A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.telecom.broadband (UK broadband)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.telecom.broadband (UK broadband) (uk.telecom.broadband) Discussion of broadband services, technology and equipment as provided in the UK. Discussions of specific services based on ADSL, cable modems or other broadband technology are also on-topic. Advertising is not allowed.

firewall query



 
 
Thread Tools Display Modes
  #1  
Old January 5th 06, 12:34 PM posted to uk.telecom.broadband
Cuprager
external usenet poster
 
Posts: 5
Default firewall query

Hi all,

I look after a small businesses LAN that consists of 8 machines at the
moment (all win2k / xp), all machines are connected back to a standard
switch. There is a requirement for a broadband connection to serve two
of these machines only. NO traffic from the other machines should be
visible to or on the Internet. I am looking for an easy solution, one
that the owner can look after with minimal fuss (they are not computer
literate beyond USING the machines). What would be ideal is installing a
BB router that has fairly advanced firewall capabilities built in,
something that could prevent traffic being passed to or coming from the
WAN interface and going to either certain MAC addresses or to certain IP
addresses. Is this possible? Can anyone recommend such a router?

Thanks in advance

G
  #2  
Old January 5th 06, 01:23 PM posted to uk.telecom.broadband
Steve
external usenet poster
 
Posts: 27
Default firewall query

On 2006-01-05 12:34:42 +0000, Cuprager said:

Hi all,

I look after a small businesses LAN that consists of 8 machines at the
moment (all win2k / xp), all machines are connected back to a standard
switch. There is a requirement for a broadband connection to serve two
of these machines only. NO traffic from the other machines should be
visible to or on the Internet. I am looking for an easy solution, one
that the owner can look after with minimal fuss (they are not computer
literate beyond USING the machines). What would be ideal is installing
a BB router that has fairly advanced firewall capabilities built in,
something that could prevent traffic being passed to or coming from the
WAN interface and going to either certain MAC addresses or to certain
IP addresses. Is this possible? Can anyone recommend such a router?

Thanks in advance

G


My Draytek 2600 has VLAN functionality built into the four LAN ports
IIRC, maybe look at that?

Steve

  #3  
Old January 5th 06, 03:08 PM posted to uk.telecom.broadband
Tiscali Tim
external usenet poster
 
Posts: 755
Default firewall query

In an earlier contribution to this discussion,
Cuprager wrote:

Hi all,

I look after a small businesses LAN that consists of 8 machines at the
moment (all win2k / xp), all machines are connected back to a standard
switch. There is a requirement for a broadband connection to serve two
of these machines only. NO traffic from the other machines should be
visible to or on the Internet. I am looking for an easy solution, one
that the owner can look after with minimal fuss (they are not computer
literate beyond USING the machines). What would be ideal is
installing a BB router that has fairly advanced firewall capabilities
built in, something that could prevent traffic being passed to or
coming from the WAN interface and going to either certain MAC
addresses or to certain IP addresses. Is this possible? Can anyone
recommend such a router?
Thanks in advance

G


How about putting a second network card in each of the 2 PCs which need
internet access - and connect those to an ADSL modem/router. You could then
have two totally independent subnets - with just these 2 PCs on both. All 8
could still communicate with each other via the original switch.
--
Cheers,
Tim
______
Please reply to newsgroup. Reply address is invalid.


  #4  
Old January 5th 06, 04:13 PM posted to uk.telecom.broadband
Ivor Jones
external usenet poster
 
Posts: 3,969
Default firewall query



"Tiscali Tim" wrote in message


[snip]

How about putting a second network card in each of the 2
PCs which need internet access - and connect those to an
ADSL modem/router. You could then have two totally
independent subnets - with just these 2 PCs on both. All
8 could still communicate with each other via the
original switch.


That's overkill, surely..? Assuming WinXP, just go into Control Panel then
navigate to Local Area Connection Status. Click "Properties" and ensure
TCP/IP is *not* selected for any machine you *don't* want to be able to
see the internet. They should still be able to see each other ok.

Ivor


  #5  
Old January 5th 06, 05:01 PM posted to uk.telecom.broadband
Cuprager
external usenet poster
 
Posts: 5
Default firewall query

Ivor Jones wrote:
"Tiscali Tim" wrote in message


[snip]


How about putting a second network card in each of the 2
PCs which need internet access - and connect those to an
ADSL modem/router. You could then have two totally
independent subnets - with just these 2 PCs on both. All
8 could still communicate with each other via the
original switch.



That's overkill, surely..? Assuming WinXP, just go into Control Panel then
navigate to Local Area Connection Status. Click "Properties" and ensure
TCP/IP is *not* selected for any machine you *don't* want to be able to
see the internet. They should still be able to see each other ok.

Ivor


Tim,

It had crossed my mind but i quickly dismissed it as there has to be a
more dynamic way to do it.

Ivor,

I need TCP/IP enabled im afraid.

  #6  
Old January 5th 06, 10:23 PM posted to uk.telecom.broadband
external usenet poster
 
Posts: n/a
Default firewall query

"Cuprager" wrote in message
...
Ivor Jones wrote:
"Tiscali Tim" wrote in message




That's overkill, surely..? Assuming WinXP, just go into Control Panel
then navigate to Local Area Connection Status. Click "Properties" and
ensure TCP/IP is *not* selected for any machine you *don't* want to be
able to see the internet. They should still be able to see each other ok.

Ivor


Tim,

It had crossed my mind but i quickly dismissed it as there has to be a
more dynamic way to do it.

Ivor,

I need TCP/IP enabled im afraid.




what about removing the default gateway entry on the pc's you dont want on
the net.


  #8  
Old January 8th 06, 12:49 AM posted to uk.telecom.broadband
Rob382
external usenet poster
 
Posts: 9
Default firewall query

use a drayek

details on "howto" here

http://www.draytek.co.uk/support/kb_...filtering.html just web
browsing...

If you want to block ALL access no need to create a rule there is a direct
option to enter an IP address, you can even do it on a timed day of week
basis.

1st option is nice so you could set up so that windows updates worked but
nothing else.

Rob





"Cuprager" wrote in message
...
Hi all,

I look after a small businesses LAN that consists of 8 machines at the
moment (all win2k / xp), all machines are connected back to a standard
switch. There is a requirement for a broadband connection to serve two of
these machines only. NO traffic from the other machines should be visible
to or on the Internet. I am looking for an easy solution, one that the
owner can look after with minimal fuss (they are not computer literate
beyond USING the machines). What would be ideal is installing a BB router
that has fairly advanced firewall capabilities built in, something that
could prevent traffic being passed to or coming from the WAN interface and
going to either certain MAC addresses or to certain IP addresses. Is this
possible? Can anyone recommend such a router?

Thanks in advance

G



  #9  
Old January 8th 06, 04:50 PM posted to uk.telecom.broadband
Peter M
external usenet poster
 
Posts: 1,496
Default firewall query

Rob382 wrote:
use a drayek


or Belkin

If you want to block ALL access no need to create a rule there is a direct
option to enter an IP address, you can even do it on a timed day of week
basis.


It has similar time-of-day / day-of-week options for groups of IPs.
Setting the 'allowed' PCs to have fixed IP addresses in a group that
is allowed access, and all others in a group that has no access would
be easy, and probably a bit cheaper than many other routers. Remote
access might be an option to allow for support (if OP has a fixed IP
for example, or via one of the internet-enabled PCs with a remote
control access, such as via www.logmein.com). Peter M.

 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Router query - DG834G firewall rules Doehead uk.telecom.broadband (UK broadband) 0 December 9th 05 04:20 PM
Completely replace software firewall with hardware firewall? Keith uk.telecom.broadband (UK broadband) 3 March 25th 05 11:23 AM
Completely replace software firewall with hardware firewall? donnie uk.telecom.broadband (UK broadband) 0 March 23rd 05 01:09 PM
Completely replace software firewall with hardware firewall? Chet uk.telecom.broadband (UK broadband) 11 March 23rd 05 02:01 AM
Completely replace software firewall with hardware firewall? CSimmons29 uk.telecom.broadband (UK broadband) 1 March 23rd 05 01:26 AM


All times are GMT +1. The time now is 05:07 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2020 BroadbanterBanter.
The comments are property of their posters.