PC Help Jansant - Guide to Network Setup
Main Menu
Home Page
Computer Guides
Computer Dictionary
Network Setup
Tips and Tricks
Internet Guide
Freeware/Shareware
PC Upgrade Guide
PC Maintenance
Support Forum
HTML Guide
Networking for the Small Office Home Office (SOHO) in Windows
The first thing you must decide is if you will use a wired
or wireless network. You can of course
use a combination of wired and wireless. Building a traditional ethernet
network is very cheap now, ethernet network interface cards (NIC's) can
be purchased for as little as $20 and hubs/switches for as little as $40.
Even the cost of cabling has reduced dramatically over recent years. Wired
networks are more reliable and offer much faster speeds than wireless
networks. Wireless networks also create additional security issue's which
must be addressed.
also see;
Once you have decided the physical design of your network it's time to start thinking about how users will access the network. You can create a peer-to-peer or a domain based network. Peer-to-peer networks are recommended for networks of up to ten computers. In a peer-to-peer network each computer is a sever and client and is responsible for the security of the resources it makes available. Each computer must be a member of the same workgroup. In a domain based network a single computer acts as a domain controller and authenticates users on the network. Each computer must have a domain account in order to join the domain. A peer-to-peer network is generally suitable for the home or small office.
Peer-to-peer network
First thing you should do is ensure you have all the hardware you need,
its installed and all cables are connected. If your using Windows 2000
you can allow access to resources based on users or groups. These users
will need a user account on the computer where the share resides. Windows
2000 grants access to network resources based on share
permissions, by default when a share is created the Everyone group
is assigned the Full Control permission. I advise you change this permission,
especially if the share contains private information. With Windows 2000
you can assign permissions in a much more secure fashion. Note that share
permissions and NTFS permissions are different. NTFS
permissions are for local users on that computer, share
permissions are for users accessing shared resources via the network.
Create user accounts on your win2000 computer that will be sharing resources,
a users account should use the same username and password on all computers.
If your sharing resources on Win95/98/ME you will need to choose a password
when creating a shared folder, any user who knows the password can access
the share. Creating a user with the same user name and password on all
your machines means you simply log in once on your computer rather than
providing a password each time you access a network resource. Of course
most networks have more than one user and they should never all use the
same user account, in this case a password will need to be provided when
accessing shared resources on a win9X peer-to-peer network. As long as
a win9X user has the correct permissions to a win2000 shared resource
the user can access that resource. When your creating passwords for your
user accounts and shared resources, you should make your passwords as
long as possible and use upper and lower case characters, also use numbers.
You can even use special characters such as &*^. This makes it harder
for hackers to crack your password, 12 characters with a mix of numbers
is a good length. If your using Win95/98 computers on your network keep
in mind passwords can be no longer than 14 characters. If you have Win95/98
computers on your network keep your passwords below 14 characters.
Each computer on your Windows network must have a unique computer(NetBIOS)
name. You can change this name to one which is easier to remember, use
the "System" applet in the "Control Panel", select
the "Network Identification" tab and click "Properties".
From the "Identification Changes" dialog box you can change
the computer name and select what type of network your computer will operate
on. Select "Workgroup" and type the name of your workgroup.
Some systems require the workgroup name to be in capital letters. When
installing win2000 you most likely entered a work group name. All computers
must be members of the same workgroup, each computer must have a unique
computer name.
Assign IP address
Read also TCP/IP basics
You must assign an Internet Protocol (IP) address and subnet mask to each
network device accessing the network. This address is assigned to a Network
Interface Card (NIC) attached to the network. An IP address is made up
of two parts, the first is the address of the network, the second is the
address of that computer on the network(you can have one computer with
two network cards, each would have it's own IP address and could in fact
be on different networks). The subnet mask determines which part of the
IP address is the network address and which is the computer address. All
machines on your network must have the same subnet mask. You can allow
windows to determine the IP address automatically or you can determine
it manually.
Your IP addresses must be from an address range specifically set aside
for private networks. Also you can not use the first and last address
of that address range. I prefer to manually assign IP addresses on my
network, if you wish to use Internet Connection Sharing in Windows, let
windows automatically set the IP address of each PC on the network. To
set the IP address on your NIC click "Start", go to "Settings",
and click "Network and Dial-up connections". Right click "Local
Area Connection" and select properties. Highlight "Internet
Protocol (TCP/IP)" and click "Properties". Here you can
either allow windows to automatically assign an IP address or you can
set it manually.
Note: you must also have "Client for Microsoft Networks" and
"File and Printer Sharing for Microsoft Networks" installed.
Manually Assign IP Addresses
If you obtain an IP address automatically you can skip this step and
go to heading Ping below.
Give each computer a unique IP address, all computers the same subnet
mask. Write down the IP addresses you assign and the Compter Name that
corresponds to that address, we'll use it later.
Suitable addresses would be;
computer A =10.1.1.1 with a subnet mask 255.0.0.0
computer B =10.1.1.2 with a subnet mask 255.0.0.0
computer C =10.1.1.3 with a subnet mask 255.0.0.0
This class A addressing range allows for around 16,000,000 hosts on a
network. If you have a computer or device on your network acting as a
gateway place this address in the "Default gateway" box. All
computers must be on the same network, including the gateway computer
otherwise they will not be able to communicate with each other.
Ping
If you manually assigned addresses you have them written down. If windows
automatically obtained IP address you will have to get the address of
each computer. In Windows 2000 Start Menu select Run and type "cmd"
opening a command prompt. At the prompt type "ipconfig" press
enter, a range of information will be provided including the NIC IP address.
To check TCP/IP is operating normally. Click "Start" and select
"Run" Type "cmd" and press enter, this opens a command
prompt window. Use the ping command to test your connection, type "ping
IPaddress" (of another computer on your network) and press enter.
You will see the following if your computers are connected and TCP/IP
has been configured correctly.
Ping is used to check TCP/IP connections are operating correctly.
If this is successful then you can start sharing resources on your network.
If you allowed Windows to automatically obtain an IP address then skip
down to the section, Sharing Resources on Your Network. If you manually
selected your IP addresses then you can provide simple name resolution.
The Hosts File
To provide name to IP address resolution you can edit the hosts file
on each computer. This allows you to use a name instead of remembering
the IP address of computers when accessing some services. An internal
server such as a web server that uses a TCP/IP protocol (http) can be
accessed with a name instead of a number. The idea being names are easier
to remember. If you use a proxy server on your network you can point your
web browser to the proxy via a name instead of IP address. Every machine
on your network will have a hosts file, this is a text based file with
a mapping of IP addresses to computer names. Use the list you kept earlier
to edit this file. In windows 2000 you will find the hosts file in the
C:\WINNT\system32\drivers\etc directory, just use the search tool to locate
it in other operating systems. Use notepad or another text editor to edit
this file. Without changing anything else in the file just add an entry
for each machine on your network listing the IP address and computer name,
using the tab key to separate the two. You can add an alias as a third
entry, i.e. 10.1.1.1 jansantnet.localdomain jansantnet. Without this alias
name jansantnet.localdomain would have to be used but by adding the alias
I can simply use jansantnet when requesting services on that computer.
127.0.0.1 localhost refers to the loop back address on the local computer,
don't change this. Edit the hosts file like this on every computer.
Sharing resources on your network
First you must have "Client for Microsoft Networks" and "File
and Printer Sharing for Microsoft Networks" installed. Check your
TCP/IP settings in the "Local Area Connections Properties" box.
Choose a folder or drive you would like to share, its not recommended
to share your complete C: drive. Right click the folder and choose "Properties",
select the "sharing" tab. Select the "Share this folder"
button. A name will be automatically given to this share, you can change
this name if you wish. The "Comment box is for a description if you
wish. With Win95/98/me you will also select what type of access, type
a password and click "Apply", you will be prompted to enter
the password again. This is all the access permissions that can be applied
in Win9x. In Win2000 access is granted based on the choice you make in
"Share
Permissions" dialog box explained further down.
In Windows 2000 you can also share folders using the Control Panel. Double
left click "Administrative Tools", double left click "Computer
Management", select "Shared Folders" from the left pane,
and double left click "Shares" in the right pane, right click
a clear area in the right pane and select New File Share. Browse for the
folder you wish to share.
Notice that all your local hard drives are listed here (including the
system directory), for example C$. These are administrative shares and
are hidden, they are not shown in My Network Places or the browsing service
of other computers, leave these as they are. If you want to create a share
that does not appear in My Network Places or the browsing service on computers
connecting to your machine, you can hide it by adding a $ to the end of
the share name. You can connect to hidden shares across the network if
you know the UNC path and have adequate permissions on that share. UNC
stands for universal naming convention, it's made up of the computer name
and the share name and is written \\willow\allsites. The UNC name has
nothing to do with the hosts file used for name resolution mentioned earlier.
Hackers know all about administrative shares and will exploit them if
they can. To keep your drives secure create long passwords on your all
user accounts using both upper and lower character, numbers and special
characters such as $*^. Keep all passwords at a minimum of 8 characters
with special rules applied through "Local
Security Policy" in the "Control Panel".
Share Permissions Windows 2000
In win2000 peer-to-peer network access is granted based on the choice
you (administrator) make in "Share Permissions" dialog box.
Windows 2000 is a true user level access operating system, this means
access is granted or denied based on user permissions. By default a share
on a win2000 computer will have the permission "Everyone", I
recommended you change this. The share permissions can also be set in
Computer Management by right clicking the share and selecting properties.
For
a more detailed description of share permissions view this page.
Your shared folder should now be available through "Network Neighborhood"
on Win95/98/me, be patient, in my experience it can take a while for it
to appear in Network Neighborhood, sometimes not until after restarting.
In WIN2000 go to "My Network Places" double right click "Add
Network Place" and either browse or type the UNC of the share and
click next.
Mapping a share to a drive letter
For shares that you use often, I find it's easiest to map the share folder
to a drive letter. Then your share will appear in Windows Explorer as
a drive, though it's not really a drive. It just makes it quicker to access
that's all, the share will still appear in "My Network Places"
but will also appear as a drive in "Windows Explorer". Some
applications require this as they don't have access to "Network Neighborhood"
or "My Network Places". To map your share to a drive letter
open "Windows Explorer" and from the tools menu select "Map
Network Drive...". Browse for your share or simply type the UNC
name of the share i.e. \\willow\allsites. You can select the drive
letter to assign to this share or just accept the choice already made.
If you wish this mapping to remain permanently place a tick in "Reconnect
at logon". If you only want this to be a temporary mapping then untick
this box.
These instructions are relevant for most Windows operating systems as
they vary only slightly and settings are made in slightly different places.
If your having trouble with your version of Windows use help from the
start menu.
Web-Site Administrators Local Time
feedback - terms of use - contact - sitemap - advertise - webmasters
©PC Help Jansant