D-Link DIR-655 :: Access Control Policies IP Ranges?
Jan 9, 2010
I'm trying to block internet access to a range of IP addresses using the Access Control function of the DIR-655 router. Unfortunately, the router does not allow me to block a range of IPs. Instead, I can only create policies based upon individual IPs or MAC addresses. I have over 60 machines I want to block Internet access and I'd hate to have to type them in individually. How do I go about blocking all Internet access (HTTP/FTP/email/everything) for a range of IP addresses? They will have to be able to continue to use the internal LAN.
View 3 Replies
ADVERTISEMENT
Mar 22, 2010
Using Microsoft IAS as the auth server, how do I get the ASA (v.8.2.1) to take different user groups defined in AD, and control access to different group policies on the VPN? We're setting up the ASA for many different vendors, and need to control access for each vendor with different policy.
For example, Vendor one is in AD group Vendor1 and will only be permitted access to a specific group of defined IPs in our network. Vendor two is in AD group Vendor2 and will only be permitted access to a different group of defined IPs in our network from Vendor1.
View 12 Replies
View Related
Oct 24, 2012
I have tried to setup access control by setting up a policy that restricts certain MAC addresses during a period during the day from certain websites. I set up the website filter and a schedule and selected them for the policy. Instead of blocking just the websites on the filter list during the time setup in the schedule, it blocks all websites all the time.I made sure that I setup the policy to 'block some access' NOT 'block all access'.The only thing that seems to work is that only the computers with the MAC address selected are effected.
View 3 Replies
View Related
Mar 2, 2010
I may be doing it incorrectly, but I'm trying to configure web access rules. I first set up access control and tell it to use the website filter. I've tried configuring it by both MAC address and IP address (separately, not simultaneously), but it still allows the listed sites in the web filter to get through. Is there something else I need to block or am I not doing something correctly? The network is on DHCP reservation, so IP addresses are always the same. MAC addresses, as I mentioned, don't work, either and they are fixed and logged in the router.
View 9 Replies
View Related
Dec 31, 2011
DIR655 with 1.33NA firmware. I'm trying to determine how to block access to the internet for a specific LAN computer when the user knows how to change a MAC address. I don't want to turn MAC control on and grant only to listed computers - the list doesn't accommodate enough MAC addresses, and the client has wireless and wired since it's a laptop. I also don't want to set static IPs on all of the devices since some cannot accommodate that feature.I'm thinking that reserving an IP address isn't ultimately the solution either, since assigning the IP isn't going to work if the MAC changes. how to use access control under these circumstances?
View 1 Replies
View Related
May 23, 2011
I have 60+ website domains to allow on my network using Website Fitering. Is it possible to expand it or is there another router out there that has a large amount of domain allowing or blocking?
View 1 Replies
View Related
Feb 26, 2008
When attempting to configure access controls from the advanced menu I enable the access control checkbox. I then follow the configuration wizard completing each step as directed by the wizard. When I complete the wizard and try to save the rule I get the following error message regardless of how I complete the wizard. "Name can not be empty string". Yes, cannot is misspelled in the message. I have tried every combination of choices in the wizard and many combinations of naming the rule to no avail.
This did work properly on a previous firmware version, probably 1.04 or 1.05. I have not tried back loading to the previous versions to see where it did or did not work. I don't know how well the router goes back and don't really care to reload all the settings again by hand if the automatic recovery doesn't work.I want to use this feature to control what hours certain machines on the network have access to the internet.
View 15 Replies
View Related
May 21, 2012
I would like to use the web access control that is on the DIR-615 along with my 2Wire modem/wireless router. Is this possible? If not is is possible to put the 2Wire modem into bridge mode and purchase a second wireless modem to run along side the DIR-615 that I have so that I can have two separate wireless networks that have two different web access controls in place?
View 1 Replies
View Related
Aug 8, 2012
I want to do what I thought would have been a simple enough task - block my kids phone/computer after certain hours. Instead of blocking the specified MAC address(es), all my computers does not have internet access. As soon as I disable the policy, internet access is on again. Here's what I did:
[code]...
View 4 Replies
View Related
Nov 3, 2011
My firmware is 1.35NA and have a schedule established. When I try to add a policy for access control, I can select a policy name but when I hit "next", I get an error stating "Internet Explorer has stopped working" and wants to close. I was able to add policies previously but can not any more.
View 3 Replies
View Related
Jan 25, 2012
Trying to set up a simple schedule for keeping the kids from staying up all night. I'd had this working on a Linksys WRT54G till it bit the dust. I just want it to block internet after midnight. My problem is that the schedule is triggering the block unpredictably.?
View 3 Replies
View Related
Apr 23, 2012
I have a situation where I have tenants connecting to my wireless network and paying towards the internet bill. I am able to control this by using MAC filtering, but I have just realised that this only works for wireless clients.
Is there a way to replicate this for the router's Lan ports? Or possibly even just disable Lan access. The router model is a D-link DSL-2750U.
View 2 Replies
View Related
May 7, 2013
Region : Austria
Model : TL-MR3420
Hardware Version : V2
Firmware Version :
ISP :
I'd like to make exception keywords in the Access Control but I don't know how I could possibly do this. E.g. I have put in the keyword "apple" to be blocked, so if a domain has the keyword "apple" in it, it will be automatically blocked. What can I do, however, if I want to make an exception for the domain "appletree.com"? I haven't found any way to make an exception to specific domains or keywords.
View 2 Replies
View Related
May 2, 2011
I have several laptops at home that connect via wireless connection tot he DIR_655. Using the MAC address of those laptops, I want to prevent them from going to certain websites.Under 'Advanced" and "Website Filter", I addes several domain names (websudoku.com for example). I selected "DENY computersaccess to ONLY these sites". I then saved settings.I then went to "Access Control". I clicked on "Enable Access Control".I clicked on "Add Policy" to cdreate a new policy for one of the laptops.When I boot the laptop and go to one of the websites, it still allows me access. The URL/domain name is correct.
View 5 Replies
View Related
Apr 10, 2013
Region : UnitedStates
Model : TL-WDR4300
Hardware Version : V1
Firmware Version : 3.13.23 Build 121225 Rel.37950n
ISP :
Setting up access control for one PC. I just want to block all internet access to one PC during a certain time. It seems like my only options in the Access Control page in the GUI is to block websites or domains.
View 4 Replies
View Related
Jan 21, 2013
Region : UnitedStates
Model : TL-WDR3600
Hardware Version : V1
Firmware Version : TL-WDR3600_V1_120820
ISP : Cox cable
It doesn't matter how I set it up, once the policy is enabled nothing can get through. This is the same for "deny" or "allow" as default. Is there bug with this new firmware TL-WDR3600_V1_120820??
View 2 Replies
View Related
Aug 28, 2011
For some reason I can't get Access Control/Webaccess Filters working on my Dir-655 w/ 1.35NA. I've tried it with MAC and IP Address without any success. I've also enabled/disabled/enabled DNS Relay, recreated the rules, recreated the filters, etc. Nothing.
View 14 Replies
View Related
May 4, 2011
I'm trying to set up a website filter on my DIR-601. I created a policy for 2 MAC addresses, with a schedule from 10AM-6PM, selected "Block some websites", and disabled logging. Under website filter, I added some entries, and selected "DENY computers access to ONLY these sites". When the policy is enabled, and I try to access one of the blocked websites, it gets blocked correctly ("The URL access was denied by administrator.") However, for all other websites, I get "server unexpectedly dropped the connection" errors, eg "Safari can�t open the page [URL] because the server unexpectedly dropped the connection. This sometimes occurs when the server is busy. Wait for a few minutes, and then try again." or in Chrome "No data received. Unable to load the webpage because the server sent no data." This happens with ALL non-blocked websites. I'm using hardware version A1, firmware version 1.01NA.
View 2 Replies
View Related
Mar 15, 2012
We have two device groups ASAs for VPN accessWireless ControllersThere are 2 AAA devices in each group.
We have 4 Identity Stores
ACS Internal User Store - This is used for external suppliers doing SSL VPN on ASAsExternal Radius server - this is a two factor authentication server that in turn looks up our AD and its own internal token database. This is used for IPSEC VPN access for internal employees.We have mapped AD groups - this is used for allowing access for wireless users.LDAP group mapped from other AD domain - used for allowing wireless access to an associated organisation.
Our requirements
We need to create a rule for the VPN access that first of all looks through the ACS internal store - if a user is not found there then it checks the external Radius server. If no users are found there then access is denied.We needto create a similar rule for wireless users so that it will check AD - if a user is not found there then it checks LDAP. If no users are found then access is denied.
View 2 Replies
View Related
Mar 3, 2011
I am trying to configure a Unified Wireless solutions with ACS 5.1 and am having trouble with the access policies. We have corporate laptops authenticating via PEAP and 7921 phones authenticating using EAP-FAST.
I have one access service configured to allow PEAP and authenticate against AD and another access service configured to allow EAP-FAST and authenticate the 7921 phones against the "internal user" database.
I have configured 2 service selection rules. Each one points to one of the access services. The only condition I have currently configured is the "protocol" field to be RADIUS. Because both the 7921 phones and the client laptops are generating RADIUS requests I can only have one EAP type working depending which rule is at the top. Because the RADIUS protocol field is always matched, requests never get past the first rule.
how I modify the rule to be able to distinguis between VoIP handsets on one WLAN and client laaptops on another so that correct access policy is used for each device?
View 5 Replies
View Related
Sep 12, 2012
We just upgraded to ASA 8.4.4.1 and the latest CSD image, 3.6.6203. We currently have a DAP set up to scan one group policy for a secific AV but wanted to start implementing this for all group policies and including several different flavors of AV (so anyone could connect from anywhere as long as a pre-approved AV is installed). We are going to allow about 20 different versions of different AV's and I've tested a couple already and they're successful.
My issue right now is trying to allow (or deny) AV that is installed on an Android tablet (and potentially Apple devices). The tablet has avast Mobile Security installed, and even if I select Vendor: Alwil as a whole, it still does not recognize it and denies the user. I have tested on a PC and it works fine. Is there something that I am missing or are mobile AV programs not included in the DAP policies? Is this going to be considered for future versions of CSD or ASA or are we going to continue to consider Android and Apple devices "secure" and not in need of an AV?
View 3 Replies
View Related
Aug 8, 2011
After updating the firmware of my WRVS4400N from V 2.0.1.3 to 2.0.2.1 all traffic was blocked for all machines, even some not included in the list of PCs. As the log was showing that all traffic was blocked by access policies, I disabled the only rule I had (blocking access to some sites to some MAC address list) and everything worked fine.I tried creating a new, simpler rule but after activation it blocked again all traffic for all the LAN.After many trials, I decided to roll back to the previous V2.0.1.3 which solved this problem.
View 1 Replies
View Related
Jun 7, 2011
I'm trying to set up a S2S VPN between two ASA5505 SP units running ASA Version 8.2(1). I've ordered additional ADSL2 lines to handle this traffic and I'm having troubles with the configuration for the additional PPPoE connection. Here is are extracts from my current config; First the interface vlans
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
[code]....
The result being that I can ping the OUTSIDE interface, but get no reply from the VPN interface. I've checked ADSL lines, they are up. The two PPPoE sessions are logged in and active. I can even see the ICMP packets hit the VPN interface, but there is no reply.
View 1 Replies
View Related
Mar 18, 2013
I have a Cisco 880 (supplied by my company and as such I have little access to the control panel). I have a Linksys (Cisco) E1200 to use as an access point. Cisco setup (love it!) but the simple setup gives the E1200 an ip range starting at 192.168.1.1 while the Cisco 880 range is 192.168.185.113. I need to have all connections in the same ip rage (192.168.185.xxx) for remote monitoring. What is the best way to accomplish this? Bridge mode (I don't need Guest Mode which I read is not possible in bridge mode)? Disable DHCP on the E1200?
View 1 Replies
View Related
May 16, 2012
I have an E4200 v1 wireless router, F/W 1.0.04.
Article ID 4041 [URL] says I can have up to 10 Internet Access Policies but the web based GUI has a pull down with only 5 possible.
Is 10 policies possible? If so, how?
View 3 Replies
View Related
Mar 6, 2011
We have ASA5500's deployed for remote access concentration.We use Cisco IPsec vpn client with a group policy the chacks for Network ICE BlackIce ersonal firewall.The powers-that-be wish to change to McAfee presonal Firewall ok..Now the Group Policy allows you to check for several pre- configured Firewalls, Cisco Integrated, Sygate, Zone Labs etc.So as McAfee are no listed then I am to assume we go for "Custom Firewall" and this is where I am struggling.To configure checking for a Custom Firewall I must have the Vendor ID and the Product ID.McAfee haven't the faintest idea what we're talking about when we ask them for these details.Or is there a way to extract them from the registry of a machine with the McAfee product installed?
View 3 Replies
View Related
Jan 23, 2013
I have the following config using a Cisco 1921. I am trying to get devices on the the native VLAN to get internet access via the gateway x.x.x.73.Any thing being routed from the other Vlans 15/20/30 can get access, but nothing from an internal IP address. Is there something I am missing.
The Xs replace the same 3 octets for each interface.I am trying to route from VLANs 15/20/30 to see VLAN 5. I have tried a few things, in terms of adding extra ip routes, but can't get anything to work. Each of those Vlans have another router on the other side of them, which I have also tried adding ip routes too, but nothing. One of the routers (Vlan15 is a Draytek 2830). [code]
View 5 Replies
View Related
Jan 4, 2011
I have one 2621 router i want to creat time base access list so that one of my subnet user(10.128.194.0 255.255.255.128) use only internet between 11am to 2pm.
View 15 Replies
View Related
Nov 27, 2012
We have a small office and already have a firewall in place that uses content filtering. I am looking for a low cost wireless access point that I can place behind my firewall that will allow me to control access by a username and password list, not just the passkey.
Does this exist without having to go to an Aruba or Ruckus type enterprise WIFI product?
View 1 Replies
View Related
Jun 30, 2010
I have several computers connected to the network, can I restrict the download bandwidth on specific computer?
View 3 Replies
View Related
Apr 24, 2012
I'm trying to set parental control for one of the kids in household, url...2gaming2Every Day 06:00 - 22:43 (meaning from 6am to 10:43pm he can acces ONLY those two sites, correct?)but, when I turn parental control on, all internet is off for him even allowed sites. Time right now is 21:44 gmt+2 and my router time is set right, so I don't know why it doest work?
View 14 Replies
View Related
Mar 4, 2011
For our children, we use the parental control feature of the DIR-615 (RevD, FW4.11b15), which works excellently. I use the whitelist feature, so only trusted web sites can be accessed. Unfortunately the DIR-615 only has 10 entries in that list and I will soon need more. So I wonder if there is another D-Link router that offers a bigger list with maybe 50 or even 100 entries?
View 4 Replies
View Related
May 16, 2013
I noticed that no matter what URL I put for a website using HTTPS such as Facebook [url]...
View 1 Replies
View Related
