Restricting by IP address with firewall in local network?

We've got a few computers in one room connected to a switch which goes to the rest of the network and then out to the internet. I want to be able to allow these 4 computers in the sub-network (is this the correct term?) to be able to do simple file and printer sharing without the rest of the network to access them or use those files/printers. We are using PC-cillin for our firewall. I know how to get to the page to set up exceptions for the firewall and I've had a wee bit of experience setting this up in Zone Alarm but I have a more general question. If I allow Computer A with IP address 10.1.6.32 as an exception on Computer B and then A gets shut down and Computer C on the network gets assigned A's IP address, would C then be able to have access to the same resources on B as A did? Is there a better way to set this up? None of the computers need to access any other computers on the network. They just need the internet access that the main router is giving them.

Restricting by IP address with firewall in local network?
The easy way is to replace the switch with a router. Use the router to create a NEW subnet


Say your original network uses addresses in the 192.168.0.xxx range. Set the router to create IP address in the 192.168.1.xxx range. Now the computers in the room are isolated from the outside network. The other computers will not be able to access the new subnet without you setting up tunnels in the router.


The computers will still be able to access the internet. The routers will be transparent.