Setting Up Restricted Internet Access For 20 Users
Jan 10, 2012
restricting access to internet for roughly 20 users. Right now we are connected using broadbandand using dhcp as assigned by common switch. All pc's are in a common workgroup. recommend me the hardware / software required to restrict this access.
1. Will I require a router as well as a switch ? or should I simply get a new switch ( for more then 20 users ) This would mean static ip for all users.
2. My idea is to create a AD server and use websense on it so that users who require internet access can still open internet sites but will be restricted through websense proxy.
View 1 Replies
ADVERTISEMENT
Jul 6, 2011
i have an asa 5505 firewall with asa version 8.2(1). my asa connected on wan port over isp router on internet.inside users connected over dlink switch and the allied telesis 24 ports switch on this asa. the inside users are blocked and they can't communicate. all inside ports of asa 5505 are in one vlan and all ports are switch ports. the configuration of my firewall is
: Saved : Written by xxxxxx at 11:26:22.109 CEDT Thu Jul 7 2011 ! ASA Version 8.2(1) ! hostname asa5505 domain-name dri.local enable password 8Ry2YjIyt7RRXU24 encrypted passwd 2KFQnbNIdI.2KYOU encrypted names ! interface Vlan1 no
[Code].....
View 5 Replies
View Related
Dec 28, 2011
I own a BEFVP41 v2.1. Under "access restrictions" I set days and time when access to internet it is allowed. Also applied "Website Blocking by URL Address" and "Website Blocking by Keyword" however some users are now getting access to the internet. I must also mention this settings: Firewall protection it is enable. Router DHCP it is disable and we use static IP address for the PC´S so I established IP range to apply the restrictions. I also try blocking with MAC address of the PC's.Everything else it has default settings. Internet wire goes first to the router and then to the LAN switch. What am I missing?
View 4 Replies
View Related
Jan 11, 2013
Region : Argentina
Model : TD-W8968
Hardware Version : V1
Firmware Version :
ISP :
Region : Australia
Model : TD-W8960N
Hardware Version : V3
Firmware Version : 1.4.0 Build 110620 Rel.52053n
ISP : Amnet
I want to setup this modem wirelessly such that:
- Wireless User A has full unrestricted wireless access (to Internet and all other services) and
- Wireless User B has no internet access but access to file sharing and related services.
Can this be done and how can it be done?
View 2 Replies
View Related
May 29, 2013
i must configure a secured wireless network with access restriction based on SSID. the equipements are : cisco wlc 2504 (soft 7.3) cisco secure acs aplliance 1121 (soft 5.4) . the users that will connect to the network are regrouped by identity groups, each identity group having it's own SSID. Clearly each group of users must access only one SSID. i followed the procedure below to configure it:
-- creating user identity groups;
-- creating users and assigning them to the groups;
--- creating authorization profiles for each SSID under policy element/ authorization and permission/network access/authorization profiles and putting the Airespace-Wlan-Id(the SSID number) in the radius tab.
--- assigning the authorization profiles to the identity groups under access policies.
after all these config the users can access the network using there userid/password configured. But the problem is Every user can access every SSID, seems like the restriction is so not very well configured.
i found some documentation on this kind of config but the version of ACS used seems older than the one that i use, so menu are very different.
View 8 Replies
View Related
Nov 18, 2012
Has ASA5510-K8 as firewall, has access rules setup for restricted PCs: [code] permitOn those PCs, users can only browse the websites that are in favorites, but some of them are working, some are not.Test on unrestricted PC, websites that can’t be accessed from public PCs can be access on regular PCs , either by address or IP.Checked GPO setting, don’t see anything wrong there.
View 4 Replies
View Related
May 30, 2012
When I'm trying to access the Twonky setting page on http://192.168.1.1:9000/config I get: Access is restricted to MediaServer configuration! Is this normal or not?
View 2 Replies
View Related
Oct 23, 2011
I use to run Twonky media server on my iMac and I was very happy with it. Now I have purchased a Linksys Wifi Router E4200. Twonky server embedded works fine with all my devices except with my Samsung D8000 Led TV. In the Mac version I must identify manually the player (Samsung TV), if not mkv won't play. The question is: How can I select the device in the Linksys E4200? The config page is not available and displays "Access is restricted to mediaserver configuration" E4200 firm V. 1.0.03
View 9 Replies
View Related
Aug 5, 2012
Is there a way to block keywords and also customize the default page given when access is restricted?
View 1 Replies
View Related
May 28, 2011
got myself the Netgear internal PCI wifi adapter today & it works just fine on my Windows XP SP3 desktop.
The only problem I have is the question of restricting access to kids @ home. If it was an external USB adapter, I could have just taken it away but the concern is the device being an internal & always available one. The user configuration on the PC is such that there is 1 main administrator (The actual windows "administrator" account) that no one uses. Apart from that,
- 1 user with admin privileges (me)
- 1 limited account for the kid
- 1 admin privilege account for the kid again (for purposes like installation of games which require an admin account as mandatory)
I would like for the wifi PCI card to work only when I login to my account. There must be someway by which I could disable the device or make the internet inaccesible in the other accounts,, (but pls bear that 1 of the account that the kid uses also has admin privilege)
I tried disabling the device from control panel but in vain.. (tried something like the sys admins do in corporates ..) disabling the usb ports on the PC's in my office..!
View 14 Replies
View Related
May 28, 2011
got myself the Netgear internal PCI wifi adapter today & it works just fine on my Windows XP SP3 desktop.
The only problem I have is the question of restricting complete internet access to kids @ home. If it was an external USB adapter, I could have just taken it away but the concern is the device being an internal & always available one.
The user configuration on the PC is such that there is 1 main administrator (The actual windows "administrator" account) that no one uses. Apart from that,
- 1 user with admin privileges (me)
- 1 limited account for the kid
- 1 admin privilege account for the kid again (for purposes like installation of games which require an admin account as mandatory)
I would like for the wifi PCI card to work only when I login to my user account. There must be someway by which I could disable the device or make the internet inaccessible in the other accounts,, (but pls bear that 1 of the account that the kid uses also has admin privilege)
I tried disabling the device from control panel but in vain.. (tried something like the sys admins do in corporates ..) disabling the usb ports on the PC's in my office..!
View 4 Replies
View Related
Feb 9, 2012
The goal is to add a 2801 router between a DSL modem and a switch and obviously still access the internet. I connected and configured as explained below and the results are:
- I am able to ping internet addresses from the 2801 router
- I am not able to ping internet addresses from userlaptop but I am able to ping LAN gateway (192.168.254.254)
I cannot understand why the internet requests from the user laptopuser are not routed to the internet but the router itself can access the internet.
INTERNET====DSLmodem=====CISCO2801=====unmanagedSwitch=====userlaptop
DSLmodem:
non-bridged mode and does the PPPOe authentication.
WAN interface: Dynamic IP address assigned by ISP
[Code].....
View 14 Replies
View Related
Feb 28, 2013
I have configured and tested an ASA-5505 that will be deployed at a customer's home. The ISP cable modem will connect to the E0 (outside) interface of the ASA. All other interfaces on the ASA are configured for the inside network 192.168.5.0/24. I have created a VPN site-to-site tunnel between this ASA and the UC540 to allow 192.168.5.0/24 subnet access to the internal networks on the UC540.
The user has requested that all the network devices used by the rest of the family will only need to connect to the Internet. They will not need access to the VPN tunnel and they will not need access to the computers on the 192.168.5.0/24 inside network. I was planning on performing the following tasks to get this to work.
View 2 Replies
View Related
Jan 21, 2013
I'm currently undergoing CCNa academy so I got a "job" from my boss to configure Cisco 871 router. Unfortunately we just finished first semester at academy so there are some things that I'm still having hard time to understand. I managed to configure router so it connect to internet or to be exact it has internet access through another adsl modem that is in bridge mode. url...The problem is that users are not able to use internet when connected to this router. I'm able to access router through telnet ( ip 192.168.13.10) but that's it.192.168.13.0 255.255.255.128 is network that we use at work. 192.168.13.5 is IP address that is assigned to zyxel adsl modem ( If I'm correct, we could have used any address here since we are connecting this directly to router ? ) Zyxel adsl modem is connected to FA4 port on Cisco router. LAN cable is connected to FA0 port and from there it goes to switch ( it's some asus switch with 50 ports). [code]
If I ping google dns from router e.g. ping 8.8.8.8 it works. If I ping url... it doesn't work. Also I'm able to access router via 192.168.13.10 but if I use router as default gateway then I'm not able to access the internet.
View 8 Replies
View Related
Mar 19, 2013
We have a Cisco 3750 stack connecting to the MPLS router, able to ping 8.8.8.8 - [URL], the internal users on their own Vlan can ping the default gateway the 3750 switch but no further, trace route from the PC/Servers stops at the 3750 stack.We have the switch configured to ip route 0.0.0.0 0.0.0.0 to the public interface in the MPLS router, from the switch I'm able to ping the internet.
View 17 Replies
View Related
May 16, 2012
I am able to successfully connect to my ASA5505 via AnyConnect via a mobile device. Upon doing so, I lose internet connectivity. My access list appear to be correct to I'm sort of at a loss.
[code]....
View 6 Replies
View Related
Oct 4, 2012
We have an ethernet port on Cisco router 1800 connected to the ADSL modem. The router does ip nat translation, but users complained it is slow when they access to internet. [code]
View 1 Replies
View Related
Apr 4, 2012
How does one configure the router so that Internet users can access internal company websites? The only thing that appears is the Cisco router login. Also I need to configure Terminal Services and its not on the list under Service.
View 2 Replies
View Related
Feb 8, 2012
Im trying to set up a wireless router in my dorm room. I know, I am not supposed to do that. I got it set up and everything, but still didn't have internet access.
View 1 Replies
View Related
Mar 13, 2011
What I'm trying to do is create a private network for local file sharing but also have internet access. There is a WRT54G router connected to a satellite modem in a separate building, just barely close enough to connect from my laptop, which is what sparked my original idea to use my WRT54GL as an access point.
View 1 Replies
View Related
Jun 7, 2011
I'm trying to set up a S2S VPN between two ASA5505 SP units running ASA Version 8.2(1). I've ordered additional ADSL2 lines to handle this traffic and I'm having troubles with the configuration for the additional PPPoE connection. Here is are extracts from my current config; First the interface vlans
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
[code]....
The result being that I can ping the OUTSIDE interface, but get no reply from the VPN interface. I've checked ADSL lines, they are up. The two PPPoE sessions are logged in and active. I can even see the ICMP packets hit the VPN interface, but there is no reply.
View 1 Replies
View Related
Feb 26, 2013
I have some problem with the ASA 5510 ver 7.0(6). My manager wants to keep this as backup. tried lots of things but still users not able to access internet nor can i ping anywhere.For example when i ping 4.2.2.2 i dont get any reply.The runing config is below for ur ref :
HQ-ASA-01# show running-config
: Saved
:
[Code]......
View 9 Replies
View Related
Feb 24, 2011
I have a normal setup of ASA5505 (without security license) connected behind an internet router. From the ASA5505 console I can ping the Internet. However, users behind the Firewall on the internal LAN, cannot ping the Internet even though NATing is configured. The users can ping the Inside interface of the Firewall so there is no internal reachability problem. In addition, I noticed that the NAT inside access list is not having any hit counts at all when users are trying to reach the internet.
When i replace the ASA5505 with a router with NAT overload configuration on it, the setup works normally and users are able to browse the internet.
The ASA5505 configuration is shown below.
hostname Firewall
interface Ethernet0/0
description Connected To Internet Router
switchport access vlan 10
[Code].....
View 2 Replies
View Related
Nov 1, 2011
Based on my diagram, my computer A (192.168.100.11) can ping and access my computer B (192.168.10.14). But, when i'm home and i use remote access vpn (192.168.200.x) in cisco asa 5520 to connect to my computer A is okay. But, when i try to ping my computer B is not okay. I already do the exemption for 192.168.100.x and 192.168.10.x in nat rules for inside interface (192.168.100.2) ...
Should i put routing from outside 1.1.1.2 to 192.168.10.x by using 192.168.100.1 as a gateway?
View 1 Replies
View Related
Jan 27, 2012
How to bypass a MaAfee firewall implemented on network to open restricted sites.
View 3 Replies
View Related
Sep 13, 2012
Can a pix 501 firewall VPN be created with a 10 user restricted license? It seems impossible to get an answer because Cisco's black mailing EOL policy.
View 18 Replies
View Related
Apr 25, 2013
this is the first time I am about to configure ACS 5.3 to authorize user group from doing some commands in the "configure mode" while permitting them some other commands. As example, I want to deny them from doing "reload" but give them access to configure "time-range", what happen is, they are denied access to "reload" on the exec mode, but once they went into "configure" mode, they would be able to "do reload"I mean to say, is it possible to manage the subsequent commands to "configure terminal" ?
View 4 Replies
View Related
Apr 17, 2011
I would like to configure a guest-vlan and restricted-vlan on a 2960 switch, but I can not.
I am trying to configure the interface using the following commands: [code] similar result is obtained while trying to configure a auth-fail vlan. the full configuration file is attached.
View 4 Replies
View Related
Aug 3, 2009
I'm trying to activate the DMZ interface on a restricted license ASA 5505 but I get an error when I try to ADD the interface. The message says "With the current license device will only supports 2 fully functional interfaces. Third interface can be added,but the traffic from this interface to another interface need to be blocked. Please make appropriate selection in advanced tab." I gather that I have to define the limitation myself? The problem is that I can't access the advanced tab because of the error. Can I do something via CLI to get through? I'm using ASA 8.2 and ASDM 6.2.
View 4 Replies
View Related
Feb 26, 2013
My organization wishes to host a LAN gaming event. The setup I have in mind involves a 24-port switch for connecting all the player computers and having that switch connected to a smaller "core" switch which has the the game server and router connected to it. I'd like to know if I can set things up as follows...
SG200-26 with ports 1-24 on seperate VLANs so they cannot talk to eachother. I'd then like ports 25 and 26 to be an aggregated (for bandwidth and redundancy) trunk port to carry all 24 VLANs plus an additional management VLAN (ex. VLAN 100) that will be used for accessing the switch. I'd like those aggregated trunk ports to connect to an SG300-10 "core" switch which will be connected to the game server and to a router for internet access.
I'd like the ability to have two network connections from the game server to the switch, one on the management VLAN and one on a different VLAN (ex. VLAN 50) that will be accessed by the players (ports 1-24 on the SG200-26). The core switch needs the ability to perform restricted inter-VLAN routing, in that it doesn't allow VLANs 1-24 to talk to eachother but they can talk to the server's VLAN but only through specific service ports (ex. port 12345, 12346). Is this possible?
Furthermore how would I configure the SG300-10 to allow VLANs 1-24 to talk to VLAN 50, but not themselves or VLAN 100. As well, I'll probably have the router on it's own VLAN (ex. VLAN 60) and allow VLANs 1-24 to access it but only through HTTP port 80 for web access.
View 9 Replies
View Related
Oct 19, 2011
I have a STORCENTER IX2-200 CLOUD EDITION in my office with 3 machines hooked up via the router. I cant seem to access users when I enable the security. If i disable security i can get in. This is happening on Windows XP and 7. I've tried Iomega support and it all has to be done via email which is annoying.If i enable security I get the following windows error: \iomegakate is not accessible. you miht not have permission to use this network resource. access is denied.all the machines are logged on as administrator. I did fix this problem although only for a few hours after speaking to Iomega. They advised to use the Net Use command and delete all connections. Ive forgotten what it was now as they remote accessed in.
View 1 Replies
View Related
Dec 21, 2012
I want to create a website but only allow a certain user or group of users access to that website. Assuming that user or users will be from the same location, and likely the same static IP, can I throw a firewall between my internet connection and web server and only allow that specific IP address access to my web server by a rule?If there is a better way to handle that,
View 3 Replies
View Related
Apr 1, 2012
I currently set up two LAN networks. But one of them (Router 2) will be open (no password). Will this create a security compromise? Can the Router 2 Users access information of users of Router 1?
Modem WAN > Router 1 WAN
Router 1 LAN > Router 2 WAN
The router 1 and 2 are broadcasting different networks and SSID.Is there any setting that I need to change, or this configuration is perfectly safe? both of them have DHCP enabled.
View 3 Replies
View Related