then
    the smart thing to do is call him Monday like he suggested, not to get an attitude and
    resolve never to deal with the guy again. Maybe he said to call him Monday because
    he was swamped with work until then. Unless the nerd specifically told you he could
    not be bothered with such a small job, you have no way of knowing why he didn't want
    to deal with your job right away. People may have other commitments that you might not
    be aware of, and obviously the guy works for other people too. If you come off like a jerk
    when you are trying to deal with someone who can help you, they might not want to help
    you. This ought to be obvious to anyone over the age of ten or so, but apparently you didn't
    get the memo.


    3. Next time you write more than a few sentences ( especially if you are asking for free
    advice which usually costs money ) break what you write into paragraphs. The giant
    blob of text you created is extremely difficult to read.



    .
    #2
  3. troidus

    troidus Long timer

    Joined:
    Sep 1, 2010
    Oddometer:
    16,360
    Add a second NIC to the online box and use Ethernet to connect it to the offline box. Run it through a cheap 5-port switch. Configure the two NICs to be in the same network, but different from the rest of your in-house network. Make sure Internet Connection Sharing is turned off on the online box.

    It's not bulletproof, but should work for your needs.
    #3
  4. Stan_R80/7

    Stan_R80/7 Beastly Gnarly

    Joined:
    May 12, 2012
    Oddometer:
    1,644
    Location:
    VA
    Welcome to the world of network administration! Windows has built in networking software. If you want safety and security without much maintenance, then keep everything offline. Otherwise, there are constant patches and updates necessary for the anti-virus and Windows updates.

    Basically, you want one machine to act as a server with three others having only local access. The server would then need to be secured and patched. The other machines would have only local access to this server and no internet access.

    All the information to configure such a system is available online using a search engine such as Google - for free. I suggest 'local network with internet server' or 'web server LAN' as search terms to get you started. Here is a diagram link: http://en.wikipedia.org/wiki/Computer_network_diagram

    Also, I believe the correct term is 'geek' rather than 'nerd' with 'pencil neck' and 'four eyed' as appropriate adjectives. :D
    Good luck!
    #4
  5. xcflyn

    xcflyn Long timer

    Joined:
    Mar 20, 2010
    Oddometer:
    1,153
    Location:
    Rocky Mountains

    Thank you Kioti for that.
    Plus I did not ask for a lesson in how to conduct business. This should be easier to read then my past "blob". Funny how improper it was to ask for "free advice" My God no one ever does that on ADV :lol3
    #5
  6. KSJeff

    KSJeff Yea, I'll go

    Joined:
    Jun 13, 2010
    Oddometer:
    127
    Location:
    Andover, Ks.
    Were you surfing the net on that machine when it had it's problems? Personally, I would just hook it back up and refrain from using the browser.
    #6
  7. trc.rhubarb

    trc.rhubarb ZoomSplat!

    Joined:
    Nov 15, 2011
    Oddometer:
    2,063
    Location:
    Concord, CA
    I have a few customers that have massive manufacturing lines.
    The machines connected to the robots are 100% offline because giving people even a little access ends up costing 100's of thousands of $ for them in downed production lines when they get a virus or load games.

    Get a nice USB stick and copy your files over. You will be happier and it will take less time that rebuilding your controller.
    #7
  8. PeterW

    PeterW Long timer

    Joined:
    Nov 11, 2005
    Oddometer:
    2,812
    Location:
    Gold Coast
    Windows still has the ability to copy files via the serial ports. So, if it has those already, only the correct (null-modem) cable is needed. Any that don't have serial ports, you can use USB to serial adapators.

    The advantage of that is that although the performance isn't great, most virii will be 'blind' to the serial sneaker-net.

    Still some messing around, but more convenient than USB sticks, which can still be a source of virus problems.

    (Oh, and provided you can make the cables, you can run serial through the existing ethernet cabling - label those connectors though, RS-232 and Ethernet don't play nice with one another)

    Pete
    #8
  9. sailah

    sailah Lampin' it

    Joined:
    Aug 12, 2005
    Oddometer:
    5,828
    Location:
    Turning expensive metal into scrap
    You say it's difficult to get at the machine, I'm guessing to insert a flash drive because the USB port is buried somewhere in the cabinet?

    Why don't you get a USB extender, leave that plugged into the machine, and the tag end is zip tied next to the mouse. Walk up, plug in and fire away. $5.

    That's about as cheap as I can make it.:D

    Things like computers that take a special skill set I outsource. I'm sure I could eventually figure it out, but my time is worth money and spending it trying to figure out networking when there are tons of people who already know the answer.

    Easy decision for me, pay the pro.
    #9
  10. P B G

    P B G Long timer

    Joined:
    Mar 7, 2008
    Oddometer:
    10,001
    Location:
    Greater Chicago
    I have a similar issue at work.

    I have a PC connected to the Carver - it had too many issues with software getting fubar'ed by updates, needing to roll back, and connectivity issues.

    So what I found is that since the only file I need to move to and from is the carve file, I use a USB - now this is annoying unless you put shortcuts to the destination.

    That being, you can put a "shortcut" to the carve file folder on the one machine into the USB drive, so you open the USB drive and drag it into the correct folder.

    Quick and easy like.
    #10
  11. VStromNC

    VStromNC DNS/DNF

    Joined:
    Jul 12, 2007
    Oddometer:
    854
    Location:
    Charlotte, N.C.
    Slightly off the subject but you can also use remote freebie services such as Googe Drive or DropBox and park any files or photos that you want to share and access from any computer with a Internet browser.

    Jon
    #11
  12. SgtDuster

    SgtDuster Long timer

    Joined:
    Feb 23, 2010
    Oddometer:
    3,482
    Location:
    Province of Quebec!
    Hook it to your network without a default gateway; no Internet from the inside, less risky...you know this user clicking on something he should not...

    This and a good firewall to protect you from the outside.



    Easy, simple.


    There are more complicated and "bulletproof" (network wise) methods around but I don't see myself explaining them to someone over a forum.
    #12
  13. ericrat

    ericrat Long timer

    Joined:
    May 18, 2007
    Oddometer:
    1,231
    Location:
    Cincinnati, OH
    Here is what I would do. I would run an ethernet cable from the CAD machine to a nearby workstation, you may need to add a second network card, or simply use wireless on this stations connection to the rest of the network. Set the IP address on the CAD machine to one network, say 10.5.5.5 mask 255.255.255.0, no default gateway, no DNS. Set the IP address on the adapter for the "nearby workstation" to 10.5.5.1. Again, no default gateway, no DNS on THIS ADAPTOR. Don't use these addresses anywhere else.

    Now the CAD machine is networked to the "nearby" workstation ONLY. Create a folder on the "nearby workstation". Right click on the folder, go the "sharing" tab and share the folder. You really should set permissions on the folder with username/passwords... Now you can "map a drive" to the folder from your CAD machine. You can open that folder on your office workstations to drop files into.

    In a larger environment the process control/production networks would be seperated by a firewall. A production machine might be able to initiate a connection into the business side to grab files, but the business side of the network would never be allowed to touch the production side.

    This is somewhat specialized work with a deep knowledge set. Perhaps you aren't paying your IT professional enough?

    Good luck,

    Eric
    #13
  14. ericrat

    ericrat Long timer

    Joined:
    May 18, 2007
    Oddometer:
    1,231
    Location:
    Cincinnati, OH
    A cheap linksys firewall right our of the box would work. Plug the "wan" or "cable modem" side into your office network. I am assuming there is DHCP, etc on that side. Plug your CAD system in the "LAN" side.

    The default rules on the linksys should allow outgoing connection, but not allow anything inbound. Map to a folder on one of your office machines and make that the "file repository" for this operation.
    #14
  15. dnrobertson

    dnrobertson Big Bike, Slow Rider

    Joined:
    Jun 30, 2008
    Oddometer:
    853
    Location:
    Frankston, Australia
    Firstly, virus etc can be transferred via USB (yes I know MS changed XP so as to disable autorun), so doing file transfers this way is still a risk.

    I would:

    Reconnect the CAD computer to the network.

    I would create a shared folder on the CAD computer so that the "online PC" can save files to it directly. Map a Network drive on the "online" PC so access is easy (say the T: drive).

    Then go the network properties on the CAD computer and point the DNS and gateway to a bogus IP address (i.e. 127.0.0.0). This prevents any user being able to use it to access the network or the Internet.

    Now receive your email on the "online" computer and save attachments etc to the T: drive.

    Now walk to the CAD computer and open up the attachment.

    There is a risk from the attachment, but you have removed a lot of risk by cutting out the Internet access.

    If you have smart workers who could bypass this, look into opendns.com and see how they can help.

    Also, look into some imaging software (Acronis etc) which will allow you to take a complete copy of the CAD computer to an external hard disk for recovery purposes.
    #15
  16. Flashmo

    Flashmo Whatever...

    Joined:
    Dec 21, 2008
    Oddometer:
    2,631
    Location:
    Vagabond Hippie
    This! ^ It generally takes less time to transfer large files by thumb drive than by e-mail file transfer. Buy some thumb drives and get back to work ;-)
    #16
  17. xcflyn

    xcflyn Long timer

    Joined:
    Mar 20, 2010
    Oddometer:
    1,153
    Location:
    Rocky Mountains
    I went with the "hire a pro plan". Found a small outfit (father daughter team) that will take care of it for under $100.00 , and for that money I also am put on the business's come first list where if I have any computer issues that get in the way of production, I am moved to the top of the list. They have a nice testimonial page with many of the local business's being happy with the work they do. That $100 goes to someone who knows how to do their job while I can make it doing mine. Second option would be a usb extender and thumb drive due to simplicity and the fact I wont screw up anything hooking that up :confused
    #17
  18. ericrat

    ericrat Long timer

    Joined:
    May 18, 2007
    Oddometer:
    1,231
    Location:
    Cincinnati, OH
    :clap
    Sound like a good solution. If I do say so myself, my Linksys suggestion is actually a pretty good one. I would encourage you when the solution is completed to ask "how is that machine protected from the others?".

    A good practioner should be able to explain that reasonably without too much techno-babble. As you brought up in your original requirements there needs to be some control point to protect that machine from the big bad world.

    Eric
    #18