Here's what I want to do :)

At the moment I have Win 2000 Pro acting as an internet sharing server for the local machines on the wire network.

What I want to do is setup a local WLAN but to have user on the WLAN to have to input a password before they can access the internet, maybe like a domain logon ??? The reason for this is the WLAN is to be a non profit but payable service and I must be able to stop internet/server access to those users who arn't helping to keep this service running (hope that makes sence).

If this can't be done with win2000 Pro I have window 2000 server, but can this be loaded on top of the old Windows 2000 ?

Look forward to some detailed replies :)

MaNy ThAnKs,
Lee...

Internet access control can't be accomplished effectively using either pro or server really. 2000 professional has ICS, a kind of mini-NAT implementation. 2000 Server has ICS as well as a full blown NAT implementation in RRAS. you can do user authentication using server, but it will not effect internet browsing. RRAS has access control but that is for incomming connections, not really for router functions. However, if you want access control, based on user name, you are really looking at either a firewall or proxy product. depending on your resources, you could either (in order of cost) 1) put the 2000 server there and if you have 2000/nt workstation you could have an all or none apporoach (either you logon to the workstation/network/internet or you don't)
2) try to find a cheap shareware proxy program that can authenticate users (maybe sygate has a product)
3) buy a hardware firewall device that handles user authentication
4) load win 2k server and use ISA server or Proxy server

good luch

Many thanks for you quick reply !

I was just about to wipe my HD and install server, good job I read your message or I would be unhappy chappy :)

I do run 'zone alarm' firewall, but not really see how that would help. The PC's on the network gain their IP address's from the Windows 2000 Pro PC, how can I stop that, I can't see any setting that say's use DNS etc.
If I could set the user's with fixed IP address's then yes I could 'ban' them using the firewall, but at the moment all they would have to do is give themself's a new IP and away they go again :(

Cheers Lee...

P.S. Trying to certain user's getting Intenet access :)

ICS by default turns your w2k pro pc into a kind of mini dhcp server. However you don't have the ability to really configure any scope options like you can in a real dhcp server. What ICS does is change the ip address on your LAN card to 192.168.0.1 and then hand out the ip address range of 192.168.0.2-192.168.0.255
it hands out the gateway as 192.168.0.1 and
the dns servers as whatever your w2k pro machine's dns servers are. You can put these settings in manually on each machine to achieve machine level control of internet access through firewall filtering. You won't have user level control, (a user can simply go to a machine with internet to get on), but some control is better than none, i suppose.