-41

At work I am given only a single internal IP address (198.168.10.106) to be used on a single computer on the network. The problem is that I want to use 2 computers at my office and share the only single given IP address between them.

On one of my 2 computers I have a web server that I want to be accessed from (198.168.10.106) work network. My work's network Administrator will not give me a second IP address, so I decided to use a TP-Link consumer Router to have the single available IP shared between the 2 computers.

TO SUMMARIZE. I would like both my server PC and the regular windows PC (connected to the router's LAN port) to be seen over my work network as one IP address. The one given by my administrator (198.168.10.106).

Work Network ----->| WAN MY ROUTER ||----> PC 1 |---- PC 2

I connected the cable from my work's wall socket to the WAN port of my Router. And from my router's 2 LAN ports a cable to my 2 personal computers respectively. So I am about to share this single IP address (198.168.10.106) between my PC1 and PC2 which are given IP addresses 198.168.0.1 and 198.168.0.2 respectively.

WHERE IS THE PROBLEM? The problem is that Internet works fine but Windows File Sharing with other computers on work network does not work.

Any ideas?

Improve this question
4
  • 14
    I suggest that you present a business case for you having two network connections to your manager and let them take care of it. I doubt that the aesthetic qualities and mass of the network admin have anything to do with it.
    – Andrew Morton
    Commented Nov 7, 2015 at 12:50
  • Thanks but it is easier that I use a router to share my only available IP address, if I can make it to work with windows and file sharing. The aesthetic qualities and mass of the network admin are directly connected to not giving me a 2nd IP address. Otherwise the network admin would look sweet and delicate to me !
    – Thanasis
    Commented Nov 7, 2015 at 12:56
  • 7
    ahem Official moderator word from above. @Thanasis be nice. Further rollbacks to the original not nice version describing your network admin would... well, not be nice, and not be in line how we expect users to behave themselves.
    – Journeyman Geek
    Commented Nov 7, 2015 at 13:45
  • 2
    Also, you achieve absolutely nothing by calling your boss fat and stupid. Great, superuser.com now knows your boss is fat and stupid. What do we do with that information? Nothing. Please refrain from attacks in the future
    – Registered User
    Commented Dec 6, 2015 at 0:19

4 Answers 4

Reset to default
23

What we have here is a failure to communicate.

There's a few issues in play here, many of which are well, not technical.

Lets start with "Work Network Admin refuses to give me a 2nd IP address". This is a right thing to do. One does not have arbitrary systems added to a work network. In many workplaces doing so without authorisation will likely lead to you very quickly having to put all your personal belongings in a box and walking out of here. And of course, if you showed the same level of hostility towards the network admin as you did in the original version of the question, well, he might be disinclined to explain it to you.

The reason for this is securing the network and even having a second router is a horrible horrible thing in most work environments.

LPchip's answer covers why it dosen't work for most part. Also consider that your two systems are in a separate network segment and unless routing is set up explicitly, systems outside your subnet can't see them. Incidentally the person who could set this up is your network admin.

What can you do? Not much. Actually there's no simple way to make it work. Samba relies on fixed, known ports and isn't really designed for the sort of scenario you're trying to work with.

The easy solution really is to be nice to your admin, bribe him with a sixpack of whatever beverage of choice and ask him how you can have your needs met without breaking the network. I'd also consider checking the company policy since its no use getting your way if you no longer have a job.

Improve this answer
4
  • 4
    No longer having a job. seems the most likely outcome. If work wanted Thanasis to have two computers at work, work would provide two computers and two addresses for them. If Thanasis wants a second computer at work, non-authorized, possibly non-work-related, firing is a reasonable, logical response.
    – Ecnerwal
    Commented Nov 7, 2015 at 15:45
  • Can you stop the drama and try to answer my question?
    – Thanasis
    Commented Nov 7, 2015 at 19:10
  • 7
    You don't have a question. Your work network is set up to prevent outside machines (non-company-owned) from connecting to the network. You're trying to do that, and it's not letting you. System is working as designed. There is no problem here. The access controls that prevent you from logging onto the domain with your unauthorized box are functioning correctly.
    – allquixotic
    Commented Nov 7, 2015 at 23:05
  • Ok sir. I understand about work. Imagine that it is not about work. It is about a network using windows PCs connected to a plain network switch. From the switch I stick a router in order to split a single IP address into 2 new IP addresses ( a new network using 2 computers ). I am using a router to do this. How can I enable the file sharing thing in these between the 2 networks? Am I not clear enough? For God Sake. You will make me crazy...
    – Thanasis
    Commented Nov 7, 2015 at 23:57
12

Whoa. It sounds like you're either an intern, or a very young developer hired just out of college, with no idea of how the corporate world actually works. You're soon in for a very nasty surprise if you continue down this course of action.

As multiple other people have probably told you, what you're trying to do is almost certainly against your company policy, and almost certainly will get you fired if you persist. I mean, you're playing with your career here. Once you get fired with cause, it's nearly impossible to get hired again in the IT world.

You need to stop trying to route around the procedures and policies in place at your workplace, and start working with your coworkers and management to convince them that what you're trying to do is a good thing for the business. If they ultimately tell you "no" and you still believe you're in the right, you can then start polishing your resume and try to find another place to work that's a little more open-minded.

The policies at your workplace are there out of an overabundance of caution. I'm not saying the policies are the best thing in the world, but they are approved by the management, and if you violate those policies, there are very real consequences for doing so that might require you to change your career.

Yes, it will take longer to buy the hardware/software you need through the company's official channels. Yes, the system administrator might give you a hard time. But ultimately, if everyone else in the business knows what you're doing and fully supports it, everyone will be better off. They might even change the policy to allow similar things to happen more easily in the future, if your effort pays off.

Blindly telling us in your comments to "just give you the answer" is the most inane thing you can possibly do. One, if you get it to work, and you're caught or detected to be basically a rogue operator, you're probably going to get fired.

And two, it's not technically possible based on the way you've set it up now. You could install a second network card in your main (official) company desktop computer and use Windows' built-in Internet Connection Sharing to give your other box local network access, but this would be a further violation of your company's policy on not modifying their equipment or reconfiguring their software.

This whole cowboy "I'm better than the policy" attitude is really playing with fire. Step over the wrong boundary and you'd better learn how to flip burgers. This is the most correct answer to your overall problem that I can give you: work within the system to change and mold it to your needs; don't try to bypass the system. If you do, you'll quickly be branded a rogue operator and you will never be able to get another decent job in your life. Despite not knowing you at all, I wouldn't wish this fate on you. Wisen up.

Improve this answer
2
  • Hi brother. I understand you are trying to tell me that what I am going to do is not a simple right, but a violation of what is standard in corporate world. I know that, this is why I am not installing software or a server in my official as you termed company desktop but on my own private computer. What I am finally trying to do is to share an underground strategic project with certain colleagues which aims to make our work more efficient and fast. I don't want to share this with management because I don't want them to be competent. I am trying to be as legal as possible and I am about to risk
    – Thanasis
    Commented Nov 8, 2015 at 0:13
  • 5
    @Thanasis You should know that projects like this are generally called "rogue IT". They are the reason that policies like you're experiencing are put in place. Even if everyone involved in the rogue IT project has good intentions, there are very real ramifications in terms of security, intellectual property, productivity, and network availability. Give up on your plan, please, and work with your IT department, not against them.
    – EEAA
    Commented Nov 8, 2015 at 20:12
2

What you want is not possible. This is not how TCP/IP works.

By using a router, you create a new network, so obviously, things as file sharing stop working, as they only work with your internal network.

You should place the webserver either on your own computer or place the machine with a secondary IP in the network where you optionally use DNS to make people find that server (for example through the hostname, or by asking nicely to get a DNS entry through the DNS server.

By using a router, you create a new network, your traffic remains inside this network and by port forwarding on the router, you can selectively allow traffic to go from the outside of the network to the inside. If this were not the case, I could access the files on your computer through the internet. Its just not possible. Again, TCP/IP does not work that way.

Improve this answer
6
  • Is it not possible to do something like a PAT-Overloading described here ? Selecting the input ports for the webserver and the microsoft shared network and addressing them to different computer in the internal side?
    – Hastur
    Commented Nov 7, 2015 at 13:57
  • 3
    TCP/IP does work that way; networks are not limited to the two-level "internet - home router - LAN" structure, and things like file sharing can work fine across networks. For example, if the main office LAN's router had a route like 192.168.0.* is accessible via 192.168.10.106, then it would work without port forwarding, just with pure IP routing. It's done that way in many larger offices – basically anywhere more than one subnet is used. (Of course, it won't work for OP because it'd need even more involvement by the network admin.)
    – grawity_u1686
    Commented Nov 7, 2015 at 14:08
  • grawity what do you mean network admin needs more involvement? Can't I simply set the router to route ?
    – Thanasis
    Commented Nov 7, 2015 at 16:13
  • I know there is an answer but I won't get any.
    – Thanasis
    Commented Nov 8, 2015 at 3:34
  • 1
    @Thanasis that's called Wishful thinking. Just because you want it to be, doesn't make it be.
    – LPChip
    Commented Nov 8, 2015 at 21:55
-1

If adding a router without any auth to the wall socket works then simply adding a switch should work by the sounds of things, unless you did MAC spoofing as part of the process.

Improve this answer

Not the answer you're looking for? Browse other questions tagged .