How to keep home network Private But still share Internet ?

Activate WPA.

Uh no, that wouldn't leave the wireless open to being shared, assuming that's what the original poster is interested in doing.

Yes, That is what I want to do...

You want security on a wireless router protecting your machines that are doing MS F&P?

The only hope you got is using a personal FW on each machine limiting traffic on the Windows networking ports to specified static LAN IP(s) between the machines. You block all traffic other LAN IP(s) on the router that your machines would have, which would be static IP(s) on the router your machines are using.

That may possibly save you in a wireless situation.

Duane :)

Block all the MS print and file sharing ports on your router. This will make them invisible to outsiders. Almost certainly this has already been done automatically, but you can test using any website which can run port scans. Also set user-level security on all shares and printers, and ensure that everyone is logging in to your home network with valid login IDs.

My computers are invisible to a "Shields Up" port scan, but I can see the network computers when I sign on with a wireless laptop (Which has the same WorkGroup ID). Im wondering if a second wired router between the network and the wireless router would help ?

I just tried changing the workgroup name on the wireless laptop. Now I can no longer see the local network..

So it seems that if the user group name is not public, then that user group should be somewhat secure ??

Inevitably, since you have File/printer sharing enabled on your network and any PC connecting to your wireless is inside your network. As long as you have all your shares protected by user-level security, its not an issue though.

You could do that, but double-NAT is a pain to set up.

No, anyone with a reasonable amount of skill could search for your local workgroup name and find it fairly quickly.

Really, the answer is to put user-level security at the share level. No share should be readable by the EVERYONE group, all shares should have permissions only for known users inside your network.

Put a second wireless router (assuming you need wireless for your home network, not only for the open segment) with WAP behind your open public access router:

Set your home network's WAN settings on all auto (Dynamic IP). Set it on subnet other than your public router's. Then connect the WAN interface to one on LAN ports on the public access router (may need a crossover cord for that). That would do the trick, I've done it (though not with SMC) and can't really see what's so difficult about that as others warned about.

Good luck!

Are any of your home computers going to be using wireless?

I don't know that the SMC has the ability to do what you want. To setup routes and filters requires a router with a set of more sophisticated configuration options. This is usually well beyond what the typical home user a) wants and b) is capable of configuring.

Being able to "see" the workstations isn't the same as being able to connect to them. WINS and other tools for showing devices isn't designed with such split-security in mind. You'd have to move up to using a domain controller and encrypting network traffic, along with a fancier router, to accomplish what you're after.

So what really are you attempting to set up?

All I want to do is let outsiders use my internet connection, and still keep my files private..

If everybody locked down their connections, this hobby wouldnt be any fun...

I think I will try share level access control.

Just wanted to keep from entering passwords, but I guess there should be a way around that.

There is only a laptop is on the wireless side

Thanks for the discussion

I assume your ISP allows this. Worth checking, cos if they don't you could find yourself ISP-less.

You shouldn't need to enter passwords very often, but you will need to create each user an account on each machine. Then XP will ask you for the username/password first time you connect , and cache it even through logoff until such time as it gets changed at the other end.