Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 2 subscribers
  • Views 7675 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is it possible to Whitelist specific LAN IP addresses?

snaketek
This might seem like a total noob question, but I am having a difficult time finding the area where I can designate a whitelist of IP addresses for the LAN.

Basically, I am wanting to prevent anyone from plugging into the network and keying in any IP address in range and getting on the network. I want to be able to allow only a specific set of IP Addresses for the LAN side.

Any help would be much appreciated.


This thread was automatically locked due to age.
  • 0
    Hi, snaketek, and welcome to the User BB!

    Can you give specific examples of what you want to block and allow?

    Cheers - Bob
  • 0 in reply to BAlfson
    Thanks for the reply! I am looking to allow only certain IP address from gaining access to the network. For example, 192.168.1.2,3,4 should be allowed but if someone uses 192.168.1.6 then it would not allow them to connect.
  • 0
    Don't use the built-in Internal(network) definition to define accesses in the packet filter and proxies.  Instead make a custom network definition for only the IP's which you want and use that instead.

    If you also want to block connectivity within the LAN, if you have a decent managed switch, you can lock down individual ports to only accept connection from a specific mac address. 

    This sort of thing has long been the bane of network admins....rogue DHCP servers and people bringing unauthorized equipment into a network.  While blocking accesses is fine, it is only treating the symptom.  You need to work with management to define a company policy, disallowing this activity.  Once that is done and the staff is informed, you must make certain that the policy is strictly enforced.
  • 0 in reply to Scott_Klassen
    This solution makes sense, thank you! Would I do the same type of thing if I wanted to use MAC filtering as well?
  • 0
    Astaro can't do MAC filtering itself.  You would need a managed switch that supports this capability.
  • 0 in reply to Scott_Klassen
    Thanks again for the help, you guys are great.