Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How do I limit internet access to only a part of the LAN w/Cisco-678

Being fairly new to working w/routers, I need help with accomplishing the following:

The site has 25 PCs all running NT4-Wkstn and 1 server running NT4.

The LAN is setup on a 192.168.xxx.xxx subnet with a domain name.

Each of the PCs has a static IP for the LAN.

The server is hosting a POS application that all PCs need access to.

A DSL line has been isntalled with a Cisco-678 router.

The goal is to limit access to the internet to only 5 PCs without buying additional equipment or setting up a proxy (i.e. Wingate).

Can the 678 be programmed to accomplish this? What are the commands?

Is there another way short of setting up fake proxy settings (in internet properties) on the PCs that shouldn't have access to the internet?

I plan on changing the "int eth0 address" on the Cisco-678 to 192.168.xxx.254 and pointing the gateway in the network properties on each of the [permissible] PCs to it.

3 REPLIES
New Member

Re: How do I limit internet access to only a part of the LAN w/C

Can the POS app run using IPX or Netbios? If so then just shut IP off.

Or you could build a seperate IP subnet on the router and set a secondary address on the 5 workstations?

OR if the 678 support Access control lists then you could just write an ACL that blocks IP out for all address execpt the 5 pc addresses.

New Member

Re: How do I limit internet access to only a part of the LAN w/C

Thanks for a quick reply, James...

The LAN, along with the POS app, was originaly set up by a vendor who customized the POS app (written in Progress) and who's out of business. I can't support the POS app and they don't have any fallback. They are exploring migrating to a different POS app but, for now, it's the heart of the business and the primary purpose of the LAN.

I don't want to mess with the existing setup of the LAN or the POS app in fear of something going array.

I don't know how to accomplish your second suggestion. I would be extremely grateful for an elaboration.

Your third suggestion is along the lines of what I originaly had in mind, but I don't know if the router has this support and/or how to program it. I am fairly new to CBOS.

New Member

Re: How do I limit internet access to only a part of the LAN w/C

Bingo on the ACL!!!!!!

Use the "set filter" command.

http://www.cisco.com/univercd/cc/td/doc/product/dsl_prod/c600s/cbos/cbos240/03chap02.htm#19231

Hope this works for you.

:)

91
Views
0
Helpful
3
Replies