Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
298
Views
0
Helpful
3
Replies

How do I limit internet access to only a part of the LAN w/Cisco-678

vova
Level 1
Level 1

‎01-25-2002 08:46 AM - edited ‎03-01-2019 08:13 PM

Being fairly new to working w/routers, I need help with accomplishing the following:

The site has 25 PCs all running NT4-Wkstn and 1 server running NT4.

The LAN is setup on a 192.168.xxx.xxx subnet with a domain name.

Each of the PCs has a static IP for the LAN.

The server is hosting a POS application that all PCs need access to.

A DSL line has been isntalled with a Cisco-678 router.

The goal is to limit access to the internet to only 5 PCs without buying additional equipment or setting up a proxy (i.e. Wingate).

Can the 678 be programmed to accomplish this? What are the commands?

Is there another way short of setting up fake proxy settings (in internet properties) on the PCs that shouldn't have access to the internet?

I plan on changing the "int eth0 address" on the Cisco-678 to 192.168.xxx.254 and pointing the gateway in the network properties on each of the [permissible] PCs to it.

Labels:
0 Helpful
3 Replies 3

jkemery
Level 1
Level 1

‎01-25-2002 08:55 AM

Can the POS app run using IPX or Netbios? If so then just shut IP off.

Or you could build a seperate IP subnet on the router and set a secondary address on the 5 workstations?

OR if the 678 support Access control lists then you could just write an ACL that blocks IP out for all address execpt the 5 pc addresses.

0 Helpful

vova
Level 1
Level 1
In response to jkemery

‎01-25-2002 09:22 AM

Thanks for a quick reply, James...

The LAN, along with the POS app, was originaly set up by a vendor who customized the POS app (written in Progress) and who's out of business. I can't support the POS app and they don't have any fallback. They are exploring migrating to a different POS app but, for now, it's the heart of the business and the primary purpose of the LAN.

I don't want to mess with the existing setup of the LAN or the POS app in fear of something going array.

I don't know how to accomplish your second suggestion. I would be extremely grateful for an elaboration.

Your third suggestion is along the lines of what I originaly had in mind, but I don't know if the router has this support and/or how to program it. I am fairly new to CBOS.

0 Helpful

jkemery
Level 1
Level 1
In response to vova

‎01-25-2002 11:32 AM

Bingo on the ACL!!!!!!

Use the "set filter" command.

http://www.cisco.com/univercd/cc/td/doc/product/dsl_prod/c600s/cbos/cbos240/03chap02.htm#19231

Hope this works for you.

:)

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents