Using RRAS firewall

Microsoft Windows server 2003
March 2, 2010 at 23:58:24
Specs: Windows Server 2003, 5GB
Hello All,
I have a Win 2003 server machine that is my
gateway (has 2 network cards: INTERNAL and
EXTERNAL) . The office network is connected
to the internet through this server (through
NAT). I am trying to change the firewall rules
so that certain computers (with internal IPs)
are blocked from using the internet but I can't
seem to do so. When I change the firewall
rules on the EXTERNAL to deny access to an
internal IP, it does not work.
Any ideas ?

See More: Using RRAS firewall

Report •

March 3, 2010 at 07:38:14
The easy way to prevent LAN users from accessing the internet is to not give them a Default Gateway IP address in their TCP/IP setup.

This might mean giving them a static IP address instead of using DHCP, but it will prevent them.

Just for the record, it would be well worth your time to invest in a good SOHO router and put it between your LAN and the internet like so:

internet >> SOHO Router >> Switch >> Servers/Clients

Report •

March 3, 2010 at 08:24:26
or even as so
internet<>soho router<>external server nic[server]internal server nic<>switch<>pcs

This config gives the server the extra protection of nat/firewall while still allowing you to filter/restrict user access depending on software loaded on the server.

Report •

Related Solutions

Ask Question