Chapter 10 | 10 |
Access Control |
This Chapter explains how to configure and use the Wireless Gateway's "Ac- cess Control" feature.
Overview
The Access Control feature allows administrators to restrict Internet Access by individual PCs. The process uses "Packet Filtering" to block or discard data packets. By default, no packets are blocked or discarded.
To use this feature:
•Set the desired restrictions on the "Everyone" group. All PCs are in the "Everyone" group unless explicitly moved to another group, using the PC screen.
•Set the desired restrictions on the other groups ("Group 1", "Group 2", etc) as needed.
•For each PC you wish to move from the "Everyone" group, enter their details on the PCs screen, and assign them to the desired group.
You can limit Internet access for ALL PCs without entering ANY PC data. Simply apply the desired restrictions to the "Everyone" group.
It is also possible to define your own packet filters, and use these filters in addition to the pre- defined filters. Defining your own filters is optional.
Access Control Log
This log is accessed from the Access Control Log on the Status screen. It shows the attempted accesses which have been blocked.
This log can be used to track the operation of the Access Control feature. Data shown in this log is as follows:
•Port - The port used to gain access to this device. Possible values are LAN, WAN, WLAN (Wireless LAN), and RS232 (serial port).
•Source IP Address - The IP Address of the PC or device whose access request was blocked.
•Physical Address (Hardware Address) - The hardware address of the PC or device whose access request was blocked.
•Name - If known, the name of the device whose access was blocked. This name is taken from the Access Control database. For Wireless devices, the name is obtained from the Wireless Stations list, and so will always match the Physical (Hardware) address.
•Destination - The destination of the attempted access. Possible values are "Internet", "LAN" or "WLAN".
•"Internet" indicates an outgoing connection attempt which was blocked by the Access Control feature.
•"LAN" or "WLAN" represents an inward connection attempt which was blocked by the Firewall. These inward connection attempts are not affected by the Access Control settings.
75